Sep 4, 2024 · Sep 4, 2024 · Sep 4, 2024
diff --git a/cli/usercreate.go b/cli/usercreate.go
 "github.com/coder/pretty"

 "github.com/coder/coder/v2/cli/cliui"
 "github.com/coder/coder/v2/coderd/httpapi"
 "github.com/coder/coder/v2/codersdk"
 "github.com/coder/coder/v2/cryptorand"
 "github.com/coder/serpent"
 if err != nil {
 return err
 }
 name =httpapi.NormalizeRealUsername(rawName)
 name =codersdk.NormalizeRealUsername(rawName)
 if !strings.EqualFold(rawName, name) {
 cliui.Warnf(inv.Stderr, "Normalized name to %q", name)
 }
diff --git a/coderd/externalauth/externalauth.go b/coderd/externalauth/externalauth.go

 "github.com/coder/coder/v2/coderd/database"
 "github.com/coder/coder/v2/coderd/database/dbtime"
 "github.com/coder/coder/v2/coderd/httpapi"
 "github.com/coder/coder/v2/coderd/promoauth"
 "github.com/coder/coder/v2/codersdk"
 "github.com/coder/retry"
 // apply their client secret and ID, and have the UI appear nicely.
 applyDefaultsToConfig(&entry)

 valid :=httpapi.NameValid(entry.ID)
 valid :=codersdk.NameValid(entry.ID)
 if valid != nil {
 return nil, xerrors.Errorf("external auth provider %q doesn't have a valid id: %w", entry.ID, valid)
 }
diff --git a/coderd/httpapi/httpapi.go b/coderd/httpapi/httpapi.go
 if !ok {
 return false
 }
 valid := NameValid(str)
 valid :=codersdk.NameValid(str)
 return valid == nil
 }
 for _, tag := range []string{"username", "organization_name", "template_name", "workspace_name", "oauth2_app_name"} {
 if !ok {
 return false
 }
 valid := DisplayNameValid(str)
 valid :=codersdk.DisplayNameValid(str)
 return valid == nil
 }
 for _, displayNameTag := range []string{"organization_display_name", "template_display_name", "group_display_name"} {
 if !ok {
 return false
 }
 valid := TemplateVersionNameValid(str)
 valid :=codersdk.TemplateVersionNameValid(str)
 return valid == nil
 }
 err := Validate.RegisterValidation("template_version_name", templateVersionNameValidator)
 if !ok {
 return false
 }
 valid := UserRealNameValid(str)
 valid :=codersdk.UserRealNameValid(str)
 return valid == nil
 }
 err = Validate.RegisterValidation("user_real_name", userRealNameValidator)
 if !ok {
 return false
 }
 valid := GroupNameValid(str)
 valid :=codersdk.GroupNameValid(str)
 return valid == nil
 }
 err = Validate.RegisterValidation("group_name", groupNameValidator)
diff --git a/coderd/httpapi/name.go b/coderd/httpapi/name.go
 }

 // NameValid returns whether the input string is a valid name.
 // It is a generic validator for any name(user, workspace, template, role name, etc.).
 // It is a generic validator for any namethat doesn't have it's own validator.
 func NameValid(str string) error {
 if len(str) > 32 {
 return xerrors.New("must be <= 32 characters")
diff --git a/coderd/userauth.go b/coderd/userauth.go
 }

 ghName := ghUser.GetName()
 normName :=httpapi.NormalizeRealUsername(ghName)
 normName :=codersdk.NormalizeRealUsername(ghName)

 // If we have a nil GitHub ID, that is a big problem. That would mean we link
 // this user and all other users with this bug to the same uuid.
 // The username is a required property in Coder. We make a best-effort
 // attempt at using what the claims provide, but if that fails we will
 // generate a random username.
 usernameValid :=httpapi.NameValid(username)
 usernameValid :=codersdk.NameValid(username)
 if usernameValid != nil {
 // If no username is provided, we can default to use the email address.
 // This will be converted in the from function below, so it's safe
 // to keep the domain.
 if username == "" {
 username = email
 }
 username =httpapi.UsernameFrom(username)
 username =codersdk.UsernameFrom(username)
 }

 if len(api.OIDCConfig.EmailDomain) > 0 {
 nameRaw, ok := mergedClaims[api.OIDCConfig.NameField]
 if ok {
 name, _ = nameRaw.(string)
 name =httpapi.NormalizeRealUsername(name)
 name =codersdk.NormalizeRealUsername(name)
 }

 var picture string
 for i := 0; i < 10; i++ {
 alternate := fmt.Sprintf("%s-%s", original, namesgenerator.GetRandomName(1))

 params.Username =httpapi.UsernameFrom(alternate)
 params.Username =codersdk.UsernameFrom(alternate)

