From 74f3c59f7096b5c31d5c218310b20775eb111d0f Mon Sep 17 00:00:00 2001 From: Karl Persson Date: Fri, 21 Oct 2022 14:15:21 +0200 Subject: [PATCH] [v9.0.x] Login email before username (#57406) * Add test for username/login field conflict * Swap order of login fields Co-authored-by: linoman <2051016+linoman@users.noreply.github.com> diff --git a/pkg/services/sqlstore/user.go b/pkg/services/sqlstore/user.go index 9cd80da396..00e3ddc2df 100644 --- a/pkg/services/sqlstore/user.go +++ b/pkg/services/sqlstore/user.go @@ -170,20 +170,24 @@ func (ss *SQLStore) GetUserByLogin(ctx context.Context, query *models.GetUserByL return models.ErrUserNotFound } - // Try and find the user by login first. - // It's not sufficient to assume that a LoginOrEmail with an "@" is an email. + var has bool + var err error user := &models.User{Login: query.LoginOrEmail} - has, err := sess.Where(notServiceAccountFilter(ss)).Get(user) - - if err != nil { - return err - } - if !has && strings.Contains(query.LoginOrEmail, "@") { - // If the user wasn't found, and it contains an "@" fallback to finding the - // user by email. + // Since username can be an email address, attempt login with email address + // first if the login field has the "@" symbol. + if strings.Contains(query.LoginOrEmail, "@") { user = &models.User{Email: query.LoginOrEmail} has, err = sess.Get(user) + + if err != nil { + return err + } + } + + // Lookup the login field instead of email field + if !has { + has, err = sess.Where(notServiceAccountFilter(ss)).Get(user) } if err != nil { diff --git a/pkg/services/sqlstore/user_test.go b/pkg/services/sqlstore/user_test.go index d3803fa0c9..da23a7cca9 100644 --- a/pkg/services/sqlstore/user_test.go +++ b/pkg/services/sqlstore/user_test.go @@ -51,6 +51,45 @@ func TestIntegrationUserDataAccess(t *testing.T) { require.False(t, query.Result.IsDisabled) }) + t.Run("Get User by login - user_2 uses user_1.email as login", func(t *testing.T) { + ss = InitTestDB(t) + + // create user_1 + cmd := models.CreateUserCommand{ + Email: "user_1@mail.com", + Name: "user_1", + Login: "user_1", + Password: "user_1_password", + IsDisabled: true, + } + user_1, err := ss.CreateUser(context.Background(), cmd) + require.Nil(t, err) + + // create user_2 + cmd = models.CreateUserCommand{ + Email: "user_2@mail.com", + Name: "user_2", + Login: "user_1@mail.com", + Password: "user_2_password", + IsDisabled: true, + } + user_2, err := ss.CreateUser(context.Background(), cmd) + require.Nil(t, err) + + // query user database for user_1 email + query := models.GetUserByLoginQuery{LoginOrEmail: "user_1@mail.com"} + err = ss.GetUserByLogin(context.Background(), &query) + require.Nil(t, err) + + // expect user_1 as result + require.Equal(t, user_1.Email, query.Result.Email) + require.Equal(t, user_1.Login, query.Result.Login) + require.Equal(t, user_1.Name, query.Result.Name) + require.NotEqual(t, user_2.Email, query.Result.Email) + require.NotEqual(t, user_2.Login, query.Result.Login) + require.NotEqual(t, user_2.Name, query.Result.Name) + }) + t.Run("Testing DB - creates and loads disabled user", func(t *testing.T) { ss = InitTestDB(t) cmd := models.CreateUserCommand{