UserConfig: virify: check username vs userid

Since we have both userid and username in the schema and
both have a minimum length of 4, creating a user named 'foo'
was previously possible because the 'username' property was
not checked. Loading the file back in then failed because at
load time, the username 'foo' was too short.

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>

diff --git a/PMG/UserConfig.pm b/PMG/UserConfig.pm
index f1134e4aac9e8ee7a7b62f8f47d03b1f54ba0123..8ccb8f5fc93921b5f4fbddfff5ce370c7203bb17 100644 (file)
--- a/PMG/UserConfig.pm
+++ b/PMG/UserConfig.pm
@@ -133,6 +133,15 @@ my $verity_entry = sub {
     my ($entry) = @_;
 
     my $errors = {};
+    my $userid = $entry->{userid};
+    if (defined(my $username = $entry->{username})) {
+       if ($userid !~ /^\Q$username\E\@/) {
+           $errors->{'username'} = 'invalid username for userid';
+       }
+    } else {
+       # make sure the username's length is checked
+       $entry->{username} = ($userid =~ s/\@.*$//r);
+    }
     PVE::JSONSchema::check_prop($entry, $schema, '', $errors);
     if (scalar(%$errors)) {
        raise "verify entry failed\n", errors => $errors;