 //nolint:gocritic
 _, err := tx.GetUserByEmailOrUsername(dbauthz.AsSystemRestricted(ctx), database.GetUserByEmailOrUsernameParams{
diff --git a/coderd/users.go b/coderd/users.go
 func (api *API) CreateUser(ctx context.Context, store database.Store, req CreateUserRequest) (database.User, error) {
 // Ensure the username is valid. It's the caller's responsibility to ensure
 // the username is valid and unique.
 if usernameValid :=httpapi.NameValid(req.Username); usernameValid != nil {
 if usernameValid :=codersdk.NameValid(req.Username); usernameValid != nil {
 return database.User{}, xerrors.Errorf("invalid username %q: %w", req.Username, usernameValid)
 }

 ID:             uuid.New(),
 Email:          req.Email,
 Username:       req.Username,
 Name:httpapi.NormalizeRealUsername(req.Name),
 Name:codersdk.NormalizeRealUsername(req.Name),
 CreatedAt:      dbtime.Now(),
 UpdatedAt:      dbtime.Now(),
 HashedPassword: []byte{},
diff --git a/codersdk/name.go b/codersdk/name.go
 package codersdk

 import (
 "regexp"
 "strings"

 "github.com/moby/moby/pkg/namesgenerator"
 "golang.org/x/xerrors"
 )

 var (
 UsernameValidRegex = regexp.MustCompile("^[a-zA-Z0-9]+(?:-[a-zA-Z0-9]+)*$")
 usernameReplace    = regexp.MustCompile("[^a-zA-Z0-9-]*")

 templateVersionName = regexp.MustCompile(`^[a-zA-Z0-9]+(?:[_.-]{1}[a-zA-Z0-9]+)*$`)
 templateDisplayName = regexp.MustCompile(`^[^\s](.*[^\s])?$`)
 )

 // UsernameFrom returns a best-effort username from the provided string.
 //
 // It first attempts to validate the incoming string, which will
 // be returned if it is valid. It then will attempt to extract
 // the username from an email address. If no success happens during
 // these steps, a random username will be returned.
 func UsernameFrom(str string) string {
 if valid := NameValid(str); valid == nil {
 return str
 }
 emailAt := strings.LastIndex(str, "@")
 if emailAt >= 0 {
 str = str[:emailAt]
 }
 str = usernameReplace.ReplaceAllString(str, "")
 if valid := NameValid(str); valid == nil {
 return str
 }
 return strings.ReplaceAll(namesgenerator.GetRandomName(1), "_", "-")
 }

 // NameValid returns whether the input string is a valid name.
 // It is a generic validator for any name (user, workspace, template, role name, etc.).
 func NameValid(str string) error {
 if len(str) > 32 {
 return xerrors.New("must be <= 32 characters")
 }
 if len(str) < 1 {
 return xerrors.New("must be >= 1 character")
 }
 // Avoid conflicts with routes like /templates/new and /groups/create.
 if str == "new" || str == "create" {
 return xerrors.Errorf("cannot use %q as a name", str)
 }
 matched := UsernameValidRegex.MatchString(str)
 if !matched {
 return xerrors.New("must be alphanumeric with hyphens")
 }
 return nil
 }

 // TemplateVersionNameValid returns whether the input string is a valid template version name.
 func TemplateVersionNameValid(str string) error {
 if len(str) > 64 {
 return xerrors.New("must be <= 64 characters")
 }
 matched := templateVersionName.MatchString(str)
 if !matched {
 return xerrors.New("must be alphanumeric with underscores and dots")
 }
 return nil
 }

 // DisplayNameValid returns whether the input string is a valid template display name.
 func DisplayNameValid(str string) error {
 if len(str) == 0 {
 return nil // empty display_name is correct
 }
 if len(str) > 64 {
 return xerrors.New("must be <= 64 characters")
 }
 matched := templateDisplayName.MatchString(str)
 if !matched {
 return xerrors.New("must be alphanumeric with spaces")
 }
 return nil
 }

