From db80781716e9dc4be5a60ad1d8991be7a1764ae3 Mon Sep 17 00:00:00 2001
From: Nicola Murino <nicola.murino@gmail.com>
Date: Mon, 8 Feb 2021 21:32:59 +0100
Subject: [PATCH] validation: improve error message for invalid chars

---
 Dockerfile                   | 2 --
 dataprovider/admin.go        | 2 +-
 dataprovider/dataprovider.go | 6 ++++--
 3 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index 712fe6c7..2d148e43 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -55,8 +55,6 @@ RUN sed -i "s|\"users_base_dir\": \"\",|\"users_base_dir\": \"/srv/sftpgo/data\"
     sed -i "s|\"backups\"|\"/srv/sftpgo/backups\"|" /etc/sftpgo/sftpgo.json && \
     sed -i "s|\"address\": \"127.0.0.1\",|\"address\": \"\",|" /etc/sftpgo/sftpgo.json
 
-COPY ./docker/scripts/entrypoint.sh /docker-entrypoint.sh
-
 RUN chown -R sftpgo:sftpgo /etc/sftpgo && chown sftpgo:sftpgo /var/lib/sftpgo /srv/sftpgo
 
 WORKDIR /var/lib/sftpgo
diff --git a/dataprovider/admin.go b/dataprovider/admin.go
index dc4287b6..b648544e 100644
--- a/dataprovider/admin.go
+++ b/dataprovider/admin.go
@@ -70,7 +70,7 @@ func (a *Admin) validate() error {
 		return &ValidationError{err: "please set a password"}
 	}
 	if !usernameRegex.MatchString(a.Username) {
-		return &ValidationError{err: fmt.Sprintf("username %#v is not valid", a.Username)}
+		return &ValidationError{err: fmt.Sprintf("username %#v is not valid, the following characters are allowed: a-zA-Z0-9-_.~", a.Username)}
 	}
 	if a.Password != "" && !strings.HasPrefix(a.Password, argonPwdPrefix) {
 		pwd, err := argon2id.CreateHash(a.Password, argon2Params)
diff --git a/dataprovider/dataprovider.go b/dataprovider/dataprovider.go
index de5a6005..42fa48d0 100644
--- a/dataprovider/dataprovider.go
+++ b/dataprovider/dataprovider.go
@@ -1363,7 +1363,8 @@ func validateBaseParams(user *User) error {
 		return &ValidationError{err: "username is mandatory"}
 	}
 	if !usernameRegex.MatchString(user.Username) {
-		return &ValidationError{err: fmt.Sprintf("username %#v is not valid", user.Username)}
+		return &ValidationError{err: fmt.Sprintf("username %#v is not valid, the following characters are allowed: a-zA-Z0-9-_.~",
+			user.Username)}
 	}
 	if user.HomeDir == "" {
 		return &ValidationError{err: "home_dir is mandatory"}
@@ -1395,7 +1396,8 @@ func ValidateFolder(folder *vfs.BaseVirtualFolder) error {
 		return &ValidationError{err: "folder name is mandatory"}
 	}
 	if !usernameRegex.MatchString(folder.Name) {
-		return &ValidationError{err: fmt.Sprintf("folder name %#v is not valid", folder.Name)}
+		return &ValidationError{err: fmt.Sprintf("folder name %#v is not valid, the following characters are allowed: a-zA-Z0-9-_.~",
+			folder.Name)}
 	}
 	cleanedMPath := filepath.Clean(folder.MappedPath)
 	if !filepath.IsAbs(cleanedMPath) {