CoCalc -- name-rules.ts

GitHub Repository: sagemathinc/cocalc
Path: blob/master/src/packages/util/db-schema/name-rules.ts
¹⁴⁴⁷ views
1
/* Checks that name satisfies the following constraints
2
Inspired by -- https://github.com/isiahmeadows/github-limits
3

4
Each function checks the basic rules, but NOT for uniqueness,
5
which requires a DB query.
6

7
If a rule fails, throws an Error.
8

9
The URL schema is
10

11
https://cocalc.com/[account name]/[project name]/[shared path name]
12

13
We are only using these URL's for the share server.
14
We only use such a URL if all segments are specified.
15

16
NOTE: at some point we considered using these url's for more than just
17
the share server, and maybe when some segments aren't specified.  If we
18
did that, we have to have a lot more constraints on the segments, e.g.,
19
we can't allow "files" for the shared path name.  But we are NOT doing
20
that.
21
*/
22

23
import { is_valid_uuid_string } from "../misc";
24

25
export function isReserved(name: string): boolean {
26
  return RESERVED.has(name.toLowerCase());
27
}
28

29
/*
30
Account name:
31
 - between 1 and 39 characters
32
 - doesn't start with a -
33
 - only includes the characters 0-9,a-z,A-Z,-
34
 - Don't allow uuid's.
35
 - cannot include consecutive hyphens
36
*/
37
export function checkAccountName(name: string) {
38
  if (name.length < 1) {
39
    throw Error("name must have at least 1 character");
40
  }
41
  if (name.length > 39) {
42
    throw Error("name must have at most 39 characters");
43
  }
44
  if (is_valid_uuid_string(name)) {
45
    throw Error("name must not be a v4 UUID");
46
  }
47
  if (name.includes("--")) {
48
    throw Error("name must not contain consecutive hyphens");
49
  }
50
  if (!/^[a-z\d](?:[a-z\d]|-(?=[a-z\d])){0,38}$/i.test(name)) {
51
    throw Error(
52
      "name must contain only a-z,A-Z,0-9, or -, and not start with hyphen.",
53
    );
54
  }
55
  // Check for reserved names.
56
  if (isReserved(name)) {
57
    throw Error(`username "${name}" is reserved -- not available`);
58
  }
59
}
60

61
/*
62
Project name:
63

64
- Max length: 100 characters
65
- All characters must be either a hyphen (-), a period (.), or alphanumeric
66
- Unique amongst projects with given owner (that's a separate db query)
67
*/
68
export function checkProjectName(name: string) {
69
  if (name.length < 1) {
70
    throw Error("name must have at least 1 character");
71
  }
72
  if (name.length > 100) {
73
    throw Error("name must have at most 100 characters");
74
  }
75
  if (!/^[\.a-z\d](?:[\.a-z\d]|-(?=[\.a-z\d])){0,99}$/i.test(name)) {
76
    throw Error(
77
      "name must contain only a-z,A-Z,0-9, . or -, and not start with hyphen or have spaces.",
78
    );
79
  }
80
}
81

82
/*
83
Public path name:
84

85
- Max length: 100 characters
86
- All characters must be either a hyphen (-), a period (.), or alphanumeric
87
- Unique amongst public paths in a given project (a separate db query)
88
*/
89

90
export function checkPublicPathName(name: string) {
91
  if (name.length < 1) {
92
    throw Error("name must have at least 1 character");
93
  }
94
  if (name.length > 100) {
95
    throw Error("name must have at most 100 characters");
96
  }
97
  if (!/^[\.a-z\d](?:[\.a-z\d]|-(?=[\.a-z\d])){0,99}$/i.test(name)) {
98
    throw Error(
99
      "name must contain only a-z,A-Z,0-9, . or -, and not start with hyphen or have spaces.",
100
    );
101
  }
102
}
103