 // UserRealNameValid returns whether the input string is a valid real user name.
 func UserRealNameValid(str string) error {
 if len(str) > 128 {
 return xerrors.New("must be <= 128 characters")
 }

 if strings.TrimSpace(str) != str {
 return xerrors.New("must not have leading or trailing whitespace")
 }
 return nil
 }

 // GroupNameValid returns whether the input string is a valid group name.
 func GroupNameValid(str string) error {
 // 36 is to support using UUIDs as the group name.
 if len(str) > 36 {
 return xerrors.New("must be <= 36 characters")
 }
 // Avoid conflicts with routes like /groups/new and /groups/create.
 if str == "new" || str == "create" {
 return xerrors.Errorf("cannot use %q as a name", str)
 }
 matched := UsernameValidRegex.MatchString(str)
 if !matched {
 return xerrors.New("must be alphanumeric with hyphens")
 }
 return nil
 }

 // NormalizeUserRealName normalizes a user name such that it will pass
 // validation by UserRealNameValid. This is done to avoid blocking
 // little  Bobby  Whitespace  from using Coder.
 func NormalizeRealUsername(str string) string {
 s := strings.TrimSpace(str)
 if len(s) > 128 {
 s = s[:128]
 }
 return s
 }
diff --git a/coderd/httpapi/name_test.go → codersdk/name_test.go b/coderd/httpapi/name_test.go → codersdk/name_test.go
 packagehttpapi_test
 packagecodersdk_test

 import (
 "strings"
 "github.com/stretchr/testify/assert"
 "github.com/stretchr/testify/require"

 "github.com/coder/coder/v2/coderd/httpapi"
 "github.com/coder/coder/v2/codersdk"
 "github.com/coder/coder/v2/testutil"
 )

 testCase := testCase
 t.Run(testCase.Username, func(t *testing.T) {
 t.Parallel()
 valid :=httpapi.NameValid(testCase.Username)
 valid :=codersdk.NameValid(testCase.Username)
 require.Equal(t, testCase.Valid, valid == nil)
 })
 }
 testCase := testCase
 t.Run(testCase.Name, func(t *testing.T) {
 t.Parallel()
 valid :=httpapi.DisplayNameValid(testCase.Name)
 valid :=codersdk.DisplayNameValid(testCase.Name)
 require.Equal(t, testCase.Valid, valid == nil)
 })
 }
 testCase := testCase
 t.Run(testCase.Name, func(t *testing.T) {
 t.Parallel()
 valid :=httpapi.TemplateVersionNameValid(testCase.Name)
 valid :=codersdk.TemplateVersionNameValid(testCase.Name)
 require.Equal(t, testCase.Valid, valid == nil)
 })
 }

 for i := 0; i < 1000; i++ {
 name := testutil.GetRandomName(t)
 err :=httpapi.TemplateVersionNameValid(name)
 err :=codersdk.TemplateVersionNameValid(name)
 require.NoError(t, err, "invalid template version name: %s", name)
 }
 }
 testCase := testCase
 t.Run(testCase.From, func(t *testing.T) {
 t.Parallel()
 converted :=httpapi.UsernameFrom(testCase.From)
 converted :=codersdk.UsernameFrom(testCase.From)
 t.Log(converted)
 valid :=httpapi.NameValid(converted)
 valid :=codersdk.NameValid(converted)
 require.True(t, valid == nil)
 if testCase.Match == "" {
 require.NotEqual(t, testCase.From, converted)
 testCase := testCase
 t.Run(testCase.Name, func(t *testing.T) {
 t.Parallel()
 err :=httpapi.UserRealNameValid(testCase.Name)
 norm :=httpapi.NormalizeRealUsername(testCase.Name)
 normErr :=httpapi.UserRealNameValid(norm)
 err :=codersdk.UserRealNameValid(testCase.Name)
 norm :=codersdk.NormalizeRealUsername(testCase.Name)
 normErr :=codersdk.UserRealNameValid(norm)
 assert.NoError(t, normErr)
 assert.Equal(t, testCase.Valid, err == nil)
 assert.Equal(t, testCase.Valid, norm == testCase.Name, "invalid name should be different after normalization")
diff --git a/enterprise/coderd/roles.go b/enterprise/coderd/roles.go
 return false
 }

 if err :=httpapi.NameValid(req.Name); err != nil {
 if err :=codersdk.NameValid(req.Name); err != nil {
 httpapi.Write(ctx, rw, http.StatusBadRequest, codersdk.Response{
 Message: "Invalid role name",
 Detail:  err.Error(),
diff --git a/enterprise/coderd/scim.go b/enterprise/coderd/scim.go
 // The username is a required property in Coder. We make a best-effort
 // attempt at using what the claims provide, but if that fails we will
 // generate a random username.
 usernameValid :=httpapi.NameValid(sUser.UserName)
 usernameValid :=codersdk.NameValid(sUser.UserName)
 if usernameValid != nil {
 // If no username is provided, we can default to use the email address.
 // This will be converted in the from function below, so it's safe
 // to keep the domain.
 if sUser.UserName == "" {
 sUser.UserName = email
 }
 sUser.UserName =httpapi.UsernameFrom(sUser.UserName)
 sUser.UserName =codersdk.UsernameFrom(sUser.UserName)
 }

 // TODO: This is a temporary solution that does not support multi-org
Original file line number	Diff line number	Diff line change
Expand Up		@@ -11,7 +11,6 @@ import (
		"github.com/coder/pretty"

		"github.com/coder/coder/v2/cli/cliui"
		"github.com/coder/coder/v2/coderd/httpapi"
		"github.com/coder/coder/v2/codersdk"
		"github.com/coder/coder/v2/cryptorand"
		"github.com/coder/serpent"
Expand DownExpand Up		@@ -72,7 +71,7 @@ func (r RootCmd) userCreate() serpent.Command {
		if err != nil {
		return err
		}
		name =httpapi.NormalizeRealUsername(rawName)
		name =codersdk.NormalizeRealUsername(rawName)
		if !strings.EqualFold(rawName, name) {
		cliui.Warnf(inv.Stderr, "Normalized name to %q", name)
		}
Expand Down
Original file line number	Diff line number	Diff line change
Expand Up		@@ -23,7 +23,6 @@ import (

		"github.com/coder/coder/v2/coderd/database"
		"github.com/coder/coder/v2/coderd/database/dbtime"
		"github.com/coder/coder/v2/coderd/httpapi"
		"github.com/coder/coder/v2/coderd/promoauth"
		"github.com/coder/coder/v2/codersdk"
		"github.com/coder/retry"
Expand DownExpand Up		@@ -486,7 +485,7 @@ func ConvertConfig(instrument *promoauth.Factory, entries []codersdk.ExternalAut
		// apply their client secret and ID, and have the UI appear nicely.
		applyDefaultsToConfig(&entry)

		valid :=httpapi.NameValid(entry.ID)
		valid :=codersdk.NameValid(entry.ID)
		if valid != nil {
		return nil, xerrors.Errorf("external auth provider %q doesn't have a valid id: %w", entry.ID, valid)
		}
Expand Down
Original file line number	Diff line number	Diff line change
Expand Up		@@ -43,7 +43,7 @@ func init() {
		if !ok {
		return false
		}
		valid := NameValid(str)
		valid :=codersdk.NameValid(str)
		return valid == nil
		}
		for _, tag := range []string{"username", "organization_name", "template_name", "workspace_name", "oauth2_app_name"} {
Expand All		@@ -59,7 +59,7 @@ func init() {
		if !ok {
		return false
		}
		valid := DisplayNameValid(str)
		valid :=codersdk.DisplayNameValid(str)
		return valid == nil
		}
		for _, displayNameTag := range []string{"organization_display_name", "template_display_name", "group_display_name"} {
Expand All		@@ -75,7 +75,7 @@ func init() {
		if !ok {
		return false
		}
		valid := TemplateVersionNameValid(str)
		valid :=codersdk.TemplateVersionNameValid(str)
		return valid == nil
		}
		err := Validate.RegisterValidation("template_version_name", templateVersionNameValidator)
Expand All		@@ -89,7 +89,7 @@ func init() {
		if !ok {
		return false
		}
		valid := UserRealNameValid(str)
		valid :=codersdk.UserRealNameValid(str)
		return valid == nil
		}
		err = Validate.RegisterValidation("user_real_name", userRealNameValidator)
Expand All		@@ -103,7 +103,7 @@ func init() {
		if !ok {
		return false
		}
		valid := GroupNameValid(str)
		valid :=codersdk.GroupNameValid(str)
		return valid == nil
		}
		err = Validate.RegisterValidation("group_name", groupNameValidator)
Expand Down
Original file line number	Diff line number	Diff line change
Expand Up		@@ -38,7 +38,7 @@ func UsernameFrom(str string) string {
		}

