diff --git a/RAP4/customizations/bootstrap/files/ExecEngineFunctions.php b/RAP4/customizations/bootstrap/files/ExecEngineFunctions.php index d7d51e0e..8c0eceef 100644 --- a/RAP4/customizations/bootstrap/files/ExecEngineFunctions.php +++ b/RAP4/customizations/bootstrap/files/ExecEngineFunctions.php @@ -343,13 +343,7 @@ $zipContentForCommandline = base64_encode($zipContent); $mainAldForCommandLine = base64_encode("main.adl"); - //sanitize the username for usage later - $pattern = '/[\W+]/'; - - $userName=strtolower($userName); - $userName = preg_replace($pattern, '-', $userName); - - $userName = 'st-' . $userName; + $userName = sanitize_username($userName); $deployment = getenv('RAP_DEPLOYMENT'); if ($deployment == 'Kubernetes') { @@ -477,6 +471,33 @@ $scriptVersionAtom->link($message, 'compileresponse[ScriptVersion*CompileResponse]')->add(); }); +/**Sanitize the username + * As the user is allowed to choose any name, it is possible that the name they chose does not conform to restrictions places on the string in certain use cases. + * For example, a user could use special characters in their username. This might violate the restrictions placed on strings in a kubernetes metadata.name field. + * Therefore we remove all characters deemed unfit, and create a hash from these characters and append this hash at the end. + * To prevent casting errors between int and string, we append 'st' at the beginning. +*/ +function sanitize_username($username) { + // Define the pattern of illegal characters + $pattern = '/[^a-zA-Z0-9]/'; + + // Find all illegal characters + preg_match_all($pattern, $username, $matches); + + // Remove illegal characters + $sanitized_username = preg_replace($pattern, '', $username); + + // Create a hash of the illegal characters + $hash = !empty($matches[0]) ? substr(md5(implode($matches[0])), 0, 5) : ''; + + // Append the hash to the sanitized username + $sanitized_username .= $hash; + + $sanitized_username = 'st' . $sanitized_username; + + return strtolower($sanitized_username); +} + /** * @phan-closure-scope \Ampersand\Rule\ExecEngine * Phan analyzes the inner body of this closure as if it were a closure declared in ExecEngine.