104
// Combined words from what we use, https://www.quora.com/How-do-sites-prevent-vanity-URLs-from-colliding-with-future-features
105
// and https://github.com/Mottie/github-reserved-names/blob/master/reserved-names.json and
106
// https://github.com/Mottie/github-reserved-names and random other things.
107
// If you add more and want to clean this up in the console, this may be helpful:
108
//       Array.from(RESERVED).sort().join(' ')
109
const RESERVED = new Set(
110
  `\
111
0
112
400
113
401
114
402
115
403
116
404
117
405
118
406
119
407
120
408
121
409
122
410
123
411
124
412
125
413
126
414
127
415
128
416
129
417
130
418
131
419
132
420
133
421
134
422
135
423
136
424
137
425
138
426
139
427
140
428
141
429
142
430
143
431
144
500
145
501
146
502
147
503
148
504
149
505
150
506
151
507
152
508
153
509
154
510
155
511
156
about
157
access
158
account
159
accounts
160
action
161
actions
162
activate
163
activities
164
activity
165
ad
166
add
167
address
168
adm
169
admin
170
administration
171
administrator
172
ads
173
adult
174
advertising
175
advisories
176
affiliate
177
affiliates
178
ajax
179
alive
180
all
181
alpha
182
analysis
183
analytics
184
android
185
anon
186
anonymous
187
any
188
api
189
app
190
apps
191
archive
192
archives
193
article
194
articles
195
asct
196
ask
197
asset
198
assets
199
atom
200
attributes
201
auth
202
authentication
203
avatar
204
backup
205
balancer-manager
206
banner
207
banners
208
beta
209
better
210
billing
211
bin
212
blob
213
blobs
214
blog
215
blogs
216
board
217
book
218
bookmark
219
bot
220
bots
221
bounty
222
branches
223
bug
224
business
225
businesses
226
c
227
cache
228
cadastro
229
calendar
230
call
231
campaign
232
cancel
233
captcha
234
career
235
careers
236
cart
237
case-studies
238
categories
239
category
240
cdn
241
central
242
certification
243
cgi
244
cgi-bin
245
changelog
246
chat
247
check
248
checking
249
checkout
250
cla
251
client
252
cliente
253
clients
254
cloud
255
cocalc
256
cocksucker
257
code
258
codereview
259
collection
260
collections
261
comercial
262
comment
263
comments
264
commit
265
commits
266
communities
267
community
268
companies
269
company
270
compare
271
compras
272
compute
273
conat
274
config
275
configuration
276
connect
277
contact
278
contact_us
279
contact-us
280
contactus
281
contest
282
contribute
283
contributing
284
cookbook
285
cookies
286
corp
287
coupon
288
coupons
289
create
290
crm
291
css
292
cunt
293
customer
294
customer-stories
295
customers
296
customize
297
dashboard
298
dashboards
299
data
300
db
301
default
302
delete
303
demo
304
design
305
designer
306
destroy
307
dev
308
devel
309
develop
310
developer
311
developers
312
diagram
313
diary
314
dict
315
dictionary
316
die
317
diff
318
dir
319
direct_messages
320
directory
321
discover
322
discussions
323
dist
324
doc
325
docs
326
documentation
327
domain
328
download
329
downloads
330
downtime
331
ecommerce
332
edit
333
editor
334
editors
335
edu
336
education
337
email
338
embed
339
employment
340
empty
341
end
342
enterprise
343
entries
344
entry
345
error
346
errors
347
eval
348
event
349
events
350
exit
351
explore
352
facebook
353
faq
354
favorite
355
favorites
356
feature
357
featured
358
features
359
feed
360
feedback
361
feeds
362
file
363
files
364
first
365
fixtures
366
flash
367
fleet
368
fleets
369
flog
370
follow
371
followers
372
following
373
font
374
