Added validation for username and email max length.

LMS-1479

Added validation for username and email max length.
LMS-1479
874d7360 · Waheed Ahmed · 663671ec · 874d7360 · 874d7360 · 874d7360
Commit 874d7360 authored Feb 21, 2014 by Waheed Ahmed
4 changed files
--- a/common/djangoapps/student/tests/test_long_username_email.py
+++ b/common/djangoapps/student/tests/test_long_username_email.py
+# -*- coding: utf-8 -*-
+import json
+from django.test import TestCase
+from django.core.urlresolvers import reverse
+class TestLongUsernameEmail(TestCase):
+    def setUp(self):
+        self.url = reverse('create_account')
+        self.url_params = {
+            'username': 'username',
+            'email': 'foo_bar' + '@bar.com',
+            'name': 'foo bar',
+            'password': '123',
+            'terms_of_service': 'true',
+            'honor_code': 'true',
+        }
+    def test_long_username(self):
+        """
+        Test username cannot be more than 30 characters long.
+        """
+        self.url_params['username'] = 'username' * 4
+        response = self.client.post(self.url, self.url_params)
+        # Status code should be 400.
+        self.assertEqual(response.status_code, 400)
+        obj = json.loads(response.content)
+        self.assertEqual(
+            obj['value'],
+            "Username cannot be more than 30 characters long",
+        )
+    def test_long_email(self):
+        """
+        Test email cannot be more than 75 characters long.
+        """
+        self.url_params['email'] = '{0}@bar.com'.format('foo_bar' * 15)
+        response = self.client.post(self.url, self.url_params)
+        # Status code should be 400.
+        self.assertEqual(response.status_code, 400)
+        obj = json.loads(response.content)
+        self.assertEqual(
+            obj['value'],
+            "Email cannot be more than 75 characters long",
+        )
--- a/common/djangoapps/student/tests/test_password_policy.py
+++ b/common/djangoapps/student/tests/test_password_policy.py
@@ -3,8 +3,6 @@
 This test file will verify proper password policy enforcement, which is an option feature
 """
 import json
-import uuid
 from django.test import TestCase
 from django.core.urlresolvers import reverse
 from mock import patch
@@ -19,9 +17,10 @@ class TestPasswordPolicy(TestCase):
    def setUp(self):
        super(TestPasswordPolicy, self).setUp()
        self.url = reverse('create_account')
        self.url_params = {
-            'username': 'foo_bar' + uuid.uuid4().hex,
+            'username': 'username',
-            'email': 'foo' + uuid.uuid4().hex + '@bar.com',
+            'email': 'foo_bar@bar.com',
            'name': 'username',
            'terms_of_service': 'true',
            'honor_code': 'true',

--- a/common/djangoapps/student/views.py
+++ b/common/djangoapps/student/views.py
@@ -1080,6 +1080,19 @@ def create_account(request, post_override=None):
            js['field'] = field_name
            return JsonResponse(js, status=400)
+        max_length = 75
+        if field_name == 'username':
+            max_length = 30
+        if field_name in ('email', 'username') and len(post_vars[field_name]) > max_length:
+            error_str = {
+                'username': _('Username cannot be more than {0} characters long').format(max_length),
+                'email': _('Email cannot be more than {0} characters long').format(max_length)
+            }
+            js['value'] = error_str[field_name]
+            js['field'] = field_name
+            return JsonResponse(js, status=400)
    try:
        validate_email(post_vars['email'])
    except ValidationError:

--- a/lms/djangoapps/courseware/tests/test_registration_extra_vars.py
+++ b/lms/djangoapps/courseware/tests/test_registration_extra_vars.py
@@ -3,8 +3,6 @@
 Tests for extra registration variables
 """
 import json
-import uuid
 from django.conf import settings
 from django.test import TestCase
 from django.core.urlresolvers import reverse
@@ -18,11 +16,11 @@ class TestExtraRegistrationVariables(TestCase):
    def setUp(self):
        super(TestExtraRegistrationVariables, self).setUp()
        self.url = reverse('create_account')
-        username = 'foo_bar' + uuid.uuid4().hex
        self.url_params = {
-            'username': username,
+            'username': 'username',
-            'name': username,
+            'name': 'name',
-            'email': 'foo' + uuid.uuid4().hex + '@bar.com',
+            'email': 'foo_bar@bar.com',
            'password': 'password',
            'terms_of_service': 'true',
            'honor_code': 'true',