From 738e4b90b40843e222672ee12b617fd8d7329b04 Mon Sep 17 00:00:00 2001
From: Holger Frey <mail@holgerfrey.de>
Date: Thu, 28 Sep 2017 11:37:13 +0200
Subject: [PATCH] added check for unique username in registration

---
 ordr2/schemas/account.py |  7 +++++--
 ordr2/schemas/helpers.py | 12 ++++++++++++
 ordr2/views/account.py   |  2 --
 3 files changed, 17 insertions(+), 4 deletions(-)

diff --git a/ordr2/schemas/account.py b/ordr2/schemas/account.py
index 10b97a7..d03c80a 100644
--- a/ordr2/schemas/account.py
+++ b/ordr2/schemas/account.py
@@ -2,7 +2,10 @@ import colander
 import deform
 
 from . import CSRFSchema
-from .helpers import deferred_unique_email_validator
+from .helpers import (
+    deferred_unique_email_validator,
+    deferred_unique_username_validator
+    )
 
 
 # schema for user registration
@@ -14,7 +17,7 @@ class RegistrationSchema(CSRFSchema):
         colander.String(),
         widget=deform.widget.TextInputWidget(),
         description='automagically generated for you',
-        missing=''
+        validator = deferred_unique_username_validator
         )
     first_name = colander.SchemaNode(
         colander.String()
diff --git a/ordr2/schemas/helpers.py b/ordr2/schemas/helpers.py
index 05887d0..af76bb0 100644
--- a/ordr2/schemas/helpers.py
+++ b/ordr2/schemas/helpers.py
@@ -23,6 +23,18 @@ def deferred_csrf_validator(node, kw):
     return validate_csrf
 
 
+@colander.deferred
+def deferred_unique_username_validator(node, kw):
+    ''' checks if an username is not registered already '''
+
+    def validate_unique_username(node, value):
+        request = kw.get('request')
+        user = request.dbsession.query(User).filter_by(user_name=value).first()
+        if user is not None:
+            raise colander.Invalid(node, 'User name already registered')
+    return validate_unique_username
+
+
 @colander.deferred
 def deferred_unique_email_validator(node, kw):
     ''' checks if an email is not registered already '''
diff --git a/ordr2/views/account.py b/ordr2/views/account.py
index e989e84..6d8e29c 100644
--- a/ordr2/views/account.py
+++ b/ordr2/views/account.py
@@ -134,8 +134,6 @@ def registration_form_processing(context, request):
             'You should really consider using a longer password.',
             dismissable=False
             )
-
-
     return HTTPFound(request.resource_path(context, 'registered'))