fonts
375
forgot
376
forked
377
form
378
forum
379
forums
380
founder
381
free
382
friend
383
friends
384
ftp
385
fuck
386
gadget
387
gadgets
388
game
389
games
390
garage
391
get
392
ghost
393
gift
394
gifts
395
gist
396
gists
397
github
398
github.com
399
gitlab
400
gitlab.com
401
grafana
402
graph
403
graphs
404
group
405
groups
406
guest
407
guests
408
guide
409
guides
410
help
411
help-wanted
412
home
413
homepage
414
hooks
415
host
416
hosting
417
hostmaster
418
hostname
419
hovercards
420
howto
421
hpg
422
html
423
http
424
httpd
425
https
426
hub
427
i
428
iamges
429
icon
430
icons
431
id
432
idea
433
ideas
434
identity
435
image
436
images
437
imap
438
img
439
inbox
440
include
441
includes
442
index
443
indice
444
individual
445
info
446
information
447
inquiry
448
instagram
449
integration
450
interfaces
451
intern
452
internal
453
intranet
454
introduction
455
invalid-email-address
456
investors
457
invitations
458
invite
459
invoice
460
ipad
461
iphone
462
irc
463
is
464
issue
465
issues
466
it
467
item
468
items
469
java
470
javascript
471
job
472
jobs
473
join
474
journal
475
journals
476
js
477
json
478
jump
479
knowledgebase
480
lab
481
labs
482
language
483
languages
484
last
485
launch
486
layouts
487
ldap-status
488
learn
489
legal
490
library
491
license
492
licenses
493
link
494
links
495
linux
496
list
497
listings
498
lists
499
log
500
log_in
501
log_out
502
log-in
503
log-out
504
login
505
logos
506
logout
507
logs
508
m
509
mac
510
mail
511
mail1
512
mail2
513
mail3
514
mail4
515
mail5
516
mailer
517
mailing
518
maintenance
519
malware
520
man
521
manager
522
manual
523
map
524
maps
525
marketing
526
marketplace
527
master
528
me
529
media
530
member
531
members
532
mention
533
mentioned
534
mentioning
535
mentions
536
message
537
messages
538
messenger
539
metrics
540
microblog
541
microblogs
542
migrating
543
milestones
544
mine
545
mirrors
546
mis
547
misc
548
mob
549
mobile
550
module
551
modules
552
monitor
553
motherfucker
554
movie
555
movies
556
mp3
557
msg
558
msn
559
music
560
musicas
561
mx
562
my
563
mysql
564
name
565
named
566
nan
567
navi
568
navigation
569
nbextensions
570
net
571
network
572
new
573
news
574
newsletter
575
nick
576
nickname
577
nocodb
578
node
579
nodes
580
none
581
nonprofit
582
nonprofits
583
notes
584
notices
585
noticias
586
notification
587
notifications
588
notify
589
ns
590
ns1
591
ns10
592
ns2
593
ns3
594
ns4
595
ns5
596
ns6
597
ns7
598
ns8
599
ns9
600
null
601
oauth
602
oauth_clients
603
offer
604
offers
605
office
606
official
607
old
608
online
609
open-source
610
openid
611
operator
612
order
613
orders
614
organisations
615
organization
616
organizations
617
orgs
618
overview
619
owner
620
owners
621
page
622
pager
623
pages
624
panel
625
partners
626
password
627
password-reset
628
payment
629
payments
630
perl
631
personal
632
phone
633
photo
634
photoalbum
635
photos
636
php
637
phpmyadmin
638
phppgadmin
639
phpredisadmin
640
pic
641
pics
642
ping
643
piss
644
plan
645
plans
646
plugin
647
plugins
648
policies
649
policy
650
poll
651
polls
652
pop
653
pop3
654
popular
655
popularity
656
portal
657
post
658
postfix
659
postmaster
660
posts
661
pr
662
premium
663
press
664
price
665
pricing
666
primus
667
privacy
668
privacy_policy
669
privacy-policy
670
privacypolicy
671
private
672
processes
673
product
674
products
675
professional
676
profile
677
profiles
678
