Make getting a user by the username case insensitive

7 files changed, 48 insertions, 24 deletions

diff --git a/app/controllers/autocomplete_controller.rb b/app/controllers/autocomplete_controller.rb
index 3766b64a091..0d5c8657c9e 100644
--- a/app/controllers/autocomplete_controller.rb
+++ b/app/controllers/autocomplete_controller.rb
@@ -20,7 +20,7 @@ class AutocompleteController < ApplicationController
   end
 
   def user
-    user = UserFinder.new(params).execute!
+    user = UserFinder.new(params[:id]).find_by_id!
 
     render json: UserSerializer.new.represent(user)
   end
diff --git a/app/controllers/profiles/keys_controller.rb b/app/controllers/profiles/keys_controller.rb
index 01801c31327..3c3dc03a4ee 100644
--- a/app/controllers/profiles/keys_controller.rb
+++ b/app/controllers/profiles/keys_controller.rb
@@ -38,7 +38,7 @@ class Profiles::KeysController < Profiles::ApplicationController
   def get_keys
     if params[:username].present?
       begin
-        user = User.find_by_username(params[:username])
+        user = UserFinder.new(params[:username]).find_by_username
         if user.present?
           render text: user.all_ssh_keys.join("\n"), content_type: "text/plain"
         else
diff --git a/app/controllers/snippets_controller.rb b/app/controllers/snippets_controller.rb
index 694c3a59e2b..dd9bf17cf0c 100644
--- a/app/controllers/snippets_controller.rb
+++ b/app/controllers/snippets_controller.rb
@@ -26,12 +26,9 @@ class SnippetsController < ApplicationController
   layout 'snippets'
   respond_to :html
 
-  # rubocop: disable CodeReuse/ActiveRecord
   def index
     if params[:username].present?
-      @user = User.find_by(username: params[:username])
-
-      return render_404 unless @user
+      @user = UserFinder.new(params[:username]).find_by_username!
 
       @snippets = SnippetsFinder.new(current_user, author: @user, scope: params[:scope])
         .execute.page(params[:page])
@@ -41,7 +38,6 @@ class SnippetsController < ApplicationController
       redirect_to(current_user ? dashboard_snippets_path : explore_snippets_path)
     end
   end
-  # rubocop: enable CodeReuse/ActiveRecord
 
   def new
     @snippet = PersonalSnippet.new
diff --git a/app/finders/issuable_finder.rb b/app/finders/issuable_finder.rb
index 1f98ecf95ca..8abfe0c4c17 100644
--- a/app/finders/issuable_finder.rb
+++ b/app/finders/issuable_finder.rb
@@ -256,7 +256,7 @@ class IssuableFinder
       if assignee_id?
         User.find_by(id: params[:assignee_id])
       elsif assignee_username?
-        User.find_by(username: params[:assignee_username])
+        User.find_by_username(params[:assignee_username])
       else
         nil
       end
@@ -284,7 +284,7 @@ class IssuableFinder
       if author_id?
         User.find_by(id: params[:author_id])
       elsif author_username?
-        User.find_by(username: params[:author_username])
+        User.find_by_username(params[:author_username])
       else
         nil
       end
diff --git a/app/finders/user_finder.rb b/app/finders/user_finder.rb
index 815388c894e..556be4c4338 100644
--- a/app/finders/user_finder.rb
+++ b/app/finders/user_finder.rb
@@ -7,22 +7,52 @@
 # times we may want to exclude blocked user. By using this finder (and extending
 # it whenever necessary) we can keep this logic in one place.
 class UserFinder
-  attr_reader :params
+  def initialize(username_or_id)
+    @username_or_id = username_or_id
+  end
+
+  # Tries to find a User by id, returning nil if none could be found.
+  def find_by_id
+    User.find_by_id(@username_or_id)
+  end
 
-  def initialize(params)
-    @params = params
+  # Tries to find a User by id, raising a `ActiveRecord::RecordNotFound` if it could
+  # not be found.
+  def find_by_id!
+    User.find(@username_or_id)
   end
 
-  # Tries to find a User, returning nil if none could be found.
-  # rubocop: disable CodeReuse/ActiveRecord
-  def execute
-    User.find_by(id: params[:id])
+  # Tries to find a User by username, returning nil if none could be found.
+  def find_by_username
+    User.find_by_username(@username_or_id)
   end
-  # rubocop: enable CodeReuse/ActiveRecord
 
-  # Tries to find a User, raising a `ActiveRecord::RecordNotFound` if it could
+  # Tries to find a User by username, raising a `ActiveRecord::RecordNotFound` if it could
   # not be found.
-  def execute!
-    User.find(params[:id])
+  def find_by_username!
+    User.find_by_username!(@username_or_id)
+  end
+
+  # Tries to find a User by username or id, returning nil if none could be found.
+  def find_by_id_or_username
+    if input_is_id?
+      find_by_id
+    else
+      find_by_username
+    end
+  end
+
+  # Tries to find a User by username or id, raising a `ActiveRecord::RecordNotFound` if it could
+  # not be found.
+  def find_by_id_or_username!
+    if input_is_id?
+      find_by_id!
+    else
+      find_by_username!
+    end
+  end
+
+  def input_is_id?
+    @username_or_id.is_a?(Numeric) || @username_or_id =~ /^\d+$/
   end
 end
diff --git a/app/finders/users_finder.rb b/app/finders/users_finder.rb
index f2ad9b4bda5..81ae50c0bd1 100644
--- a/app/finders/users_finder.rb
+++ b/app/finders/users_finder.rb
@@ -43,13 +43,11 @@ class UsersFinder
 
   private
 
-  # rubocop: disable CodeReuse/ActiveRecord
   def by_username(users)
     return users unless params[:username]
 
-    users.where(username: params[:username])
+    users.by_username(params[:username])
   end
-  # rubocop: enable CodeReuse/ActiveRecord
 
   def by_search(users)
     return users unless params[:search].present?
diff --git a/app/models/user.rb b/app/models/user.rb
index a0665518cf5..34efb22b359 100644
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -264,7 +264,7 @@ class User < ActiveRecord::Base
   scope :order_recent_sign_in, -> { reorder(Gitlab::Database.nulls_last_order('current_sign_in_at', 'DESC')) }
   scope :order_oldest_sign_in, -> { reorder(Gitlab::Database.nulls_last_order('current_sign_in_at', 'ASC')) }
   scope :confirmed, -> { where.not(confirmed_at: nil) }
-  scope :by_username, -> (usernames) { iwhere(username: usernames) }
+  scope :by_username, -> (usernames) { iwhere(username: Array(usernames).map(&:to_s)) }
   scope :for_todos, -> (todos) { where(id: todos.select(:user_id)) }
 
   # Limits the users to those that have TODOs, optionally in the given state.