		// NameValid returns whether the input string is a valid name.
		// It is a generic validator for any name(user, workspace, template, role name, etc.).
		// It is a generic validator for any namethat doesn't have it's own validator.
		func NameValid(str string) error {
		if len(str) > 32 {
		return xerrors.New("must be <= 32 characters")
Expand Down
Original file line number	Diff line number	Diff line change
Expand Up		@@ -602,7 +602,7 @@ func (api API) userOAuth2Github(rw http.ResponseWriter, r http.Request) {
		}

		ghName := ghUser.GetName()
		normName :=httpapi.NormalizeRealUsername(ghName)
		normName :=codersdk.NormalizeRealUsername(ghName)

		// If we have a nil GitHub ID, that is a big problem. That would mean we link
		// this user and all other users with this bug to the same uuid.
Expand DownExpand Up		@@ -951,15 +951,15 @@ func (api API) userOIDC(rw http.ResponseWriter, r http.Request) {
		// The username is a required property in Coder. We make a best-effort
		// attempt at using what the claims provide, but if that fails we will
		// generate a random username.
		usernameValid :=httpapi.NameValid(username)
		usernameValid :=codersdk.NameValid(username)
		if usernameValid != nil {
		// If no username is provided, we can default to use the email address.
		// This will be converted in the from function below, so it's safe
		// to keep the domain.
		if username == "" {
		username = email
		}
		username =httpapi.UsernameFrom(username)
		username =codersdk.UsernameFrom(username)
		}

		if len(api.OIDCConfig.EmailDomain) > 0 {
Expand DownExpand Up		@@ -994,7 +994,7 @@ func (api API) userOIDC(rw http.ResponseWriter, r http.Request) {
		nameRaw, ok := mergedClaims[api.OIDCConfig.NameField]
		if ok {
		name, _ = nameRaw.(string)
		name =httpapi.NormalizeRealUsername(name)
		name =codersdk.NormalizeRealUsername(name)
		}

		var picture string
Expand DownExpand Up		@@ -1389,7 +1389,7 @@ func (api API) oauthLogin(r http.Request, params oauthLoginParams) ([]http.C
		for i := 0; i < 10; i++ {
		alternate := fmt.Sprintf("%s-%s", original, namesgenerator.GetRandomName(1))

		params.Username =httpapi.UsernameFrom(alternate)
		params.Username =codersdk.UsernameFrom(alternate)

		//nolint:gocritic
		_, err := tx.GetUserByEmailOrUsername(dbauthz.AsSystemRestricted(ctx), database.GetUserByEmailOrUsernameParams{
Expand Down
Original file line number	Diff line number	Diff line change
Expand Up		@@ -1287,7 +1287,7 @@ type CreateUserRequest struct {
		func (api *API) CreateUser(ctx context.Context, store database.Store, req CreateUserRequest) (database.User, error) {
		// Ensure the username is valid. It's the caller's responsibility to ensure
		// the username is valid and unique.
		if usernameValid :=httpapi.NameValid(req.Username); usernameValid != nil {
		if usernameValid :=codersdk.NameValid(req.Username); usernameValid != nil {
		return database.User{}, xerrors.Errorf("invalid username %q: %w", req.Username, usernameValid)
		}

Expand All		@@ -1299,7 +1299,7 @@ func (api *API) CreateUser(ctx context.Context, store database.Store, req Create
		ID: uuid.New(),
		Email: req.Email,
		Username: req.Username,
		Name:httpapi.NormalizeRealUsername(req.Name),
		Name:codersdk.NormalizeRealUsername(req.Name),
		CreatedAt: dbtime.Now(),
		UpdatedAt: dbtime.Now(),
		HashedPassword: []byte{},
Expand Down
Original file line number	Diff line number	Diff line change
		@@ -0,0 +1,125 @@
		package codersdk
ethanndickson marked this conversation as resolved. Show resolvedHide resolved

		import (
		"regexp"
		"strings"

		"github.com/moby/moby/pkg/namesgenerator"
		"golang.org/x/xerrors"
		)

		var (
		UsernameValidRegex = regexp.MustCompile("^[a-zA-Z0-9]+(?:-[a-zA-Z0-9]+)*$")
		usernameReplace = regexp.MustCompile("[^a-zA-Z0-9-]*")

		templateVersionName = regexp.MustCompile(`^[a-zA-Z0-9]+(?:[_.-]{1}[a-zA-Z0-9]+)*$`)
		templateDisplayName = regexp.MustCompile(`^[^\s](.*[^\s])?$`)
		)

