Paradaux
IssuesPAR-53DoneOpen ↗
0

Prevent '&' from being in firm names in the business project

Prevent the & character in firm names to avoid formatting/parsing issues.

Technical notesbusiness-rian/…/utils/NameValidator.FIRM_NAME = [A-Za-z0-9 _.\-&]{2,32} explicitly whitelists & (also ACCOUNT_NAME); FirmServiceImpl.createFirm is the reject point. In practice Hibernia's StringUtils.sanitize already strips & from @Arg strings, so it's mostly filtered before then — but the validator still permits it. Drop & from both regexes (+ update NameValidatorTest). Shares the chokepoint with PAR-19 (and any future renameFirm, PAR-11).

Comments

tesks · Jun 4, 2026, 9:56 AM

Code contextbusiness-rian/…/utils/NameValidator.FIRM_NAME = [A-Za-z0-9 _.\-&]{2,32} explicitly whitelists & (and ACCOUNT_NAME too); FirmServiceImpl.createFirm is the reject point. In practice Hibernia's StringUtils.sanitize already strips & from @Arg strings, so it's mostly filtered before it gets there — but the validator still permits it.

Fix: drop & from the FIRM_NAME/ACCOUNT_NAME regexes (+ update NameValidatorTest). Shares the single validation chokepoint with PAR-19, and any future renameFirm (PAR-11) must route through it too.

Activity

  • ParadauxIO linked a commit — Commit 7d7f8ed — Add staff/DOC firm administration commands (PAR-11)Jun 7, 2026, 2:49 PM
  • ParadauxIO linked a commit — Commit 9538158 — Reject '&' in firm + account names (PAR-53)Jun 7, 2026, 2:49 PM
  • ParadauxIO changed status to Status → DoneJun 7, 2026, 2:49 PM
  • ParadauxIO linked a pull request — PR #6 merged — Release: develop → mainJun 7, 2026, 2:49 PM
  • ParadauxIO linked a pull request — PR #6 open — Release: develop → mainJun 7, 2026, 12:36 AM
  • ParadauxIO linked a pull request — PR #6 open — Release: develop → mainJun 6, 2026, 11:49 PM
  • ParadauxIO linked a pull request — PR #6 open — Release: develop → mainJun 6, 2026, 12:44 PM
  • ParadauxIO linked a pull request — PR #6 open — Release: develop → mainJun 6, 2026, 11:17 AM
  • ParadauxIO linked a pull request — PR #6 open — Release: develop → mainJun 6, 2026, 11:11 AM
  • ParadauxIO linked a pull request — PR #6 open — Release: develop → mainJun 5, 2026, 12:35 PM
  • ParadauxIO linked a commit — Commit 7d7f8ed — Add staff/DOC firm administration commands (PAR-11)Jun 5, 2026, 7:38 AM
  • tesks changed status to Status → Pending ReleaseJun 5, 2026, 6:34 AM
  • ParadauxIO linked a pull request — PR #7 merged — Reject '&' in firm + account names (PAR-53)Jun 5, 2026, 6:32 AM
  • ParadauxIO linked a commit — Commit 9538158 — Reject '&' in firm + account names (PAR-53)Jun 5, 2026, 6:32 AM
  • ParadauxIO linked a pull request — PR #7 open — Reject '&' in firm + account names (PAR-53)Jun 5, 2026, 6:15 AM
  • ParadauxIO linked a commit — Commit 9538158 — Reject '&' in firm + account names (PAR-53)Jun 5, 2026, 6:15 AM
  • tesks changed status to Status → In ProgressJun 5, 2026, 6:13 AM
  • tesks changed status to Status → BacklogJun 4, 2026, 8:54 PM
  • tesks updated labels (Labels updated)Jun 4, 2026, 8:54 PM
  • tesks description: Description updatedJun 4, 2026, 10:00 AM
  • tesks commentedJun 4, 2026, 9:56 AM
  • tesks assigned Assigned to rianJun 4, 2026, 9:37 AM