about summary refs log tree commit diff
diff options
context:
space:
mode:
-rw-r--r--app/models/account.rb6
-rw-r--r--app/validators/unique_username_validator.rb14
2 files changed, 18 insertions, 2 deletions
diff --git a/app/models/account.rb b/app/models/account.rb
index c1347fe65..14269860f 100644
--- a/app/models/account.rb
+++ b/app/models/account.rb
@@ -47,7 +47,8 @@
 #
 
 class Account < ApplicationRecord
-  MENTION_RE = /(?<=^|[^\/[:word:]])@(([a-z0-9_]+)(?:@[a-z0-9\.\-]+[a-z0-9]+)?)/i
+  USERNAME_RE = /[a-z0-9_]+([a-z0-9_\.]+[a-z0-9_]+)?/i
+  MENTION_RE  = /(?<=^|[^\/[:word:]])@((#{USERNAME_RE}?)(?:@[a-z0-9\.\-]+[a-z0-9]+)?)/i
 
   include AccountAvatar
   include AccountFinderConcern
@@ -68,7 +69,8 @@ class Account < ApplicationRecord
   validates :username, uniqueness: { scope: :domain, case_sensitive: true }, if: -> { !local? && will_save_change_to_username? }
 
   # Local user validations
-  validates :username, format: { with: /\A[a-z0-9_]+\z/i }, uniqueness: { scope: :domain, case_sensitive: false }, length: { maximum: 30 }, if: -> { local? && will_save_change_to_username? }
+  validates :username, format: { with: /\A#{USERNAME_RE}\z/i }, length: { maximum: 30 }, if: -> { local? && will_save_change_to_username? }
+  validates_with UniqueUsernameValidator, if: -> { local? && will_save_change_to_username? }
   validates_with UnreservedUsernameValidator, if: -> { local? && will_save_change_to_username? }
   validates :display_name, length: { maximum: 30 }, if: -> { local? && will_save_change_to_display_name? }
   validates :note, length: { maximum: 160 }, if: -> { local? && will_save_change_to_note? }
diff --git a/app/validators/unique_username_validator.rb b/app/validators/unique_username_validator.rb
new file mode 100644
index 000000000..c76407b16
--- /dev/null
+++ b/app/validators/unique_username_validator.rb
@@ -0,0 +1,14 @@
+# frozen_string_literal: true
+
+class UniqueUsernameValidator < ActiveModel::Validator
+  def validate(account)
+    return if account.username.nil?
+
+    normalized_username = account.username.downcase.delete('.')
+
+    scope = Account.where(domain: nil, username: normalized_username)
+    scope = scope.where.not(id: account.id) if account.persisted?
+
+    account.errors.add(:username, :taken) if scope.exists?
+  end
+end