-
Notifications
You must be signed in to change notification settings - Fork 3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[HOLD for payment 2023-11-22] [HOLD for payment 2023-11-21] [HOLD] [$1000] Web - Workspace allows to add only invisible characters as name #23297
Comments
Triggered auto assignment to @alexpensify ( |
Bug0 Triage Checklist (Main S/O)
|
ProposalPlease re-state the problem that we are trying to solve in this issue.Workspace allows for invisible characters as the name What is the root cause of that problem?There is no check for validating that the invisible characters are not part of the provided input. What changes do you think we should make in order to solve the problem?
We can expand on this trimming with a regex replace so that also invisible characters are trimmed from the left and right sides. This will result in an empty string being passed to the validation function inside
App/src/libs/ValidationUtils.js Lines 85 to 88 in c3bafa6
What alternative solutions did you explore? (Optional)Option 1. Specifically remove the invisible characters here (and potentially in other places also, e.g. tasks), or trigger an error that the provided input is invalid, based on the presence of these characters. This validation should also be performed on the backend. |
ProposalPlease re-state the problem that we are trying to solve in this issue.The workspace allows invisible characters in the name. What is the root cause of that problem?We aren't validating the workspace name in WorkspaceSettingsPage. What changes do you think we should make in order to solve the problem?We should use similar validation in WorkspaceSettingsPage to what we currently use for new rooms, including the same regex which seems suitable for workspace names too. What alternative solutions did you explore? (Optional)None |
I ran out of time yesterday, I'll review soon. |
Triggered auto assignment to @stitesExpensify ( |
@stitesExpensify - I've assigned the engineering label to identify if we think this will be a common problem. Let me know if I should start a discussion with the full Slack room instead, but I'm looking for feedback here. Thanks! |
Yeah, I think this is worth fixing. I think that it will look like a bug on our end if people have empty names because it will look weird to display nothing next to other chats in the LHN for example. |
This should have both a front-end and back-end fix so that people can't maliciously change their names on the API, and they get notified on the front end when the name is invalid |
Job added to Upwork: https://www.upwork.com/jobs/~01560ace6dc872a8c8 |
Current assignee @alexpensify is eligible for the External assigner, not assigning anyone new. |
Triggered auto assignment to Contributor-plus team member for initial proposal review - @situchan ( |
Thank you @stitesExpensify for the update! I'll remove you now to avoid confusion as we accept proposals. |
@situchan when you get a chance, can you please review the submitted proposals to see if they will work to resolve this one? Thanks! |
@situchan any update here on the proposals? |
I think we should find general solution to fix this weird issue. Screen.Recording.2023-07-31.at.5.57.32.PM.movNo satisfactory proposals yet |
Agreed. I have updated my proposal to put the fix in the |
|
The solution for this issue has been 🚀 deployed to production 🚀 in version 1.3.98-5 and is now subject to a 7-day regression period 📆. Here is the list of pull requests that resolve this issue: If no regressions arise, payment will be issued on 2023-11-21. 🎊 After the hold period is over and BZ checklist items are completed, please complete any of the applicable payments for this issue, and check them off once done.
For reference, here are some details about the assignees on this issue:
|
BugZero Checklist: The PR fixing this issue has been merged! The following checklist (instructions) will need to be completed before the issue can be closed:
|
The solution for this issue has been 🚀 deployed to production 🚀 in version 1.3.99-0 and is now subject to a 7-day regression period 📆. Here is the list of pull requests that resolve this issue: If no regressions arise, payment will be issued on 2023-11-22. 🎊 After the hold period is over and BZ checklist items are completed, please complete any of the applicable payments for this issue, and check them off once done.
For reference, here are some details about the assignees on this issue:
|
BugZero Checklist: The PR fixing this issue has been merged! The following checklist (instructions) will need to be completed before the issue can be closed:
|
I'm OOO next week, @peterdbarkerUK is going to step in and handle the payment process. @situchan - before the payment date, please complete the checklist. Thanks! |
@situchan could you take a swing at the PR checklist? |
@peterdbarkerUK I assume you meant BZ checklist There's no offending PR which caused this regression as issue itself is edge case. |
Well shoot, you caught me lazily copying Al instead of re-reading the whole issue. Busted. Agreed, will complete payout tomorrow |
[$1000] paid to @situchan (C+ review) Edit: updated bug reporter payment |
Hi @peterdbarkerUK, the issue was raised before 30 August, can you update the offer to 250$? |
Right you are, updated and sent! |
Thanks, I have accepted the offer. |
Done, thanks everyone! |
Thanks for your help @peterdbarkerUK to complete the payment process. |
If you haven’t already, check out our contributing guidelines for onboarding and email [email protected] to request to join our Slack channel!
Action Performed:
Expected Result:
App should not allow to save workspace name if we only use invisible characters for name
Actual Result:
App allows to save workspace name even if we only use invisible characters for name
Workaround:
Unknown
Platforms:
Which of our officially supported platforms is this issue occurring on?
Version Number: 1.3.43-2
Reproducible in staging?: y
Reproducible in production?: y
If this was caught during regression testing, add the test name, ID and link from TestRail:
Email or phone of affected tester (no customers):
Logs: https://stackoverflow.com/c/expensify/questions/4856
Notes/Photos/Videos: Any additional supporting documentation
invisible.characters.in.workspace.name.mp4
Expensify/Expensify Issue URL:
Issue reported by: @dhanashree-sawant
Slack conversation: https://expensify.slack.com/archives/C049HHMV9SM/p1689878993909189
View all open jobs on GitHub
Upwork Automation - Do Not Edit
Issue Owner
Current Issue Owner: @peterdbarkerUKThe text was updated successfully, but these errors were encountered: