Support "." char as user name for User/Orgs in RSS/ATOM/GPG/KEYS path ...

build.go

@@ -1,7 +1,6 @@
 // Copyright 2020 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-
 //go:build vendor
 
 package main

models/fixtures/action.yml

@@ -64,3 +64,12 @@
   repo_id: 1700 # dangling intentional
   is_private: false
   created_unix: 1603011541
+
+- id: 9
+  user_id: 34
+  op_type: 12 # close issue
+  act_user_id: 34
+  repo_id: 1 # public
+  is_private: false
+  created_unix: 1680454039
+  content: '4|' # issueId 5

models/fixtures/user.yml

@@ -1220,3 +1220,41 @@
   repo_admin_change_team_access: false
   theme: ""
   keep_activity_private: false
+
+-
+  id: 34
+  lower_name: the_34-user.with.all.allowedchars
+  name: the_34-user.with.all.allowedChars
+  full_name: the_1-user.with.all.allowedChars
+  description: 'some [commonmark](https://commonmark.org/)!'
+  email: user34@example.com
+  keep_email_private: false
+  email_notifications_preference: enabled
+  passwd: ZogKvWdyEx:password
+  passwd_hash_algo: dummy
+  must_change_password: false
+  login_source: 0
+  login_name: the_34-user.with.all.allowedchars
+  type: 0
+  salt: ZogKvWdyEx
+  max_repo_creation: -1
+  is_active: true
+  is_admin: false
+  is_restricted: false
+  allow_git_hook: false
+  allow_import_local: false
+  allow_create_organization: false
+  prohibit_login: false
+  avatar: avatar34
+  avatar_email: user34@example.com
+  use_custom_avatar: true
+  num_followers: 0
+  num_following: 0
+  num_stars: 0
+  num_repos: 0
+  num_teams: 0
+  num_members: 0
+  visibility: 0
+  repo_admin_change_team_access: false
+  theme: ""
+  keep_activity_private: false

models/user/user.go

@@ -537,6 +537,7 @@ var (
 		"gitea-actions",
 	}
 
+	// DON'T ADD ANY NEW STUFF, WE SOLVE THIS WITH `/user/{obj}` PATHS!
 	reservedUserPatterns = []string{"*.keys", "*.gpg", "*.rss", "*.atom"}
 )
 

models/user/user_test.go

@@ -99,13 +99,13 @@ func TestSearchUsers(t *testing.T) {
 	}
 
 	testUserSuccess(&user_model.SearchUserOptions{OrderBy: "id ASC", ListOptions: db.ListOptions{Page: 1}},
-		[]int64{1, 2, 4, 5, 8, 9, 10, 11, 12, 13, 14, 15, 16, 18, 20, 21, 24, 27, 28, 29, 30, 32})
+		[]int64{1, 2, 4, 5, 8, 9, 10, 11, 12, 13, 14, 15, 16, 18, 20, 21, 24, 27, 28, 29, 30, 32, 34})
 
 	testUserSuccess(&user_model.SearchUserOptions{ListOptions: db.ListOptions{Page: 1}, IsActive: util.OptionalBoolFalse},
 		[]int64{9})
 
 	testUserSuccess(&user_model.SearchUserOptions{OrderBy: "id ASC", ListOptions: db.ListOptions{Page: 1}, IsActive: util.OptionalBoolTrue},
-		[]int64{1, 2, 4, 5, 8, 10, 11, 12, 13, 14, 15, 16, 18, 20, 21, 24, 27, 28, 29, 30, 32})
+		[]int64{1, 2, 4, 5, 8, 10, 11, 12, 13, 14, 15, 16, 18, 20, 21, 24, 27, 28, 29, 30, 32, 34})
 
 	testUserSuccess(&user_model.SearchUserOptions{Keyword: "user1", OrderBy: "id ASC", ListOptions: db.ListOptions{Page: 1}, IsActive: util.OptionalBoolTrue},
 		[]int64{1, 10, 11, 12, 13, 14, 15, 16, 18})

routers/web/feed/profile.go

@@ -8,6 +8,8 @@ import (
 
 	activities_model "code.gitea.io/gitea/models/activities"
 	"code.gitea.io/gitea/modules/context"
+	"code.gitea.io/gitea/modules/markup"
+	"code.gitea.io/gitea/modules/markup/markdown"
 
