gnh1201/mastodon
1
0
Fork 0
mirror of https://github.com/mastodon/mastodon.git synced 2025-09-06 01:41:08 +00:00
Code Issues Actions 25 Packages Projects Releases Wiki Activity

Fix tootctl admin create not bypassing reserved username checks (#35779)

Browse Source
This commit is contained in:
Claire 2025-08-14 15:35:19 +02:00 committed by GitHub
parent ac0581fd22
commit b0ce1ce49d
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with 10 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
app/models/account.rb
View File

@ -116,7 +116,7 @@ class Account < ApplicationRecord
# Local user validations
validates :username, format: { with: /\A[a-z0-9_]+\z/i }, length: { maximum: USERNAME_LENGTH_LIMIT }, if: -> { local? && will_save_change_to_username? && !actor_type_application? }
validates_with UnreservedUsernameValidator, if: -> { local? && will_save_change_to_username? && !actor_type_application? }
validates_with UnreservedUsernameValidator, if: -> { local? && will_save_change_to_username? && !actor_type_application? && !user&.bypass_registration_checks }
validates :display_name, length: { maximum: DISPLAY_NAME_LENGTH_LIMIT }, if: -> { local? && will_save_change_to_display_name? }
validates :note, note_length: { maximum: NOTE_LENGTH_LIMIT }, if: -> { local? && will_save_change_to_note? }
validates :fields, length: { maximum: DEFAULT_FIELDS_SIZE }, if: -> { local? && will_save_change_to_fields? }

11
spec/lib/mastodon/cli/accounts_spec.rb
View File

@ -32,6 +32,7 @@ RSpec.describe Mastodon::CLI::Accounts do
describe '#create' do
let(:action) { :create }
let(:username) { 'tootctl_username' }
shared_examples 'a new user with given email address and username' do
it 'creates user and accounts from options and displays success message' do
@ -48,18 +49,24 @@ RSpec.describe Mastodon::CLI::Accounts do
end
def account_from_options
Account.find_local('tootctl_username')
Account.find_local(username)
end
end
context 'when required USERNAME and --email are provided' do
let(:arguments) { ['tootctl_username'] }
let(:arguments) { [username] }
context 'with USERNAME and --email only' do
let(:options) { { email: 'tootctl@example.com' } }
it_behaves_like 'a new user with given email address and username'
context 'with a reserved username' do
let(:username) { 'security' }
it_behaves_like 'a new user with given email address and username'
end
context 'with invalid --email value' do
let(:options) { { email: 'invalid' } }