[GH-ISSUE #516] Unable to access user if white spaces are in username. #189

New issue

Closed

opened 2026-02-27 08:15:46 +03:00 by kerem · 5 comments

kerem commented 2026-02-27 08:15:46 +03:00

Owner

Copy link

Originally created by @Normanras on GitHub (Mar 31, 2023).
Original GitHub issue: https://github.com/lldap/lldap/issues/516

The CreateUserModel doesn't explicitly require the use or non-use of white spaces in a username. I believe this function is for creating the user.

However, after the user is created, if you try to click on the user to change other values, I get this error:
Error: Error getting user details: Errors: [user:2:3: Entity not found: 'test%20user%20with%20spaces']

I've attached screenshots of the three steps to recreate:

1. Create a user with whitespaces in the username field.
2. Save that user & verify they are in the users list on the dashboard.
3. Click that user's username to access the user's settings.

I'm happy to open a PR for this fix, but I think @nitnelave and any other core devs need to make a decision on whitespaces in username. This may be related to issue #239 .

The possible options I'm thinking of:

1. validate or assert that the String.contains(char::is_whitespace)); and throw an error
2. Automatically replace() & remove the whitespaces
3. Allow whitespaces & update the db to allow them.
4. Something else I'm missing?

My assumption with a username is that whitespaces should not be allowed as I've yet to see a unique username with a whitespace.

Screenshots. First, add the user:

Second, click save and verify the user is on the dashboard:

Third, click on the user:

Originally created by @Normanras on GitHub (Mar 31, 2023). Original GitHub issue: https://github.com/lldap/lldap/issues/516 The `CreateUserModel` doesn't explicitly require the use or non-use of white spaces in a username. I believe [this function](https://github.com/lldap/lldap/blob/main/app/src/components/create_user.rs#L32) is for creating the user. However, after the user is created, if you try to click on the user to change other values, I get this error: `Error: Error getting user details: Errors: [user:2:3: Entity not found: 'test%20user%20with%20spaces']` I've attached screenshots of the three steps to recreate: 1. Create a user with whitespaces in the `username` field. 2. Save that user & verify they are in the users list on the dashboard. 3. Click that user's username to access the user's settings. I'm happy to open a PR for this fix, but I think @nitnelave and any other core devs need to make a decision on whitespaces in username. This _may_ be related to issue #239 . The possible options I'm thinking of: 1. `validate` or `assert` that the `String.contains(char::is_whitespace));` and throw an error 2. Automatically `replace()` & remove the whitespaces 3. Allow whitespaces & update the db to allow them. 4. Something else I'm missing? My assumption with a username is that whitespaces should not be allowed as I've yet to see a unique username with a whitespace. Screenshots. First, add the user:  Second, click save and verify the user is on the dashboard:  Third, click on the user: 

kerem 2026-02-27 08:15:46 +03:00

• closed this issue
• added the
  bug
  good first issue
  frontend
  labels

kerem commented 2026-02-27 08:15:46 +03:00

Author

Owner

Copy link

@nitnelave commented on GitHub (Mar 31, 2023):

Yep, definitely needs more restrictions on the username.

<!-- gh-comment-id:1492380251 --> @nitnelave commented on GitHub (Mar 31, 2023): Yep, definitely needs more restrictions on the username.

kerem commented 2026-02-27 08:15:46 +03:00

Author

Owner

Copy link

@pixelrazor commented on GitHub (Mar 31, 2023):

I agree re: restrictions. As far as the actual bug here, i think the frontend is doing some escaping of the spaces which is causing it to not work as intended. I'd imagine spaces SHOULD work just fine, but i wouldn't be surprised if thre's actual issues beyond the escaping of the chars in the frontend

<!-- gh-comment-id:1492418667 --> @pixelrazor commented on GitHub (Mar 31, 2023): I agree re: restrictions. As far as the actual bug here, i think the frontend is doing some escaping of the spaces which is causing it to not work as intended. I'd imagine spaces SHOULD work just fine, but i wouldn't be surprised if thre's actual issues beyond the escaping of the chars in the frontend

kerem commented 2026-02-27 08:15:47 +03:00

Author

Owner

Copy link

@Normanras commented on GitHub (Mar 31, 2023):

I'm happy to let you guys point me where to start. I can add to the validator, forcing the user to remove the whitespaces.

Given that all my other usernames without whitespaces don't throw the error, that could cover it for the time being.

<!-- gh-comment-id:1492554688 --> @Normanras commented on GitHub (Mar 31, 2023): I'm happy to let you guys point me where to start. I can add to the validator, forcing the user to remove the whitespaces. Given that all my other usernames without whitespaces don't throw the error, that could cover it for the time being.

kerem commented 2026-02-27 08:15:47 +03:00

Author

Owner

Copy link

@pixelrazor commented on GitHub (Apr 1, 2023):

If you want to tackle it:
The form lib uses this to validate https://github.com/Keats/validator

It should just be a simple addition to the user_details_form. The form struct should already have a validator on email iirc. You can probably validate with does_not_contain

<!-- gh-comment-id:1492756531 --> @pixelrazor commented on GitHub (Apr 1, 2023): If you want to tackle it: The form lib uses this to validate https://github.com/Keats/validator It should just be a simple addition to the user_details_form. The form struct should already have a validator on email iirc. You can probably validate with does_not_contain

kerem commented 2026-02-27 08:15:47 +03:00

Author

Owner

Copy link

@nitnelave commented on GitHub (Apr 10, 2023):

I fixed the underlying encoding issue, but we still need the username validation. Let's do that as part of #239 though.

<!-- gh-comment-id:1502034302 --> @nitnelave commented on GitHub (Apr 10, 2023): I fixed the underlying encoding issue, but we still need the username validation. Let's do that as part of #239 though.

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

main

dependabot/github_actions/codecov/codecov-action-6

copilot/fix-equality-filters-list-attributes

dependabot/github_actions/docker/build-push-action-7

dependabot/github_actions/docker/metadata-action-6

dependabot/github_actions/docker/setup-buildx-action-4

dependabot/github_actions/docker/login-action-4

copilot/update-download-artifact-action

copilot/fix-opensuse-warnings

copilot/fix-1268

copilot/fix-727

copilot/fix-898

copilot/fix-1256

copilot/fix-1251

copilot/fix-1249

copilot/fix-1206

user-attribute-form

user-ui

group-ui

server-user-attribute-schema

crates

haveibeenpwned

v0.6.2

v0.6.1

v0.6.0

v0.5.0

v0.4.3

v0.4.2

v0.4.1

v0.4.0

v0.3.0

v0.2.0

v0.0.1

Labels

Clear labels   

backend

  

blocked

  

bug

  

cleanup

  

dependencies

  

docker

  

documentation

  

duplicate

  

enhancement

  

enhancement

  

frontend

  

github_actions

  

good first issue

  

help wanted

  

help wanted

  

integration

  

invalid

  

ldap

  

pull-request

Mirrored from GitHub Pull Request

  

question

  

rust

  

rust

  

tests

  

wontfix

No labels

backend

blocked

bug

cleanup

dependencies

docker

documentation

duplicate

enhancement

enhancement

frontend

github_actions

good first issue

help wanted

help wanted

integration

invalid

ldap

pull-request

question

rust

rust

tests

wontfix

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

starred/lldap-lldap#189

No description provided.