You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
101 lines
3.3 KiB
101 lines
3.3 KiB
2 years ago
|
From 74f3c59f7096b5c31d5c218310b20775eb111d0f Mon Sep 17 00:00:00 2001
|
||
|
From: Karl Persson <kalle.persson@grafana.com>
|
||
|
Date: Fri, 21 Oct 2022 14:15:21 +0200
|
||
|
Subject: [PATCH] [v9.0.x] Login email before username (#57406)
|
||
|
|
||
|
* Add test for username/login field conflict
|
||
|
|
||
|
* Swap order of login fields
|
||
|
|
||
|
Co-authored-by: linoman <2051016+linoman@users.noreply.github.com>
|
||
|
|
||
|
diff --git a/pkg/services/sqlstore/user.go b/pkg/services/sqlstore/user.go
|
||
|
index 9cd80da396..00e3ddc2df 100644
|
||
|
--- a/pkg/services/sqlstore/user.go
|
||
|
+++ b/pkg/services/sqlstore/user.go
|
||
|
@@ -170,20 +170,24 @@ func (ss *SQLStore) GetUserByLogin(ctx context.Context, query *models.GetUserByL
|
||
|
return models.ErrUserNotFound
|
||
|
}
|
||
|
|
||
|
- // Try and find the user by login first.
|
||
|
- // It's not sufficient to assume that a LoginOrEmail with an "@" is an email.
|
||
|
+ var has bool
|
||
|
+ var err error
|
||
|
user := &models.User{Login: query.LoginOrEmail}
|
||
|
- has, err := sess.Where(notServiceAccountFilter(ss)).Get(user)
|
||
|
-
|
||
|
- if err != nil {
|
||
|
- return err
|
||
|
- }
|
||
|
|
||
|
- if !has && strings.Contains(query.LoginOrEmail, "@") {
|
||
|
- // If the user wasn't found, and it contains an "@" fallback to finding the
|
||
|
- // user by email.
|
||
|
+ // Since username can be an email address, attempt login with email address
|
||
|
+ // first if the login field has the "@" symbol.
|
||
|
+ if strings.Contains(query.LoginOrEmail, "@") {
|
||
|
user = &models.User{Email: query.LoginOrEmail}
|
||
|
has, err = sess.Get(user)
|
||
|
+
|
||
|
+ if err != nil {
|
||
|
+ return err
|
||
|
+ }
|
||
|
+ }
|
||
|
+
|
||
|
+ // Lookup the login field instead of email field
|
||
|
+ if !has {
|
||
|
+ has, err = sess.Where(notServiceAccountFilter(ss)).Get(user)
|
||
|
}
|
||
|
|
||
|
if err != nil {
|
||
|
diff --git a/pkg/services/sqlstore/user_test.go b/pkg/services/sqlstore/user_test.go
|
||
|
index d3803fa0c9..da23a7cca9 100644
|
||
|
--- a/pkg/services/sqlstore/user_test.go
|
||
|
+++ b/pkg/services/sqlstore/user_test.go
|
||
|
@@ -51,6 +51,45 @@ func TestIntegrationUserDataAccess(t *testing.T) {
|
||
|
require.False(t, query.Result.IsDisabled)
|
||
|
})
|
||
|
|
||
|
+ t.Run("Get User by login - user_2 uses user_1.email as login", func(t *testing.T) {
|
||
|
+ ss = InitTestDB(t)
|
||
|
+
|
||
|
+ // create user_1
|
||
|
+ cmd := models.CreateUserCommand{
|
||
|
+ Email: "user_1@mail.com",
|
||
|
+ Name: "user_1",
|
||
|
+ Login: "user_1",
|
||
|
+ Password: "user_1_password",
|
||
|
+ IsDisabled: true,
|
||
|
+ }
|
||
|
+ user_1, err := ss.CreateUser(context.Background(), cmd)
|
||
|
+ require.Nil(t, err)
|
||
|
+
|
||
|
+ // create user_2
|
||
|
+ cmd = models.CreateUserCommand{
|
||
|
+ Email: "user_2@mail.com",
|
||
|
+ Name: "user_2",
|
||
|
+ Login: "user_1@mail.com",
|
||
|
+ Password: "user_2_password",
|
||
|
+ IsDisabled: true,
|
||
|
+ }
|
||
|
+ user_2, err := ss.CreateUser(context.Background(), cmd)
|
||
|
+ require.Nil(t, err)
|
||
|
+
|
||
|
+ // query user database for user_1 email
|
||
|
+ query := models.GetUserByLoginQuery{LoginOrEmail: "user_1@mail.com"}
|
||
|
+ err = ss.GetUserByLogin(context.Background(), &query)
|
||
|
+ require.Nil(t, err)
|
||
|
+
|
||
|
+ // expect user_1 as result
|
||
|
+ require.Equal(t, user_1.Email, query.Result.Email)
|
||
|
+ require.Equal(t, user_1.Login, query.Result.Login)
|
||
|
+ require.Equal(t, user_1.Name, query.Result.Name)
|
||
|
+ require.NotEqual(t, user_2.Email, query.Result.Email)
|
||
|
+ require.NotEqual(t, user_2.Login, query.Result.Login)
|
||
|
+ require.NotEqual(t, user_2.Name, query.Result.Name)
|
||
|
+ })
|
||
|
+
|
||
|
t.Run("Testing DB - creates and loads disabled user", func(t *testing.T) {
|
||
|
ss = InitTestDB(t)
|
||
|
cmd := models.CreateUserCommand{
|