about summary refs log tree commit diff
path: root/app
diff options
context:
space:
mode:
authorEugen Rochko <eugen@zeonfederated.com>2018-03-27 04:33:57 +0200
committerGitHub <noreply@github.com>2018-03-27 04:33:57 +0200
commit2a90da18375a38957ae4c94fa3e86a8180237d8a (patch)
tree8468d65f8a783de9d6ec5fc9f2611951f2c00457 /app
parent40e5d2303ba1edc51beae66cc15263675980106a (diff)
Fix UniqueUsernameValidator comparison (#6926)
Comparison was downcasing only one side, therefore if previously
existing account had a non-lowercase spelling, it would be ignored
when checking for duplicates.

New rake task `mastodon:maintenance:find_duplicate_usernames` will
help find constraint violations that might have occured from the
presence of this bug.

Bump version to 2.3.3
Diffstat (limited to 'app')
-rw-r--r--app/models/concerns/account_finder_concern.rb2
-rw-r--r--app/validators/unique_username_validator.rb2
2 files changed, 2 insertions, 2 deletions
diff --git a/app/models/concerns/account_finder_concern.rb b/app/models/concerns/account_finder_concern.rb
index 2e8a7fb37..6b7237e89 100644
--- a/app/models/concerns/account_finder_concern.rb
+++ b/app/models/concerns/account_finder_concern.rb
@@ -30,7 +30,7 @@ module AccountFinderConcern
     end
 
     def account
-      scoped_accounts.take
+      scoped_accounts.order(id: :asc).take
     end
 
     private
diff --git a/app/validators/unique_username_validator.rb b/app/validators/unique_username_validator.rb
index c76407b16..fb67105dd 100644
--- a/app/validators/unique_username_validator.rb
+++ b/app/validators/unique_username_validator.rb
@@ -6,7 +6,7 @@ class UniqueUsernameValidator < ActiveModel::Validator
 
     normalized_username = account.username.downcase.delete('.')
 
-    scope = Account.where(domain: nil, username: normalized_username)
+    scope = Account.where(domain: nil).where('lower(username) = ?', normalized_username)
     scope = scope.where.not(id: account.id) if account.persisted?
 
     account.errors.add(:username, :taken) if scope.exists?