settings: Add permission to enforce unique names in realm.

Previously, users were allowed to signup or change their names to those which already existed in the realm. This commit adds an Organization Permission, that shall enforce users to use unique names while signing up or changing their names. If a same or normalized full name is found in realm, then a validation error is thrown. Fixes #7830.
2025-10-28 10:33:54 +00:00 · 2024-03-12 00:32:05 +05:30
parent a283a19c9f
commit c7a08f3b77
20 changed files with 188 additions and 13 deletions
--- a/zproject/backends.py
+++ b/zproject/backends.py
@@ -930,7 +930,9 @@ class ZulipLDAPAuthBackendBase(ZulipAuthMixin, LDAPBackend):
        full_name = self.get_mapped_name(ldap_user)
        if full_name != user_profile.full_name:
            try:
-                full_name = check_full_name(full_name)
+                full_name = check_full_name(
+                    full_name_raw=full_name, user_profile=user_profile, realm=user_profile.realm
+                )
            except JsonableError as e:
                raise ZulipLDAPError(e.msg)
            do_change_full_name(user_profile, full_name, None)
@@ -1148,7 +1150,9 @@ class ZulipLDAPAuthBackend(ZulipLDAPAuthBackendBase):
        # We have valid LDAP credentials; time to create an account.
        full_name = self.get_mapped_name(ldap_user)
        try:
-            full_name = check_full_name(full_name)
+            full_name = check_full_name(
+                full_name_raw=full_name, user_profile=None, realm=self._realm
+            )
        except JsonableError as e:
            raise ZulipLDAPError(e.msg)