In TPac, enforce the "username can't look like a barcode" rule.
Add new setting for username validation. If set, usernames must match.
Add patron registration checks for usernames:
No spaces
If set, can look like a barcode (initial/no username picked)
If set, can look like a username
If both set, must look like one of them
Signed-off-by: Thomas Berezansky <tsbere@mvlc.org>
Signed-off-by: Bill Erickson <berick@esilibrary.com>
return Apache2::Const::OK;
}
+ # New username can't look like a barcode if we have a barcode regex
+ my $regex_check = $ctx->{get_org_setting}->($e->requestor->home_ou, 'opac.barcode_regex');
+ if($regex_check and $username =~ /$regex_check/) {
+ $ctx->{invalid_username} = $username;
+ return Apache2::Const::OK;
+ }
+
+ # New username has to look like a username if we have a username regex
+ $regex_check = $ctx->{get_org_setting}->($e->requestor->home_ou, 'opac.username_regex');
+ if($regex_check and $username !~ /$regex_check/) {
+ $ctx->{invalid_username} = $username;
+ return Apache2::Const::OK;
+ }
+
if($username ne $e->requestor->usrname) {
my $evt = $U->simplereq(
'coust', 'description'),
'interval', null)
+,( 'opac.username_regex', 'glob',
+ oils_i18n_gettext('opac.username_regex',
+ 'Patron username format',
+ 'coust', 'label'),
+ oils_i18n_gettext('opac.username_regex',
+ 'Regular expression defining the patron username format, used for patron registration and self-service username changing only',
+ 'coust', 'description'),
+ 'string', null)
+
,( 'org.bounced_emails', 'prog',
oils_i18n_gettext('org.bounced_emails',
'Sending email address for patron notices',
[% IF ctx.invalid_username %]
<div id='account-update-email-error'> <!-- borrow css from update-email page -->
[% bad_user = ctx.invalid_username | html %]
- [% l('"<b>[_1]</b>" is not a valid username. Usernames cannot have any spaces. Please try a different username.', bad_user) %]
+ [% l('"<b>[_1]</b>" is not a valid username. Usernames cannot have any spaces or look like a barcode. Please try a different username.', bad_user) %]
</div>
[% ELSIF ctx.username_exists %]
'ui.patron.edit.aua.post_code.example',
'ui.patron.edit.aua.county.require',
'format.date',
- 'ui.patron.edit.default_suggested'
+ 'ui.patron.edit.default_suggested',
+ 'opac.barcode_regex',
+ 'opac.username_regex'
]);
for(k in orgSettings)
switch(fmfield) {
case 'usrname':
+ widget.widget.isValid = function() {
+ // No spaces
+ if(this.attr("value").match(/\s/)) {
+ return false;
+ }
+ // Can look like a barcode (for initial value)
+ if(orgSettings['opac.barcode_regex']) {
+ var test_regexp = new RegExp(orgSettings['opac.barcode_regex']);
+ if(test_regexp.test(this.attr("value"))) {
+ return true;
+ }
+ }
+ // Can look like a username
+ if(orgSettings['opac.username_regex']) {
+ var test_regexp = new RegExp(orgSettings['opac.username_regex']);
+ if(test_regexp.test(this.attr("value"))) {
+ return true;
+ }
+ }
+ // If we know what a barcode and username look like and we got here, reject
+ if(orgSettings['opac.barcode_regex'] && orgSettings['opac.username_regex'])
+ return false;
+ // Otherwise we don't have enough info to say either way, let it through.
+ return true;
+ }
dojo.connect(widget.widget, 'onChange',
function() {
var input = findWidget('au', 'usrname');
return;
}
+ r = fetchOrgSettingDefault(G.user.home_ou(), 'opac.username_regex');
+ if(r) {
+ if(!username.match(new RegExp(r))) {
+ alert($('myopac_invalid_username').innerHTML);
+ return;
+ }
+ }
+
/* first see if the requested username is taken */
var req = new Request(CHECK_USERNAME, G.user.session, username);
req.send(true);
projects / working / Evergreen.git / commitdiff