From 989011766ebbf5efa9a84c90d62231c0c2c38006 Mon Sep 17 00:00:00 2001 From: Louis Chmn Date: Wed, 5 Nov 2025 18:31:38 +0100 Subject: [PATCH] feat(group): Sanitize group names and ids on creation It does not make sense to allow group name with weird white space sequence going forward. Same for group ids, in which we do not really want white space. Signed-off-by: Louis Chmn --- lib/private/Group/Database.php | 16 +++++++++++++--- tests/lib/Group/DatabaseTest.php | 13 +++++++++++++ 2 files changed, 26 insertions(+), 3 deletions(-) diff --git a/lib/private/Group/Database.php b/lib/private/Group/Database.php index 62a3990c319..e453695065e 100644 --- a/lib/private/Group/Database.php +++ b/lib/private/Group/Database.php @@ -67,6 +67,7 @@ class Database extends ABackend implements public function createGroup(string $name): ?string { $this->fixDI(); + $name = $this->sanitizeGroupName($name); $gid = $this->computeGid($name); try { // Add group @@ -586,12 +587,21 @@ class Database extends ABackend implements return 'Database'; } + /** + * Merge any white spaces to a single space in group name, then trim it. + */ + private function sanitizeGroupName(string $displayName): string { + $cleanedDisplayName = preg_replace('/\s+/', ' ', $displayName); + return trim($cleanedDisplayName); + } + /** * Compute group ID from display name (GIDs are limited to 64 characters in database) */ private function computeGid(string $displayName): string { - return mb_strlen($displayName) > 64 - ? hash('sha256', $displayName) - : $displayName; + $displayNameWithoutWhitespace = preg_replace('/\s+/', '_', $displayName); + return mb_strlen($displayNameWithoutWhitespace) > 64 + ? hash('sha256', $displayNameWithoutWhitespace) + : $displayNameWithoutWhitespace; } } diff --git a/tests/lib/Group/DatabaseTest.php b/tests/lib/Group/DatabaseTest.php index b8ec53f0d0d..50661f7a636 100644 --- a/tests/lib/Group/DatabaseTest.php +++ b/tests/lib/Group/DatabaseTest.php @@ -57,4 +57,17 @@ class DatabaseTest extends Backend { $group = $this->backend->getGroupDetails($gidCreated); $this->assertEquals(['displayName' => $groupName], $group); } + + public function testWhiteSpaceInGroupName(): void { + $randomId = $this->getUniqueID('test_', 10); + $groupName = " group name with weird spaces \n" . $randomId; + $expectedGroupName = 'group name with weird spaces ' . $randomId; + $expectedGroupId = 'group_name_with_weird_spaces_' . $randomId; + + $gidCreated = $this->backend->createGroup($groupName); + $this->assertEquals($expectedGroupId, $gidCreated); + + $group = $this->backend->getGroupDetails($gidCreated); + $this->assertEquals(['displayName' => $expectedGroupName], $group); + } }