[WIP] fix(api): filter username input on ldap query

[evrardjp-cagip]

Without this, it is possible to do an ldap query injection. This is a problem as it is a possible vulnerability issue. However, it is very unlikely to arrive to real case exploitation, as the input is admin given.

This fixes it by ensuring filtering with a regexp and adding the appropriate tests (here done with fuzzing).