Cardholder Name Validation (#107)

* Stub out solution for disallowing sensitive information in the cardholder name field.

* Stub out tests for disallowing sensitive information.

* Add regex to check for cardholder name data validity.

* Update CHANGELOG.

* Update CardForm/src/test/java/com/braintreepayments/cardform/view/CardholderNameEditTextTest.java

Co-authored-by: Sarah Koop <skoop@paypal.com>

Co-authored-by: Steven <sshropshire@paypal.com>
Co-authored-by: Sarah Koop <skoop@paypal.com>

CHANGELOG.md

@@ -1,5 +1,8 @@
 # Android Card Form Release Notes
 
+## unreleased
+  * Validate Cardholder Name field to prevent sensitive data from being input
+
 ## 5.1.0
   * Bump `compileSdkVersion` and `targetSdkVersion` to API level 30
   * Add support for Maestro cards beginning in 5043

CardForm/src/main/java/com/braintreepayments/cardform/view/CardholderNameEditText.java

@@ -1,18 +1,23 @@
 package com.braintreepayments.cardform.view;
 
 import android.content.Context;
+import android.text.Editable;
 import android.text.InputFilter;
 import android.text.InputFilter.LengthFilter;
 import android.text.InputType;
 import android.util.AttributeSet;
 
 import com.braintreepayments.cardform.R;
 
+import java.util.regex.Pattern;
+
 /**
  * Input for cardholder name. Validated for presence only.
  */
 public class CardholderNameEditText extends ErrorEditText {
 
+    private static final Pattern sensitiveDataRegex = Pattern.compile("^[\\d\\s-]+$");
+
     public CardholderNameEditText(Context context) {
         super(context);
         init();
@@ -36,7 +41,24 @@ private void init() {
 
     @Override
     public boolean isValid() {
-        return isOptional() || !getText().toString().trim().isEmpty();
+        if (isOptional()) {
+            return hasValidCardholderNameText();
+        } else {
+            return !isTextEmpty() && hasValidCardholderNameText();
+        }
+    }
+
+    private boolean isTextEmpty() {
+        return getText().toString().trim().isEmpty();
+    }
+
+    private boolean hasValidCardholderNameText() {
+        Editable text = getText();
+        if (text != null) {
+            return !sensitiveDataRegex.matcher(text).matches();
+        }
+        // empty text does not contain sensitive data
+        return true;
     }
 
     @Override

CardForm/src/test/java/com/braintreepayments/cardform/view/CardholderNameEditTextTest.java

@@ -28,23 +28,46 @@ public void setup() {
     }
 
     @Test
-    public void invalidIfEmpty() {
+    public void isValid_isRequiredByDefault() {
+        assertFalse(mView.isOptional());
+    }
+
+    @Test
+    public void isValid_whenIsRequiredAndTextIsEmpty_returnsFalse() {
         assertFalse(mView.isValid());
     }
 
     @Test
-    public void validIfNotEmpty() {
+    public void isValid_whenIsRequiredAndTextIsNotEmpty_returnsTrue() {
         mView.setText("John Doe");
         assertTrue(mView.isValid());
     }
 
     @Test
-    public void validIfEmptyAndOptional() {
+    public void isValid_whenIsOptionalAndTextIsEmpty_returnsTrue() {
         mView.setOptional(true);
+        assertTrue(mView.isValid());
+    }
 
+    @Test
+    public void isValid_whenIsRequiredAndIsAlphanumericWithSpaces_returnsTrue() {
+        mView.setText("Jane Doe 123");
         assertTrue(mView.isValid());
     }
 
+    @Test
+    public void isValid_whenIsRequiredAndIsOnlyNumericWithHyphensAndSpaces_returnsFalse() {
+        mView.setText("4111-111-1111 1111");
+        assertFalse(mView.isValid());
+    }
+
+    @Test
+    public void isValid_whenIsOptionalAndIsOnlyNumericWithHyphensAndSpaces_returnsFalse() {
+        mView.setOptional(true);
+        mView.setText("4111-111-1111 1111");
+        assertFalse(mView.isValid());
+    }
+
     @Test
     public void hasMaxAllowedLength() {
         int maxLength = 255;