From a364d4260d357c10d45108da8f8ab55426c64fa2 Mon Sep 17 00:00:00 2001 From: Robert Speicher Date: Sat, 18 Jul 2015 17:54:56 -0400 Subject: Make username parameter for Users#show case-insensitive Closes #2012 --- app/controllers/users_controller.rb | 2 +- spec/controllers/users_controller_spec.rb | 35 ++++++++++++++++++++++--------- 2 files changed, 26 insertions(+), 11 deletions(-) diff --git a/app/controllers/users_controller.rb b/app/controllers/users_controller.rb index 2bb5c338cf6..a67325ae659 100644 --- a/app/controllers/users_controller.rb +++ b/app/controllers/users_controller.rb @@ -50,7 +50,7 @@ class UsersController < ApplicationController private def set_user - @user = User.find_by_username!(params[:username]) + @user = User.find_by!('lower(username) = ?', params[:username].downcase) unless current_user || @user.public_profile? return authenticate_user! diff --git a/spec/controllers/users_controller_spec.rb b/spec/controllers/users_controller_spec.rb index d47a37914df..9f89101d7f7 100644 --- a/spec/controllers/users_controller_spec.rb +++ b/spec/controllers/users_controller_spec.rb @@ -1,25 +1,38 @@ require 'spec_helper' describe UsersController do - let(:user) { create(:user, username: 'user1', name: 'User 1', email: 'user1@gitlab.com') } - - before do - sign_in(user) - end + let(:user) { create(:user) } describe 'GET #show' do - render_views + it 'is case-insensitive' do + user = create(:user, username: 'CamelCaseUser') + sign_in(user) + + get :show, username: user.username.downcase - it 'renders the show template' do - get :show, username: user.username - expect(response.status).to eq(200) - expect(response).to render_template('show') + expect(response).to be_success + end + + context 'with rendered views' do + render_views + + it 'renders the show template' do + sign_in(user) + + get :show, username: user.username + + expect(response).to be_success + expect(response).to render_template('show') + end end end describe 'GET #calendar' do it 'renders calendar' do + sign_in(user) + get :calendar, username: user.username + expect(response).to render_template('calendar') end end @@ -30,6 +43,8 @@ describe UsersController do before do allow_any_instance_of(User).to receive(:contributed_projects_ids).and_return([project.id]) + + sign_in(user) project.team << [user, :developer] end -- cgit v1.2.1 From 5ce6d18681ee7b74ba0c443672224dd580bd34b0 Mon Sep 17 00:00:00 2001 From: Robert Speicher Date: Thu, 23 Jul 2015 17:16:39 -0400 Subject: Add User.find_by_username! --- app/controllers/users_controller.rb | 2 +- app/models/user.rb | 4 ++++ spec/models/user_spec.rb | 12 ++++++++++++ 3 files changed, 17 insertions(+), 1 deletion(-) diff --git a/app/controllers/users_controller.rb b/app/controllers/users_controller.rb index a67325ae659..2bb5c338cf6 100644 --- a/app/controllers/users_controller.rb +++ b/app/controllers/users_controller.rb @@ -50,7 +50,7 @@ class UsersController < ApplicationController private def set_user - @user = User.find_by!('lower(username) = ?', params[:username].downcase) + @user = User.find_by_username!(params[:username]) unless current_user || @user.public_profile? return authenticate_user! diff --git a/app/models/user.rb b/app/models/user.rb index fb330ff7185..4a10520b209 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -274,6 +274,10 @@ class User < ActiveRecord::Base value: login.to_s.downcase).first end + def find_by_username!(username) + find_by!('lower(username) = ?', username.downcase) + end + def by_username_or_id(name_or_id) where('users.username = ? OR users.id = ?', name_or_id.to_s, name_or_id.to_i).first end diff --git a/spec/models/user_spec.rb b/spec/models/user_spec.rb index 16902317f10..76f16323e2f 100644 --- a/spec/models/user_spec.rb +++ b/spec/models/user_spec.rb @@ -442,6 +442,18 @@ describe User do end end + describe '.find_by_username!' do + it 'raises RecordNotFound' do + expect { described_class.find_by_username!('JohnDoe') }. + to raise_error(ActiveRecord::RecordNotFound) + end + + it 'is case-insensitive' do + user = create(:user, username: 'JohnDoe') + expect(described_class.find_by_username!('JOHNDOE')).to eq user + end + end + describe 'all_ssh_keys' do it { is_expected.to have_many(:keys).dependent(:destroy) } -- cgit v1.2.1