From: Shaun McDonald Date: Thu, 23 Apr 2009 19:20:08 +0000 (+0000) Subject: Hack a way to make the email and display name case insensitive for logging in, based... X-Git-Tag: live~7496 X-Git-Url: https://git.openstreetmap.org/rails.git/commitdiff_plain/f1a0331081794ce17fd93fd2f06d89e6d6df8cba?ds=sidebyside Hack a way to make the email and display name case insensitive for logging in, based on a suggestion by firefishy to use ILIKE. Changes requested from users on mailing list. Includes some tests to check the case insensitivity of the username, and and e-mail address on login. --- diff --git a/app/models/user.rb b/app/models/user.rb index 4113662aa..5a277c9b4 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -42,7 +42,13 @@ class User < ActiveRecord::Base def self.authenticate(options) if options[:username] and options[:password] - user = find(:first, :conditions => ["email = ? OR display_name = ?", options[:username], options[:username]]) + environment = Rails.configuration.environment + adapter = Rails.configuration.database_configuration[environment]["adapter"] + if adapter == "postgresql" + user = find(:first, :conditions => ["email ILIKE ? OR display_name ILIKE ?", options[:username], options[:username]]) + else + user = find(:first, :conditions => ["email = ? OR display_name = ?", options[:username], options[:username]]) + end user = nil if user and user.pass_crypt != OSM::encrypt_password(options[:password], user.pass_salt) elsif options[:token] token = UserToken.find(:first, :include => :user, :conditions => ["user_tokens.token = ?", options[:token]]) diff --git a/test/fixtures/users.yml b/test/fixtures/users.yml index 46f8885d9..873940761 100644 --- a/test/fixtures/users.yml +++ b/test/fixtures/users.yml @@ -1,7 +1,9 @@ # Read about fixtures at http://ar.rubyonrails.org/classes/Fixtures.html +# The normal user's email is intentionally capitalised that way to +# check that the login is case insensitive normal_user: id: 1 - email: test@openstreetmap.org + email: test@OpenStreetMap.org active: true pass_crypt: <%= Digest::MD5.hexdigest('test') %> creation_time: "2007-01-01 00:00:00" diff --git a/test/functional/user_controller_test.rb b/test/functional/user_controller_test.rb index d68f1f883..e9744e7bf 100644 --- a/test/functional/user_controller_test.rb +++ b/test/functional/user_controller_test.rb @@ -7,6 +7,7 @@ class UserControllerTest < ActionController::TestCase def test_user_create get :new assert_response :success + assert_template 'new' assert_select "html:root", :count => 1 do assert_select "head", :count => 1 do @@ -41,8 +42,45 @@ class UserControllerTest < ActionController::TestCase get :api_details assert_response :unauthorized - basic_authorization(users(:normal_user).email, "test") + # Private users can login and get the api details + usr = users(:normal_user) + basic_authorization(usr.email, "test") get :api_details assert_response :success + # Now check the content of the XML returned + print @response.body + assert_select "osm:root[version=#{API_VERSION}][generator='#{GENERATOR}']", :count => 1 do + assert_select "user[display_name='#{usr.display_name}'][account_created='#{usr.creation_time.xmlschema}']", :count => 1 do + assert_select "home[lat='#{usr.home_lat}'][lon='#{usr.home_lon}'][zoom='#{usr.home_zoom}']", :count => 1 + end + end + + end + + # Check that we can login through the web using the mixed case fixture, + # lower case and upper case + def test_user_login_web_case + login_web_case_ok users(:normal_user).email, "test" + login_web_case_ok users(:normal_user).email.upcase, "test" + login_web_case_ok users(:normal_user).email.downcase, "test" + end + + def login_web_case_ok(userstring, password) + post :login, :user => {:email => userstring, :password => password} + assert_redirected_to :controller => 'site', :action => 'index' + end + + # Check that we can login to the api, and get the user details + # using the mixed case fixture, lower case and upper case + def test_user_login_api_case + login_api_case_ok users(:normal_user).email, "test" + login_api_case_ok users(:normal_user).email.upcase, "test" + login_api_case_ok users(:normal_user).email.downcase, "test" + end + + def login_api_case_ok(userstring, password) + basic_authorization(userstring, password) + get :api_details + assert :success end end