		// UsernameFrom returns a best-effort username from the provided string.
		//
		// It first attempts to validate the incoming string, which will
		// be returned if it is valid. It then will attempt to extract
		// the username from an email address. If no success happens during
		// these steps, a random username will be returned.
		func UsernameFrom(str string) string {
		if valid := NameValid(str); valid == nil {
		return str
		}
		emailAt := strings.LastIndex(str, "@")
		if emailAt >= 0 {
		str = str[:emailAt]
		}
		str = usernameReplace.ReplaceAllString(str, "")
		if valid := NameValid(str); valid == nil {
		return str
		}
		return strings.ReplaceAll(namesgenerator.GetRandomName(1), "_", "-")
		}

		// NameValid returns whether the input string is a valid name.
		// It is a generic validator for any name (user, workspace, template, role name, etc.).
		func NameValid(str string) error {
		if len(str) > 32 {
		return xerrors.New("must be <= 32 characters")
		}
		if len(str) < 1 {
		return xerrors.New("must be >= 1 character")
		}
		// Avoid conflicts with routes like /templates/new and /groups/create.
		if str == "new" \|\| str == "create" {
		return xerrors.Errorf("cannot use %q as a name", str)
		}
		matched := UsernameValidRegex.MatchString(str)
		if !matched {
		return xerrors.New("must be alphanumeric with hyphens")
		}
		return nil
		}

		// TemplateVersionNameValid returns whether the input string is a valid template version name.
		func TemplateVersionNameValid(str string) error {
		if len(str) > 64 {
		return xerrors.New("must be <= 64 characters")
		}
		matched := templateVersionName.MatchString(str)
		if !matched {
		return xerrors.New("must be alphanumeric with underscores and dots")
		}
		return nil
		}

		// DisplayNameValid returns whether the input string is a valid template display name.
		func DisplayNameValid(str string) error {
		if len(str) == 0 {
		return nil // empty display_name is correct
		}
		if len(str) > 64 {
		return xerrors.New("must be <= 64 characters")
		}
		matched := templateDisplayName.MatchString(str)
		if !matched {
		return xerrors.New("must be alphanumeric with spaces")
		}
		return nil
		}

		// UserRealNameValid returns whether the input string is a valid real user name.
		func UserRealNameValid(str string) error {
		if len(str) > 128 {
		return xerrors.New("must be <= 128 characters")
		}

		if strings.TrimSpace(str) != str {
		return xerrors.New("must not have leading or trailing whitespace")
		}
		return nil
		}

		// GroupNameValid returns whether the input string is a valid group name.
		func GroupNameValid(str string) error {
		// 36 is to support using UUIDs as the group name.
		if len(str) > 36 {
		return xerrors.New("must be <= 36 characters")
		}
		// Avoid conflicts with routes like /groups/new and /groups/create.
		if str == "new" \|\| str == "create" {
		return xerrors.Errorf("cannot use %q as a name", str)
		}
		matched := UsernameValidRegex.MatchString(str)
		if !matched {
		return xerrors.New("must be alphanumeric with hyphens")
		}
		return nil
		}

		// NormalizeUserRealName normalizes a user name such that it will pass
		// validation by UserRealNameValid. This is done to avoid blocking
		// little Bobby Whitespace from using Coder.
		func NormalizeRealUsername(str string) string {
		s := strings.TrimSpace(str)
		if len(s) > 128 {
		s = s[:128]
		}
		return s
		}
Original file line number	Diff line number	Diff line change
		@@ -1,4 +1,4 @@
		packagehttpapi_test
		packagecodersdk_test

		import (
		"strings"
Expand All		@@ -7,7 +7,7 @@ import (
		"github.com/stretchr/testify/assert"
		"github.com/stretchr/testify/require"

		"github.com/coder/coder/v2/coderd/httpapi"
		"github.com/coder/coder/v2/codersdk"
		"github.com/coder/coder/v2/testutil"
		)