project
679
projects
680
prometheus
681
promo
682
pub
683
public
684
pulls
685
purchase
686
purchases
687
purpose
688
put
689
python
690
query
691
random
692
ranking
693
raw
694
rdf
695
rdfs
696
read
697
readme
698
recent
699
recommendations
700
recruit
701
recruitment
702
redeem
703
register
704
registration
705
release
706
releases
707
remove
708
render
709
replies
710
reply
711
report
712
reports
713
repositories
714
repository
715
req
716
request
717
requests
718
reset
719
resources
720
restore
721
revert
722
roc
723
root
724
rss
725
ruby
726
rule
727
sag
728
sagemath
729
sagemathinc
730
sale
731
sales
732
sample
733
samples
734
save
735
save-net-neutrality
736
saved
737
school
738
scraping
739
script
740
scripts
741
search
742
secure
743
security
744
self
745
send
746
server
747
server-info
748
server-status
749
service
750
services
751
session
752
sessions
753
setting
754
settings
755
setup
756
share
757
shareholders
758
shit
759
shop
760
show
761
showcases
762
sign_in
763
sign_up
764
sign-in
765
sign-up
766
signin
767
signout
768
signup
769
site
770
sitemap
771
sites
772
smartphone
773
smtp
774
snapshots
775
software
776
soporte
777
source
778
spam
779
spec
780
special
781
sponsors
782
sql
783
src
784
ssh
785
ssl
786
ssladmin
787
ssladministrator
788
sslwebmaster
789
sso
790
staff
791
stage
792
staging
793
star
794
starred
795
stars
796
start
797
stat
798
state
799
static
800
statistics
801
stats
802
status
803
statuses
804
storage
805
store
806
stores
807
stories
808
style
809
styleguide
810
stylesheet
811
stylesheets
812
subdomain
813
subscribe
814
subscriptions
815
suggest
816
suggestion
817
suggestions
818
suporte
819
support
820
survey
821
surveys
822
suspended
823
svn
824
swf
825
sys
826
sysadmin
827
sysadministrator
828
system
829
tablet
830
tablets
831
tag
832
talk
833
talks
834
task
835
tasks
836
teach
837
teacher
838
teachers
839
teaching
840
team
841
teams
842
tech
843
telnet
844
template
845
templates
846
ten
847
term
848
terms
849
terms_of_service
850
terms-of-service
851
termsofservice
852
test
853
test1
854
test2
855
test3
856
teste
857
testimonials
858
testing
859
tests
860
theme
861
themes
862
thread
863
threads
864
timeline
865
timetravel
866
tits
867
tmp
868
todo
869
token
870
tool
871
tools
872
top
873
topic
874
topics
875
tos
876
tour
877
train
878
training
879
translations
880
tree
881
trending
882
trends
883
try
884
tutorial
885
tutorials
886
tux
887
tv
888
twitter
889
twittr
890
undef
891
unfollow
892
unsubscribe
893
update
894
updates
895
upload
896
uploads
897
url
898
usage
899
user
900
username
901
users
902
usuario
903
vendas
904
ver
905
version
906
video
907
videos
908
visitor
909
visualization
910
voucher
911
vouchers
912
w
913
watch
914
watching
915
weather
916
web
917
webapp
918
webhook
919
webhooks
920
webmail
921
webmaster
922
website
923
websites
924
welcome
925
widget
926
widgets
927
wiki
928
win
929
windows
930
word
931
work
932
works
933
works-with
934
workshop
935
ww
936
wws
937
www
938
www0
939
www1
940
www2
941
www3
942
www4
943
www5
944
www6
945
www7
946
www8
947
www9
948
wwws
949
wwww
950
xfn
951
xml
952
xmpp
953
xpg
954
xxx
955
yaml
956
year
957
yml
958
you
959
yourdomain
960
yourname
961
yoursite
962
yourusername`.split("\n"),
963
);
964

965
// for testing only
966
if (process.env["NODE_DEV"] === "TEST") {
967
  exports.RESERVED = RESERVED;
968
}
969

970
Product

Resources

Company
