Description
Description
Hi,
I encountered an issue with user synchronisation with our Active Directory since we upgraded to v1.19 in the logs:
Error creating user _XYZ: name is invalid [XYZ]: must be valid alpha or numeric or dash(-) or dot characters
(username sanitized for privacy)
The error message is misleading as _ is stated as valid character but is clearly the culprit here. Trying to add a local user with leading underscore fails with a much better error message:
Username can only contain alphanumeric chars ('0-9','a-z','A-Z'), dash ('-'), underscore ('_') and dot ('.'). It cannot begin or end with non-alphanumeric chars, and consecutive non-alphanumeric chars are also forbidden.
I dug into the source and uncovered the following commit which changed the valid username logic in v1.19:
2900dc9
This makes it impossible to create users with leading or trailing non-alphanumeric characters. Already existing users with leading or trailing non-alphanumeric characters still work, but we cannot create new ones. This breaks functionality because in our organization technical accounts (e.g. for CI integration) have to start with an underscore in our LDAP, it's policy and I cannot change that.
The commit message which introduced this new behaviour does not state why _ is now forbidden, I can only see a mention in the release notes, but not why this is introduced.
Why was this introduced and is there any chance we can get leading underscore back as a valid username as this breaks existing functionality in our org?
Gitea Version
v1.19.0
Can you reproduce the bug on the Gitea demo site?
Yes
Log Gist
No response
Screenshots
No response
Git Version
2.21.0.windows.1
Operating System
Win Server 2019
How are you running Gitea?
locally installed as Windows service
Database
MSSQL