Skip to content

fix: add database constraint to enforce minimum username length #19453

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 3 commits into from
Aug 21, 2025
Merged

fix: add database constraint to enforce minimum username length #19453

merged 3 commits into from
Aug 21, 2025

Conversation

cstyan
Copy link
Contributor

@cstyan cstyan commented Aug 20, 2025

Username length and format, via regex, are already enforced at the application layer, but we have some code paths with database queries where we could optimize away many of the DB query calls if we could be sure at the database level that the username is never an empty string.

For example: #19395

@cstyan
Add database constraint to enforce minimum username length. Username
3e26a13 
length and regex are already enforced at the application layer, but we
have some code paths with database queries where we could optimize away
many of the DB query calls if we could be sure at the database level
that the username is never an empty string.

Signed-off-by: Callum Styan <callumstyan@gmail.com>
@johnstcn
Copy link
Member 

=== FAIL: coderd/database TestUpdateSystemUser (0.11s)
    t.go:106: 2025-08-20 17:44:28.486 [debu]  pubsub: pubsub dialing postgres  network=tcp  address=127.0.0.1:5432  timeout_ms=0
    t.go:106: 2025-08-20 17:44:28.486 [debu]  pubsub: pubsub postgres TCP connection established  network=tcp  address=127.0.0.1:5432  timeout_ms=0  elapsed_ms=0
    t.go:106: 2025-08-20 17:44:28.496 [debu]  pubsub: pubsub connected to postgres
    t.go:106: 2025-08-20 17:44:28.496 [debu]  pubsub: pubsub has started
    querier_test.go:1560: 
        	Error Trace:	/home/runner/work/coder/coder/coderd/database/querier_test.go:1560
        	Error:      	Received unexpected error:
        	            	pq: new row for relation "users" violates check constraint "users_username_min_length"
        	Test:       	TestUpdateSystemUser
    t.go:106: 2025-08-20 17:44:28.510 [info]  pubsub: pubsub is closing
    t.go:106: 2025-08-20 17:44:28.510 [info]  pubsub: pubsub listen stopped receiving notify
    t.go:106: 2025-08-20 17:44:28.510 [debu]  pubsub: pubsub closed

The failing tests are actually catching this!

cstyan added 2 commits August 20, 2025 23:28
@cstyan
drop constraint if exists
9e6154a 
Signed-off-by: Callum Styan <callumstyan@gmail.com>
@cstyan
fix test that had empty username
80d74a8 
Signed-off-by: Callum Styan <callumstyan@gmail.com>
@cstyan cstyan changed the title fix: Add database constraint to enforce minimum username length fix: add database constraint to enforce minimum username length Aug 21, 2025
dannykopping
dannykopping approved these changes Aug 21, 2025
View reviewed changes
coderd/database/migrations/000361_username_length_constraint.up.sql
@@ -0,0 +1,3 @@
ALTER TABLE users
ADD CONSTRAINT users_username_min_length
CHECK (length(username) >= 1);
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I wonder if we should expand this constraint to take the other clauses into account:
https://github.com/coder/coder/blob/main/codersdk/name.go#L41-L60

In any case, enforcing the minimum solves our immediate problem so I'm approving, but we might be overfitting.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don't think we need to duplicate the entire logic here.

Copy link
Contributor

@dannykopping dannykopping Aug 21, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm not advocating for duplicating so much as replacing the logic; should've been more explicit.

@cstyan cstyan merged commit bcdade7 into main Aug 21, 2025
33 checks passed
@cstyan cstyan deleted the callum-username-constraint branch August 21, 2025 14:56
@github-actions github-actions bot locked and limited conversation to collaborators Aug 21, 2025
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@dannykopping dannykopping dannykopping approved these changes

@johnstcn johnstcn johnstcn approved these changes

Assignees

@cstyan cstyan

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@cstyan @johnstcn @dannykopping
pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy