From 61a7390b666dc40beda291da426436a9d36f4288 Mon Sep 17 00:00:00 2001 From: abcang Date: Sat, 1 Feb 2020 23:42:24 +0900 Subject: [PATCH] Search account domain in lowercase (#13016) * Search account domain in lowercase * fix rubocop error * fix spec/models/account_spec.rb --- app/models/account.rb | 3 +- app/models/concerns/account_finder_concern.rb | 8 +-- app/validators/unique_username_validator.rb | 3 +- spec/models/account_spec.rb | 6 +-- .../unique_username_validator_spec.rb | 51 +++++++++++++++++-- 5 files changed, 55 insertions(+), 16 deletions(-) diff --git a/app/models/account.rb b/app/models/account.rb index da6f51a9c..0eb719d65 100644 --- a/app/models/account.rb +++ b/app/models/account.rb @@ -70,14 +70,13 @@ class Account < ApplicationRecord enum protocol: [:ostatus, :activitypub] validates :username, presence: true + validates_with UniqueUsernameValidator, if: -> { will_save_change_to_username? } # Remote user validations - validates :username, uniqueness: { scope: :domain, case_sensitive: true }, if: -> { !local? && will_save_change_to_username? } validates :username, format: { with: /\A#{USERNAME_RE}\z/i }, if: -> { !local? && will_save_change_to_username? } # Local user validations validates :username, format: { with: /\A[a-z0-9_]+\z/i }, length: { maximum: 30 }, if: -> { local? && will_save_change_to_username? && actor_type != 'Application' } - validates_with UniqueUsernameValidator, if: -> { local? && will_save_change_to_username? } validates_with UnreservedUsernameValidator, if: -> { local? && will_save_change_to_username? } validates :display_name, length: { maximum: 30 }, if: -> { local? && will_save_change_to_display_name? } validates :note, note_length: { maximum: 500 }, if: -> { local? && will_save_change_to_note? } diff --git a/app/models/concerns/account_finder_concern.rb b/app/models/concerns/account_finder_concern.rb index a54c2174d..04b2c981b 100644 --- a/app/models/concerns/account_finder_concern.rb +++ b/app/models/concerns/account_finder_concern.rb @@ -48,7 +48,7 @@ module AccountFinderConcern end def with_usernames - Account.where.not(username: '') + Account.where.not(Account.arel_table[:username].lower.eq '') end def matching_username @@ -56,11 +56,7 @@ module AccountFinderConcern end def matching_domain - if domain.nil? - Account.where(domain: nil) - else - Account.where(Account.arel_table[:domain].lower.eq domain.to_s.downcase) - end + Account.where(Account.arel_table[:domain].lower.eq(domain.nil? ? nil : domain.to_s.downcase)) end end end diff --git a/app/validators/unique_username_validator.rb b/app/validators/unique_username_validator.rb index 4e24e3f5f..f87eb06ba 100644 --- a/app/validators/unique_username_validator.rb +++ b/app/validators/unique_username_validator.rb @@ -7,8 +7,9 @@ class UniqueUsernameValidator < ActiveModel::Validator return if account.username.nil? normalized_username = account.username.downcase + normalized_domain = account.domain&.downcase - scope = Account.where(domain: nil).where('lower(username) = ?', normalized_username) + scope = Account.where(Account.arel_table[:username].lower.eq normalized_username).where(Account.arel_table[:domain].lower.eq normalized_domain) scope = scope.where.not(id: account.id) if account.persisted? account.errors.add(:username, :taken) if scope.exists? diff --git a/spec/models/account_spec.rb b/spec/models/account_spec.rb index 4266122b2..98d29e6f3 100644 --- a/spec/models/account_spec.rb +++ b/spec/models/account_spec.rb @@ -619,18 +619,18 @@ RSpec.describe Account, type: :model do end context 'when is remote' do - it 'is invalid if the username is not unique in case-sensitive comparison among accounts in the same normalized domain' do + it 'is invalid if the username is same among accounts in the same normalized domain' do Fabricate(:account, domain: 'にゃん', username: 'username') account = Fabricate.build(:account, domain: 'xn--r9j5b5b', username: 'username') account.valid? expect(account).to model_have_error_on_field(:username) end - it 'is valid even if the username is unique only in case-sensitive comparison among accounts in the same normalized domain' do + it 'is invalid if the username is not unique in case-insensitive comparison among accounts in the same normalized domain' do Fabricate(:account, domain: 'にゃん', username: 'username') account = Fabricate.build(:account, domain: 'xn--r9j5b5b', username: 'Username') account.valid? - expect(account).not_to model_have_error_on_field(:username) + expect(account).to model_have_error_on_field(:username) end it 'is valid even if the username contains hyphens' do diff --git a/spec/validators/unique_username_validator_spec.rb b/spec/validators/unique_username_validator_spec.rb index c2e2eedf4..6867cbc6c 100644 --- a/spec/validators/unique_username_validator_spec.rb +++ b/spec/validators/unique_username_validator_spec.rb @@ -4,22 +4,65 @@ require 'rails_helper' describe UniqueUsernameValidator do describe '#validate' do + context 'when local account' do + it 'does not add errors if username is nil' do + account = double(username: nil, domain: nil, persisted?: false, errors: double(add: nil)) + subject.validate(account) + expect(account.errors).to_not have_received(:add) + end + + it 'does not add errors when existing one is subject itself' do + account = Fabricate(:account, username: 'abcdef') + expect(account).to be_valid + end + + it 'adds an error when the username is already used with ignoring cases' do + Fabricate(:account, username: 'ABCdef') + account = double(username: 'abcDEF', domain: nil, persisted?: false, errors: double(add: nil)) + subject.validate(account) + expect(account.errors).to have_received(:add) + end + + it 'does not add errors when same username remote account exists' do + Fabricate(:account, username: 'abcdef', domain: 'example.com') + account = double(username: 'abcdef', domain: nil, persisted?: false, errors: double(add: nil)) + subject.validate(account) + expect(account.errors).to_not have_received(:add) + end + end + end + + context 'when remote account' do it 'does not add errors if username is nil' do - account = double(username: nil, persisted?: false, errors: double(add: nil)) + account = double(username: nil, domain: 'example.com', persisted?: false, errors: double(add: nil)) subject.validate(account) expect(account.errors).to_not have_received(:add) end it 'does not add errors when existing one is subject itself' do - account = Fabricate(:account, username: 'abcdef') + account = Fabricate(:account, username: 'abcdef', domain: 'example.com') expect(account).to be_valid end it 'adds an error when the username is already used with ignoring cases' do - Fabricate(:account, username: 'ABCdef') - account = double(username: 'abcDEF', persisted?: false, errors: double(add: nil)) + Fabricate(:account, username: 'ABCdef', domain: 'example.com') + account = double(username: 'abcDEF', domain: 'example.com', persisted?: false, errors: double(add: nil)) subject.validate(account) expect(account.errors).to have_received(:add) end + + it 'adds an error when the domain is already used with ignoring cases' do + Fabricate(:account, username: 'ABCdef', domain: 'example.com') + account = double(username: 'ABCdef', domain: 'EXAMPLE.COM', persisted?: false, errors: double(add: nil)) + subject.validate(account) + expect(account.errors).to have_received(:add) + end + + it 'does not add errors when account with the same username and another domain exists' do + Fabricate(:account, username: 'abcdef', domain: 'example.com') + account = double(username: 'abcdef', domain: 'example2.com', persisted?: false, errors: double(add: nil)) + subject.validate(account) + expect(account.errors).to_not have_received(:add) + end end end