kallithea Changeset - b3a51c3987be

Changeset - b3a51c3987be

Parent rev.

Child rev.

[Not reviewed]

default

0 5 0

Andrew Shadura - 10 years ago 2016-01-30 12:15:23
andrew@shadura.me

db: always match user emails case insensitively

This commit removes case-sensitive email matching.
It also adds a couple of tests which fail, to demonstrate a defect in the
current implementation (using ILIKE matching instead of case-insensitive
equality comparison).

5 files changed with 18 insertions and 14 deletions:

kallithea/controllers/api/api.py

kallithea/lib/helpers.py

kallithea/model/db.py

kallithea/model/validators.py

kallithea/tests/models/test_users.py

0 comments (0 inline, 0 general)

kallithea/controllers/api/api.py

➞

Show inline comments

@@ @@ -674,7 +674,7 @@ class ApiController(JSONRPCController): @@
         if User.get_by_username(username):
             raise JSONRPCError("user `%s` already exist" % (username,))
-        if User.get_by_email(email, case_insensitive=True):
         if User.get_by_email(email):
             raise JSONRPCError("email `%s` already exist" % (email,))
         if Optional.extract(extern_name):

kallithea/lib/helpers.py

➞

Show inline comments

@@ @@ -480,7 +480,7 @@ def is_hg(repository): @@
 def user_or_none(author):
     email = author_email(author)
     if email:
-        user = User.get_by_email(email, case_insensitive=True, cache=True)
         user = User.get_by_email(email, cache=True)
         if user is not None:
             return user
     return None

kallithea/model/db.py

➞

Show inline comments

@@ @@ -591,11 +591,8 @@ class User(Base, BaseModel): @@
         return res
     @classmethod
     def get_by_email(cls, email, case_insensitive=False, cache=False):
         if case_insensitive:
             q = cls.query().filter(cls.email.ilike(email))
         else:
             q = cls.query().filter(cls.email == email)
     def get_by_email(cls, email, cache=False):
         q = cls.query().filter(cls.email.ilike(email))
         if cache:
             q = q.options(FromCache("sql_cache_short",
@@ @@ -605,10 +602,7 @@ class User(Base, BaseModel): @@
         if ret is None:
             q = UserEmailMap.query()
             # try fetching in alternate email map
             if case_insensitive:
                 q = q.filter(UserEmailMap.email.ilike(email))
             else:
                 q = q.filter(UserEmailMap.email == email)
             q = q.filter(UserEmailMap.email.ilike(email))
             q = q.options(joinedload(UserEmailMap.user))
             if cache:
                 q = q.options(FromCache("sql_cache_short",
@@ @@ -628,7 +622,7 @@ class User(Base, BaseModel): @@
         # Valid email in the attribute passed, see if they're in the system
         _email = email(author)
         if _email:
-            user = cls.get_by_email(_email, case_insensitive=True)
             user = cls.get_by_email(_email)
             if user is not None:
                 return user
         # Maybe we can match by username?

kallithea/model/validators.py

➞

Show inline comments

@@ @@ -719,7 +719,7 @@ def UniqSystemEmail(old_data=None): @@
         def validate_python(self, value, state):
             if (old_data.get('email') or '').lower() != value:
-                user = User.get_by_email(value, case_insensitive=True)
                 user = User.get_by_email(value)
                 if user is not None:
                     msg = M(self, 'email_taken', state)
                     raise formencode.Invalid(msg, value, state,
@@ @@ -738,7 +738,7 @@ def ValidSystemEmail(): @@
             return value.lower()
         def validate_python(self, value, state):
-            user = User.get_by_email(value, case_insensitive=True)
             user = User.get_by_email(value)
             if user is None:
                 msg = M(self, 'non_existing_email', state, email=value)
                 raise formencode.Invalid(msg, value, state,

kallithea/tests/models/test_users.py

➞

Show inline comments

@@ @@ -72,6 +72,10 @@ class TestUser(BaseTestCase): @@
         Session().add(m)
         Session().commit()
         u = User.get_by_email(email='MAIN_email@example.com')
         self.assertEqual(usr.user_id, u.user_id)
         self.assertEqual(usr.username, u.username)
         u = User.get_by_email(email='main_email@example.com')
         self.assertEqual(usr.user_id, u.user_id)
         self.assertEqual(usr.username, u.username)
@@ @@ -82,6 +86,12 @@ class TestUser(BaseTestCase): @@
         u = User.get_by_email(email='main_email3@example.com')
         self.assertEqual(None, u)
         u = User.get_by_email(email='main_e%ail@example.com')
         self.assertEqual(None, u)
         u = User.get_by_email(email='main_emai_@example.com')
         self.assertEqual(None, u)
         UserModel().delete(usr.user_id)
         Session().commit()

0 comments (0 inline, 0 general)