From: Wolfgang Bumiller <w.bumiller@proxmox.com>
Date: Fri, 9 Feb 2018 10:08:30 +0000 (+0100)
Subject: UserConfig: virify: check username vs userid
X-Git-Url: https://git.proxmox.com/?a=commitdiff_plain;h=5ede024956dc307f06cfe741a2fcca21fecdfd83;hp=71d9a7583b5c0a464372852b1132a11e39618a38;p=pmg-api.git

UserConfig: virify: check username vs userid

Since we have both userid and username in the schema and
both have a minimum length of 4, creating a user named 'foo'
was previously possible because the 'username' property was
not checked. Loading the file back in then failed because at
load time, the username 'foo' was too short.

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
---

diff --git a/PMG/UserConfig.pm b/PMG/UserConfig.pm
index f1134e4..8ccb8f5 100644
--- a/PMG/UserConfig.pm
+++ b/PMG/UserConfig.pm
@@ -133,6 +133,15 @@ my $verity_entry = sub {
     my ($entry) = @_;
 
     my $errors = {};
+    my $userid = $entry->{userid};
+    if (defined(my $username = $entry->{username})) {
+	if ($userid !~ /^\Q$username\E\@/) {
+	    $errors->{'username'} = 'invalid username for userid';
+	}
+    } else {
+	# make sure the username's length is checked
+	$entry->{username} = ($userid =~ s/\@.*$//r);
+    }
     PVE::JSONSchema::check_prop($entry, $schema, '', $errors);
     if (scalar(%$errors)) {
 	raise "verify entry failed\n", errors => $errors;