Mercurial > kallithea
changeset 5686:b3a51c3987be
db: always match user emails case insensitively
This commit removes case-sensitive email matching.
It also adds a couple of tests which fail, to demonstrate a defect in the
current implementation (using ILIKE matching instead of case-insensitive
equality comparison).
author | Andrew Shadura <andrew@shadura.me> |
---|---|
date | Sat, 30 Jan 2016 12:15:23 +0100 |
parents | 951158ff4378 |
children | 69e738523107 |
files | kallithea/controllers/api/api.py kallithea/lib/helpers.py kallithea/model/db.py kallithea/model/validators.py kallithea/tests/models/test_users.py |
diffstat | 5 files changed, 18 insertions(+), 14 deletions(-) [+] |
line wrap: on
line diff
--- a/kallithea/controllers/api/api.py Mon Feb 01 22:18:59 2016 +0100 +++ b/kallithea/controllers/api/api.py Sat Jan 30 12:15:23 2016 +0100 @@ -674,7 +674,7 @@ if User.get_by_username(username): raise JSONRPCError("user `%s` already exist" % (username,)) - if User.get_by_email(email, case_insensitive=True): + if User.get_by_email(email): raise JSONRPCError("email `%s` already exist" % (email,)) if Optional.extract(extern_name):
--- a/kallithea/lib/helpers.py Mon Feb 01 22:18:59 2016 +0100 +++ b/kallithea/lib/helpers.py Sat Jan 30 12:15:23 2016 +0100 @@ -480,7 +480,7 @@ def user_or_none(author): email = author_email(author) if email: - user = User.get_by_email(email, case_insensitive=True, cache=True) + user = User.get_by_email(email, cache=True) if user is not None: return user return None
--- a/kallithea/model/db.py Mon Feb 01 22:18:59 2016 +0100 +++ b/kallithea/model/db.py Sat Jan 30 12:15:23 2016 +0100 @@ -591,11 +591,8 @@ return res @classmethod - def get_by_email(cls, email, case_insensitive=False, cache=False): - if case_insensitive: - q = cls.query().filter(cls.email.ilike(email)) - else: - q = cls.query().filter(cls.email == email) + def get_by_email(cls, email, cache=False): + q = cls.query().filter(cls.email.ilike(email)) if cache: q = q.options(FromCache("sql_cache_short", @@ -605,10 +602,7 @@ if ret is None: q = UserEmailMap.query() # try fetching in alternate email map - if case_insensitive: - q = q.filter(UserEmailMap.email.ilike(email)) - else: - q = q.filter(UserEmailMap.email == email) + q = q.filter(UserEmailMap.email.ilike(email)) q = q.options(joinedload(UserEmailMap.user)) if cache: q = q.options(FromCache("sql_cache_short", @@ -628,7 +622,7 @@ # Valid email in the attribute passed, see if they're in the system _email = email(author) if _email: - user = cls.get_by_email(_email, case_insensitive=True) + user = cls.get_by_email(_email) if user is not None: return user # Maybe we can match by username?
--- a/kallithea/model/validators.py Mon Feb 01 22:18:59 2016 +0100 +++ b/kallithea/model/validators.py Sat Jan 30 12:15:23 2016 +0100 @@ -719,7 +719,7 @@ def validate_python(self, value, state): if (old_data.get('email') or '').lower() != value: - user = User.get_by_email(value, case_insensitive=True) + user = User.get_by_email(value) if user is not None: msg = M(self, 'email_taken', state) raise formencode.Invalid(msg, value, state, @@ -738,7 +738,7 @@ return value.lower() def validate_python(self, value, state): - user = User.get_by_email(value, case_insensitive=True) + user = User.get_by_email(value) if user is None: msg = M(self, 'non_existing_email', state, email=value) raise formencode.Invalid(msg, value, state,
--- a/kallithea/tests/models/test_users.py Mon Feb 01 22:18:59 2016 +0100 +++ b/kallithea/tests/models/test_users.py Sat Jan 30 12:15:23 2016 +0100 @@ -72,6 +72,10 @@ Session().add(m) Session().commit() + u = User.get_by_email(email='MAIN_email@example.com') + self.assertEqual(usr.user_id, u.user_id) + self.assertEqual(usr.username, u.username) + u = User.get_by_email(email='main_email@example.com') self.assertEqual(usr.user_id, u.user_id) self.assertEqual(usr.username, u.username) @@ -82,6 +86,12 @@ u = User.get_by_email(email='main_email3@example.com') self.assertEqual(None, u) + u = User.get_by_email(email='main_e%ail@example.com') + self.assertEqual(None, u) + u = User.get_by_email(email='main_emai_@example.com') + self.assertEqual(None, u) + + UserModel().delete(usr.user_id) Session().commit()