X Tutup
Skip to content

Allow users to lookup themselves with mixed-case in the Provisioning API#36878

Merged
micbar merged 1 commit intomasterfrom
fix-36822
Feb 5, 2020
Merged

Allow users to lookup themselves with mixed-case in the Provisioning API#36878
micbar merged 1 commit intomasterfrom
fix-36822

Conversation

@phil-davis
Copy link
Contributor

@phil-davis phil-davis commented Feb 4, 2020
edited
Loading

Description

If a user had a UID like NewUser then to get their own user information using the provisioning API, they had to specify exactly NewUser in the URL of the request. That is a bit tricky for any client that tries to use this provisioning API endpoint - they have to know exact the case of the UID.

The admin can do the same request and it is not case sensitive.

See the issue for more detail.

Compare the request UID with the actual internal UID in a case-insensitive manner when checking if the request is for the currently-authenticated user.

Related Issue

How Has This Been Tested?

Local runs of the adjusted acceptance tests.

Types of changes

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • Database schema changes (next release will require increase of minor version instead of patch)
  • Breaking change (fix or feature that would cause existing functionality to change)
  • Technical debt
  • Tests only (no source changes)

Checklist:

  • Code changes
  • Unit tests added
  • Acceptance tests added
  • Documentation ticket raised:
  • Changelog item, see TEMPLATE

@phil-davis phil-davis self-assigned this Feb 4, 2020
@phil-davis phil-davis requested a review from micbar February 4, 2020 11:09
@phil-davis
Copy link
Contributor Author

phil-davis commented Feb 4, 2020

@micbar please allocate an appropriate person to review - there is just 1 line of code to change

@individual-it please review the test changes

@phil-davis phil-davis mentioned this pull request Feb 4, 2020
Closed
@codecov
Copy link

codecov bot commented Feb 4, 2020

Codecov Report

Merging #36878 into master will increase coverage by 0.28%.
The diff coverage is 100%.

Impacted file tree graph

@@             Coverage Diff              @@
##             master   #36878      +/-   ##
============================================
+ Coverage     64.37%   64.66%   +0.28%     
- Complexity    19132    19137       +5     
============================================
  Files          1270     1270              
  Lines         74838    74888      +50     
  Branches       1329     1329              
============================================
+ Hits          48176    48424     +248     
+ Misses        26271    26073     -198     
  Partials        391      391
Flag Coverage Δ Complexity Δ
#javascript 54.17% <ø> (ø) 0 <ø> (ø) ⬇️
#phpunit 65.82% <100%> (+0.31%) 19137 <0> (+5) ⬆️
Impacted Files Coverage Δ Complexity Δ
apps/provisioning_api/lib/Users.php 92.56% <100%> (ø) 122 <0> (ø) ⬇️
apps/files/lib/Command/Scan.php 71.92% <0%> (-9.75%) 61% <0%> (ø)
lib/private/Files/Cache/HomePropagator.php 77.77% <0%> (-9.73%) 3% <0%> (ø)
lib/private/Files/Storage/DAV.php 78.48% <0%> (-0.62%) 0% <0%> (ø)
...es_sharing/lib/Controller/Share20OcsController.php 93.83% <0%> (+0.04%) 209% <0%> (+2%) ⬆️
lib/private/Files/Stream/Encryption.php 94.53% <0%> (+0.28%) 56% <0%> (+3%) ⬆️
lib/private/Files/View.php 84.83% <0%> (+0.29%) 389% <0%> (ø) ⬇️
...s/federation/lib/BackgroundJob/GetSharedSecret.php 63.93% <0%> (+0.6%) 20% <0%> (ø) ⬇️
apps/dav/lib/Connector/Sabre/File.php 84.19% <0%> (+0.64%) 115% <0%> (ø) ⬇️
...deration/lib/BackgroundJob/RequestSharedSecret.php 64% <0%> (+0.73%) 17% <0%> (ø) ⬇️
... and 15 more

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 5083269...17d3d23. Read the comment docs.

individual-it
individual-it reviewed Feb 4, 2020
View reviewed changes
Copy link
Member

@individual-it individual-it left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

👍 Tests look good

@micbar micbar merged commit daef49f into master Feb 5, 2020
@delete-merged-branch delete-merged-branch bot deleted the fix-36822 branch February 5, 2020 08:48
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@individual-it individual-it individual-it left review comments

@DeepDiver1975 DeepDiver1975 Awaiting requested review from DeepDiver1975

+1 more reviewer

@micbar micbar micbar approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

@phil-davis phil-davis

Labels

3 - To Review

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

provisioning API does not return infos of user when user auth with uppercase username but sends lowercase in the URL

3 participants

@phil-davis @individual-it @micbar
X Tutup