Merge pull request #71 from runningman/security

Fixed regex of database user.
2012-05-06 23:56:01 -07:00 · 2012-05-06 23:56:01 -07:00 · 05f7807fc0
commit 05f7807fc0
parent ed62777045 eaf9ee50f6
1 changed files with 3 additions and 1 deletions
--- a/lib/puppet/type/database_user.rb
+++ b/lib/puppet/type/database_user.rb
@ -7,7 +7,9 @@ Puppet::Type.newtype(:database_user) do
  newparam(:name, :namevar=>true) do
    desc "The name of the user. This uses the 'username@hostname' or username@hostname."
    validate do |value|
-      raise(ArgumentError, "Invalid database user #{value}") unless value =~ /\w+@[\w%]+/
+      # https://dev.mysql.com/doc/refman/5.1/en/account-names.html
+      # Regex should problably be more like this: /^[`'"]?[^`'"]*[`'"]?@[`'"]?[\w%\.]+[`'"]?$/
+      raise(ArgumentError, "Invalid database user #{value}") unless value =~ /[\w-]*@[\w%\.]+/
      username = value.split('@')[0]
      if username.size > 16
        raise ArgumentError, "MySQL usernames are limited to a maximum of 16 characters"