Expand DownExpand Up		@@ -62,7 +62,7 @@ func TestUsernameValid(t *testing.T) {
		testCase := testCase
		t.Run(testCase.Username, func(t *testing.T) {
		t.Parallel()
		valid :=httpapi.NameValid(testCase.Username)
		valid :=codersdk.NameValid(testCase.Username)
		require.Equal(t, testCase.Valid, valid == nil)
		})
		}
Expand DownExpand Up		@@ -117,7 +117,7 @@ func TestTemplateDisplayNameValid(t *testing.T) {
		testCase := testCase
		t.Run(testCase.Name, func(t *testing.T) {
		t.Parallel()
		valid :=httpapi.DisplayNameValid(testCase.Name)
		valid :=codersdk.DisplayNameValid(testCase.Name)
		require.Equal(t, testCase.Valid, valid == nil)
		})
		}
Expand DownExpand Up		@@ -158,7 +158,7 @@ func TestTemplateVersionNameValid(t *testing.T) {
		testCase := testCase
		t.Run(testCase.Name, func(t *testing.T) {
		t.Parallel()
		valid :=httpapi.TemplateVersionNameValid(testCase.Name)
		valid :=codersdk.TemplateVersionNameValid(testCase.Name)
		require.Equal(t, testCase.Valid, valid == nil)
		})
		}
Expand All		@@ -169,7 +169,7 @@ func TestGeneratedTemplateVersionNameValid(t *testing.T) {

		for i := 0; i < 1000; i++ {
		name := testutil.GetRandomName(t)
		err :=httpapi.TemplateVersionNameValid(name)
		err :=codersdk.TemplateVersionNameValid(name)
		require.NoError(t, err, "invalid template version name: %s", name)
		}
		}
Expand DownExpand Up		@@ -199,9 +199,9 @@ func TestFrom(t *testing.T) {
		testCase := testCase
		t.Run(testCase.From, func(t *testing.T) {
		t.Parallel()
		converted :=httpapi.UsernameFrom(testCase.From)
		converted :=codersdk.UsernameFrom(testCase.From)
		t.Log(converted)
		valid :=httpapi.NameValid(converted)
		valid :=codersdk.NameValid(converted)
		require.True(t, valid == nil)
		if testCase.Match == "" {
		require.NotEqual(t, testCase.From, converted)
Expand DownExpand Up		@@ -245,9 +245,9 @@ func TestUserRealNameValid(t *testing.T) {
		testCase := testCase
		t.Run(testCase.Name, func(t *testing.T) {
		t.Parallel()
		err :=httpapi.UserRealNameValid(testCase.Name)
		norm :=httpapi.NormalizeRealUsername(testCase.Name)
		normErr :=httpapi.UserRealNameValid(norm)
		err :=codersdk.UserRealNameValid(testCase.Name)
		norm :=codersdk.NormalizeRealUsername(testCase.Name)
		normErr :=codersdk.UserRealNameValid(norm)
		assert.NoError(t, normErr)
		assert.Equal(t, testCase.Valid, err == nil)
		assert.Equal(t, testCase.Valid, norm == testCase.Name, "invalid name should be different after normalization")
Expand Down
Original file line number	Diff line number	Diff line change
Expand Up		@@ -266,7 +266,7 @@ func validOrganizationRoleRequest(ctx context.Context, req codersdk.CustomRoleRe
		return false
		}

		if err :=httpapi.NameValid(req.Name); err != nil {
		if err :=codersdk.NameValid(req.Name); err != nil {
		httpapi.Write(ctx, rw, http.StatusBadRequest, codersdk.Response{
		Message: "Invalid role name",
		Detail: err.Error(),
Expand Down
Original file line number	Diff line number	Diff line change
Expand Up		@@ -206,15 +206,15 @@ func (api API) scimPostUser(rw http.ResponseWriter, r http.Request) {
		// The username is a required property in Coder. We make a best-effort
		// attempt at using what the claims provide, but if that fails we will
		// generate a random username.
		usernameValid :=httpapi.NameValid(sUser.UserName)
		usernameValid :=codersdk.NameValid(sUser.UserName)
		if usernameValid != nil {
		// If no username is provided, we can default to use the email address.
		// This will be converted in the from function below, so it's safe
		// to keep the domain.
		if sUser.UserName == "" {
		sUser.UserName = email
		}
		sUser.UserName =httpapi.UsernameFrom(sUser.UserName)
		sUser.UserName =codersdk.UsernameFrom(sUser.UserName)
		}

		// TODO: This is a temporary solution that does not support multi-org
Expand Down