Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

accounts: Invalid roll numbers being allowed during registration #1

Open
Prater-12 opened this issue Oct 15, 2023 · 2 comments · May be fixed by #13
Open

accounts: Invalid roll numbers being allowed during registration #1

Prater-12 opened this issue Oct 15, 2023 · 2 comments · May be fixed by #13
Labels
backend Related to the backend bug Something isn't working

Comments

@Prater-12
Copy link
Collaborator

Prater-12 commented Oct 15, 2023
edited
Loading

Describe the bug
During user registration, users are able to create accounts with invalid values of roll numbers. For example:

  • username, helloFOSS, notarollnumber123 (non-roll number strings)
  • 23M9999 (invalid roll numbers)
  • 26B1001 (roll numbers that are technically valid, but of future batches)

There is no validation being performed to ensure that the roll number is valid.

To Reproduce
Steps to reproduce the behavior:

  1. Run the backend
  2. Access the user registration end-point
  3. Try to create a user with an invalid roll number
  4. No error, user is created

Expected behavior
In the case of invalid values for the roll number, the backend must not create the user, and respond with an error.

Screenshots
None

Desktop (please complete the following information):

  • OS: Windows
  • Browser: Brave

Additional context
NOTE: The implemented approach should account for users created for admin access, with "roll numbers" that technically act as usernames (ex. "admin"). Such users will always be created manually on the database level however, so it not a big concern.
@Prater-12 Prater-12 added bug Something isn't working backend Related to the backend labels Oct 15, 2023
@Prater-12
Copy link
Collaborator Author

What exactly are the possible patterns for valid roll numbers? There are also major differences between roll numbers prior to '22 and after.

This was linked to pull requests Oct 28, 2023
Invalid roll numbers registration sorted #13
Open
Solved issue #1 (Invalid Roll Numbers) #14
Closed
@Prater-12
Copy link
Collaborator Author

From the above PR:

210040001 is a valid roll number for the '21 batch, Civil Engg. (B.Tech)

Some more googling brought up this link from the IEOR website that has some roll numbers corresponding to PG students.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
backend Related to the backend bug Something isn't working
Projects
None yet
Milestone
No milestone
1 participant
@Prater-12