 	"github.com/gorilla/feeds"
 )
@@ -39,10 +41,22 @@ func showUserFeed(ctx *context.Context, formatType string) {
 		return
 	}
 
+	ctxUserDescription, err := markdown.RenderString(&markup.RenderContext{
+		Ctx:       ctx,
+		URLPrefix: ctx.ContextUser.HTMLURL(),
+		Metas: map[string]string{
+			"user": ctx.ContextUser.GetDisplayName(),
+		},
+	}, ctx.ContextUser.Description)
+	if err != nil {
+		ctx.ServerError("RenderString", err)
+		return
+	}
+
 	feed := &feeds.Feed{
 		Title:       ctx.Tr("home.feed_of", ctx.ContextUser.DisplayName()),
 		Link:        &feeds.Link{Href: ctx.ContextUser.HTMLURL()},
-		Description: ctx.ContextUser.Description,
+		Description: ctxUserDescription,
 		Created:     time.Now(),
 	}
 

routers/web/web.go

@@ -8,6 +8,7 @@ import (
 	"net/http"
 	"os"
 	"path"
+	"strings"
 
 	"code.gitea.io/gitea/models/perm"
 	"code.gitea.io/gitea/models/unit"
@@ -535,6 +536,7 @@ func RegisterRoutes(m *web.Route) {
 		m.Get("/activate", auth.Activate)
 		m.Post("/activate", auth.ActivatePost)
 		m.Any("/activate_email", auth.ActivateEmail)
+		m.Get("/avatar/{username}", user.AvatarByUserName)
 		m.Get("/avatar/{username}/{size}", user.AvatarByUserName)
 		m.Get("/recover_account", auth.ResetPasswd)
 		m.Post("/recover_account", auth.ResetPasswdPost)
@@ -672,16 +674,43 @@ func RegisterRoutes(m *web.Route) {
 			})
 			http.ServeFile(ctx.Resp, ctx.Req, path.Join(setting.StaticRootPath, "public/img/favicon.png"))
 		})
-		m.Group("/{username}", func() {
-			m.Get(".png", user.AvatarByUserName)
-			m.Get(".keys", user.ShowSSHKeys)
-			m.Get(".gpg", user.ShowGPGKeys)
-			m.Get(".rss", feedEnabled, feed.ShowUserFeedRSS)
-			m.Get(".atom", feedEnabled, feed.ShowUserFeedAtom)
-			m.Get("", user.Profile)
-		}, func(ctx *context.Context) {
-			ctx.Data["EnableFeed"] = setting.EnableFeed
-		}, context_service.UserAssignmentWeb())
+		m.Get("/{username}", func(ctx *context.Context) {
+			// WORKAROUND to support usernames with "." in it
+			// https://github.com/go-chi/chi/issues/781
+			username := ctx.Params("username")
+			reloadParam := func(suffix string) (success bool) {
+				ctx.SetParams("username", strings.TrimSuffix(username, suffix))
+				context_service.UserAssignmentWeb()(ctx)
+				return !ctx.Written()
+			}
+			switch {
+			case strings.HasSuffix(username, ".keys"):
+				if reloadParam(".keys") {
+					user.ShowSSHKeys(ctx)
+				}
+			case strings.HasSuffix(username, ".gpg"):
+				if reloadParam(".gpg") {
+					user.ShowGPGKeys(ctx)
+				}
+			case strings.HasSuffix(username, ".rss"):
+				feedEnabled(ctx)
+				if !ctx.Written() && reloadParam(".rss") {
+					context_service.UserAssignmentWeb()(ctx)
+					feed.ShowUserFeedRSS(ctx)
+				}
+			case strings.HasSuffix(username, ".atom"):
+				feedEnabled(ctx)
+				if !ctx.Written() && reloadParam(".atom") {
+					feed.ShowUserFeedAtom(ctx)
+				}
+			default:
+				context_service.UserAssignmentWeb()(ctx)
+				if !ctx.Written() {
+					ctx.Data["EnableFeed"] = setting.EnableFeed
+					user.Profile(ctx)
+				}
+			}
+		})
 		m.Get("/attachments/{uuid}", repo.GetAttachment)
 	}, ignSignIn)
 

