From b1c7a012c5d6a46726ddedb484fcce934bbbfcaa Mon Sep 17 00:00:00 2001
From: Gani Georgiev <gani.georgiev@gmail.com>
Date: Tue, 8 Nov 2022 12:55:18 +0200
Subject: [PATCH] [#961] updated min username length and added tests

---
 forms/record_upsert.go      |  2 +-
 forms/record_upsert_test.go | 35 +++++++++++++++++++++++++++++++++++
 2 files changed, 36 insertions(+), 1 deletion(-)

diff --git a/forms/record_upsert.go b/forms/record_upsert.go
index 690db513..4c95f659 100644
--- a/forms/record_upsert.go
+++ b/forms/record_upsert.go
@@ -397,7 +397,7 @@ func (form *RecordUpsert) Validate() error {
 				&form.Username,
 				// require only on update, because on create we fallback to auto generated username
 				validation.When(!form.record.IsNew(), validation.Required),
-				validation.Length(4, 100),
+				validation.Length(3, 100),
 				validation.Match(usernameRegex),
 				validation.By(form.checkUniqueUsername),
 			),
diff --git a/forms/record_upsert_test.go b/forms/record_upsert_test.go
index 9809132d..834813a7 100644
--- a/forms/record_upsert_test.go
+++ b/forms/record_upsert_test.go
@@ -694,6 +694,41 @@ func TestRecordUpsertAuthRecord(t *testing.T) {
 			false,
 		},
 
+		// username
+		{
+			"invalid username characters",
+			"",
+			map[string]any{
+				"username":        "test abc!@#",
+				"password":        "12345678",
+				"passwordConfirm": "12345678",
+			},
+			false,
+			true,
+		},
+		{
+			"invalid username length (less than 3)",
+			"",
+			map[string]any{
+				"username":        "ab",
+				"password":        "12345678",
+				"passwordConfirm": "12345678",
+			},
+			false,
+			true,
+		},
+		{
+			"invalid username length (more than 100)",
+			"",
+			map[string]any{
+				"username":        strings.Repeat("a", 101),
+				"password":        "12345678",
+				"passwordConfirm": "12345678",
+			},
+			false,
+			true,
+		},
+
 		// verified
 		{
 			"try to set verified without managed access",