about summary refs log tree commit diff
diff options
context:
space:
mode:
authorAlex Gessner <alex.gessner@gmail.com>2019-04-10 12:05:11 -0400
committerEugen Rochko <eugen@zeonfederated.com>2019-04-10 18:05:11 +0200
commit154106c0c3b8fdd64f739fc449203b842924df0c (patch)
tree38d9e05a6dc9f8368371b2c41efc1910ba2ef654
parent9e2a1f18380ffb0184513882d8d46c50f17d1312 (diff)
compare usernames case-insensitively on new proof creation flow (#10544)
* compare usernames case-insensitively on new proof creation flow

* Fix code style issue
-rw-r--r--app/controllers/settings/identity_proofs_controller.rb2
-rw-r--r--spec/controllers/settings/identity_proofs_controller_spec.rb17
2 files changed, 14 insertions, 5 deletions
diff --git a/app/controllers/settings/identity_proofs_controller.rb b/app/controllers/settings/identity_proofs_controller.rb
index 8f857fdcc..e22b4d9be 100644
--- a/app/controllers/settings/identity_proofs_controller.rb
+++ b/app/controllers/settings/identity_proofs_controller.rb
@@ -18,7 +18,7 @@ class Settings::IdentityProofsController < Settings::BaseController
       provider_username: params[:provider_username]
     )
 
-    if current_account.username == params[:username]
+    if current_account.username.casecmp(params[:username]).zero?
       render layout: 'auth'
     else
       flash[:alert] = I18n.t('identity_proofs.errors.wrong_user', proving: params[:username], current: current_account.username)
diff --git a/spec/controllers/settings/identity_proofs_controller_spec.rb b/spec/controllers/settings/identity_proofs_controller_spec.rb
index 5c05eb83c..2a0f91088 100644
--- a/spec/controllers/settings/identity_proofs_controller_spec.rb
+++ b/spec/controllers/settings/identity_proofs_controller_spec.rb
@@ -28,11 +28,11 @@ describe Settings::IdentityProofsController do
 
   describe 'new proof creation' do
     context 'GET #new' do
-      context 'with all of the correct params' do
-        before do
-          allow_any_instance_of(ProofProvider::Keybase::Badge).to receive(:avatar_url) { full_pack_url('media/images/void.png') }
-        end
+      before do
+        allow_any_instance_of(ProofProvider::Keybase::Badge).to receive(:avatar_url) { full_pack_url('media/images/void.png') }
+      end
 
+      context 'with all of the correct params' do
         it 'renders the template' do
           get :new, params: new_proof_params
           expect(response).to render_template(:new)
@@ -54,6 +54,15 @@ describe Settings::IdentityProofsController do
           expect(flash[:alert]).to eq I18n.t('identity_proofs.errors.wrong_user', proving: 'someone_else', current: user.account.username)
         end
       end
+
+      context 'with params to prove the same username cased differently' do
+        let(:capitalized_username) { new_proof_params.merge(username: user.account.username.upcase) }
+
+        it 'renders the new template' do
+          get :new, params: capitalized_username
+          expect(response).to render_template(:new)
+        end
+      end
     end
 
     context 'POST #create' do