Merge pull request #602 from theasci/fix-user-validation-regression

Fix regression in username validation
xbezdick · Nov 14, 2014 · 22b07ae · 22b07ae
2 parents 89762a7 + 4f0d431
commit 22b07ae
Show file tree

Hide file tree

Showing 2 changed files with 11 additions and 3 deletions.
diff --git a/lib/puppet/type/mysql_user.rb b/lib/puppet/type/mysql_user.rb
@@ -13,9 +13,7 @@
       # Regex should problably be more like this: /^[`'"]?[^`'"]*[`'"]?@[`'"]?[\w%\.]+[`'"]?$/
       # If at least one special char is used, string must be quoted
       raise(ArgumentError, "Database user #{value} must be quotted as it contains special characters") if value =~ /^[^'`"].*[^0-9a-zA-Z$_].*[^'`"]@[\w%\.:]+/
-      # If no special char, quoted is not needed, but allowed
-      # I don't see any case where this could happen, as it should be covered by previous check
-      raise(ArgumentError, "Invalid database user #{value}") unless value =~ /^['`"]?[0-9a-zA-Z$_]*['`"]?@[\w%\.:]+/
+      raise(ArgumentError, "Invalid database user #{value}") unless value =~ /^(?:['`"][^'`"]*['`"]|[0-9a-zA-Z$_]*)@[\w%\.:]+/
       username = value.split('@')[0]
       if username.size > 16
         raise ArgumentError, 'MySQL usernames are limited to a maximum of 16 characters'

diff --git a/spec/unit/puppet/type/mysql_user_spec.rb b/spec/unit/puppet/type/mysql_user_spec.rb
@@ -49,6 +49,16 @@
     end
   end
 
+  context 'using `speci!al#`@localhost' do
+    before :each do
+      @user = Puppet::Type.type(:mysql_user).new(:name => '`speci!al#`@localhost', :password_hash => 'pass')
+    end
+
+    it 'should accept a quoted user name with special chatracters' do
+      expect(@user[:name]).to eq('`speci!al#`@localhost')
+    end
+  end
+
   context 'using in-valid@localhost' do
     it 'should fail with an unquotted username with special char' do
       expect {