From 64073185adcb3eec40eda05e11f9bf47f646bf9d Mon Sep 17 00:00:00 2001
From: Robert Speicher <rspeicher@gmail.com>
Date: Fri, 11 Aug 2017 13:27:38 -0400
Subject: [PATCH] Remove `username` from `User#sanitize_attrs` callback

This attribute is since validated against `DynamicPathValidator`, which
has strict requirements for the characters allowed, and should no longer
need to be sanitized in a callback before saving.

This has additional benefits in our test suite, where every creation of
a `User` record was calling `Sanitize.clean` on a username value that
was always clean, since we're the ones generating it.
---
 app/models/user.rb | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/app/models/user.rb b/app/models/user.rb
index 7935b89662b..42a1ac40c6c 100644
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -726,9 +726,9 @@ class User < ActiveRecord::Base
   end
 
   def sanitize_attrs
-    %w[username skype linkedin twitter].each do |attr|
-      value = public_send(attr) # rubocop:disable GitlabSecurity/PublicSend
-      public_send("#{attr}=", Sanitize.clean(value)) if value.present? # rubocop:disable GitlabSecurity/PublicSend
+    %i[skype linkedin twitter].each do |attr|
+      value = self[attr]
+      self[attr] = Sanitize.clean(value) if value.present?
     end
   end