tests/integration/api_nodeinfo_test.go

@@ -33,7 +33,7 @@ func TestNodeinfo(t *testing.T) {
 		DecodeJSON(t, resp, &nodeinfo)
 		assert.True(t, nodeinfo.OpenRegistrations)
 		assert.Equal(t, "gitea", nodeinfo.Software.Name)
-		assert.Equal(t, 24, nodeinfo.Usage.Users.Total)
+		assert.Equal(t, 25, nodeinfo.Usage.Users.Total)
 		assert.Equal(t, 18, nodeinfo.Usage.LocalPosts)
 		assert.Equal(t, 2, nodeinfo.Usage.LocalComments)
 	})

tests/integration/setting_test.go

@@ -25,7 +25,7 @@ func TestSettingShowUserEmailExplore(t *testing.T) {
 	htmlDoc := NewHTMLParser(t, resp.Body)
 	assert.Contains(t,
 		htmlDoc.doc.Find(".ui.user.list").Text(),
-		"user4@example.com",
+		"user34@example.com",
 	)
 
 	setting.UI.ShowUserEmail = false
@@ -35,7 +35,7 @@ func TestSettingShowUserEmailExplore(t *testing.T) {
 	htmlDoc = NewHTMLParser(t, resp.Body)
 	assert.NotContains(t,
 		htmlDoc.doc.Find(".ui.user.list").Text(),
-		"user4@example.com",
+		"user34@example.com",
 	)
 
 	setting.UI.ShowUserEmail = showUserEmail

tests/integration/user_avatar_test.go

@@ -5,6 +5,7 @@ package integration
 
 import (
 	"bytes"
+	"fmt"
 	"image/png"
 	"io"
 	"mime/multipart"
@@ -77,6 +78,16 @@ func TestUserAvatar(t *testing.T) {
 		req = NewRequest(t, "GET", user2.AvatarLinkWithSize(db.DefaultContext, 0))
 		_ = session.MakeRequest(t, req, http.StatusOK)
 
+		testGetAvatarRedirect(t, user2)
+
 		// Can't test if the response matches because the image is re-generated on upload but checking that this at least doesn't give a 404 should be enough.
 	})
 }
+
+func testGetAvatarRedirect(t *testing.T, user *user_model.User) {
+	t.Run(fmt.Sprintf("getAvatarRedirect_%s", user.Name), func(t *testing.T) {
+		req := NewRequestf(t, "GET", "/user/avatar/%s", user.Name)
+		resp := MakeRequest(t, req, http.StatusSeeOther)
+		assert.EqualValues(t, fmt.Sprintf("/avatars/%s", user.Avatar), resp.Header().Get("location"))
+	})
+}

tests/integration/user_test.go

@@ -241,6 +241,19 @@ func testExportUserGPGKeys(t *testing.T, user, expected string) {
 	assert.Equal(t, expected, resp.Body.String())
 }
 
+func TestGetUserRss(t *testing.T) {
+	user34 := "the_34-user.with.all.allowedChars"
+	req := NewRequestf(t, "GET", "/%s.rss", user34)
+	resp := MakeRequest(t, req, http.StatusOK)
+	if assert.EqualValues(t, "application/rss+xml;charset=utf-8", resp.Header().Get("Content-Type")) {
+		rssDoc := NewHTMLParser(t, resp.Body).Find("channel")
+		title, _ := rssDoc.ChildrenFiltered("title").Html()
+		assert.EqualValues(t, "Feed of "the_1-user.with.all.allowedChars"", title)
+		description, _ := rssDoc.ChildrenFiltered("description").Html()
+		assert.EqualValues(t, "<p>some <a href="https://commonmark.org/" rel="nofollow">commonmark</a>!</p>\n", description)
+	}
+}
+
 func TestListStopWatches(t *testing.T) {
 	defer tests.PrepareTestEnv(t)()