From 9e031b57665c0e1d86edb925046d913898997c76 Mon Sep 17 00:00:00 2001
From: mr-miles <miles.waller@gmail.com>
Date: Thu, 24 Jun 2021 18:26:31 +0100
Subject: [PATCH] Mongo doesnt allow periods in usernames (#11872)

* mongo doesnt allow periods in usernames

* Update mongodb.mdx

Update template in docs

* Move replace to the end

* Adding a test for dot replacement

* Create 11872.txt
---
 changelog/11872.txt                             |  3 +++
 plugins/database/mongodb/mongodb.go             |  2 +-
 plugins/database/mongodb/mongodb_test.go        | 17 +++++++++++++++++
 .../api-docs/secret/databases/mongodb.mdx       |  2 +-
 4 files changed, 22 insertions(+), 2 deletions(-)
 create mode 100644 changelog/11872.txt

diff --git a/changelog/11872.txt b/changelog/11872.txt
new file mode 100644
index 000000000..a573559ae
--- /dev/null
+++ b/changelog/11872.txt
@@ -0,0 +1,3 @@
+```release-note:bug
+mongo-db: default username template now strips invalid '.' characters
+```
diff --git a/plugins/database/mongodb/mongodb.go b/plugins/database/mongodb/mongodb.go
index 884f17dbe..a28625b5f 100644
--- a/plugins/database/mongodb/mongodb.go
+++ b/plugins/database/mongodb/mongodb.go
@@ -21,7 +21,7 @@ import (
 const (
 	mongoDBTypeName = "mongodb"
 
-	defaultUserNameTemplate = `{{ printf "v-%s-%s-%s-%s" (.DisplayName | truncate 15) (.RoleName | truncate 15) (random 20) (unix_time) | truncate 100 }}`
+	defaultUserNameTemplate = `{{ printf "v-%s-%s-%s-%s" (.DisplayName | truncate 15) (.RoleName | truncate 15) (random 20) (unix_time) | replace "." "-" | truncate 100 }}`
 )
 
 // MongoDB is an implementation of Database interface
diff --git a/plugins/database/mongodb/mongodb_test.go b/plugins/database/mongodb/mongodb_test.go
index 832b0ce1f..250f3083b 100644
--- a/plugins/database/mongodb/mongodb_test.go
+++ b/plugins/database/mongodb/mongodb_test.go
@@ -82,6 +82,23 @@ func TestNewUser_usernameTemplate(t *testing.T) {
 
 			expectedUsernameRegex: "^v-token-testrolenamewit-[a-zA-Z0-9]{20}-[0-9]{10}$",
 		},
+		"default username template with invalid chars": {
+			usernameTemplate: "",
+
+			newUserReq: dbplugin.NewUserRequest{
+				UsernameConfig: dbplugin.UsernameMetadata{
+					DisplayName: "a.bad.account",
+					RoleName:    "a.bad.role",
+				},
+				Statements: dbplugin.Statements{
+					Commands: []string{mongoAdminRole},
+				},
+				Password:   "98yq3thgnakjsfhjkl",
+				Expiration: time.Now().Add(time.Minute),
+			},
+
+			expectedUsernameRegex: "^v-a-bad-account-a-bad-role-[a-zA-Z0-9]{20}-[0-9]{10}$",
+		},
 		"custom username template": {
 			usernameTemplate: "{{random 2 | uppercase}}_{{unix_time}}_{{.RoleName | uppercase}}_{{.DisplayName | uppercase}}",
 
diff --git a/website/content/api-docs/secret/databases/mongodb.mdx b/website/content/api-docs/secret/databases/mongodb.mdx
index ed6fed843..2985608ff 100644
--- a/website/content/api-docs/secret/databases/mongodb.mdx
+++ b/website/content/api-docs/secret/databases/mongodb.mdx
@@ -52,7 +52,7 @@ has a number of parameters to further configure a connection.
 <summary><b>Default Username Template</b></summary>
 
 ```
-{{ printf "v-%s-%s-%s-%s" (.DisplayName | truncate 15) (.RoleName | truncate 15) (random 20) (unix_time) | truncate 100 }}
+{{ printf "v-%s-%s-%s-%s" (.DisplayName | truncate 15) (.RoleName | truncate 15) (random 20) (unix_time) | replace "." "-"  | truncate 100 }}
 ```
 
 <details>