Fix UniqueUsernameValidator comparison (#6926)
Comparison was downcasing only one side, therefore if previously existing account had a non-lowercase spelling, it would be ignored when checking for duplicates. New rake task `mastodon:maintenance:find_duplicate_usernames` will help find constraint violations that might have occured from the presence of this bug. Bump version to 2.3.3
This commit is contained in:
		
							parent
							
								
									40e5d2303b
								
							
						
					
					
						commit
						2a90da1837
					
				
					 4 changed files with 21 additions and 3 deletions
				
			
		|  | @ -30,7 +30,7 @@ module AccountFinderConcern | ||||||
|     end |     end | ||||||
| 
 | 
 | ||||||
|     def account |     def account | ||||||
|       scoped_accounts.take |       scoped_accounts.order(id: :asc).take | ||||||
|     end |     end | ||||||
| 
 | 
 | ||||||
|     private |     private | ||||||
|  |  | ||||||
|  | @ -6,7 +6,7 @@ class UniqueUsernameValidator < ActiveModel::Validator | ||||||
| 
 | 
 | ||||||
|     normalized_username = account.username.downcase.delete('.') |     normalized_username = account.username.downcase.delete('.') | ||||||
| 
 | 
 | ||||||
|     scope = Account.where(domain: nil, username: normalized_username) |     scope = Account.where(domain: nil).where('lower(username) = ?', normalized_username) | ||||||
|     scope = scope.where.not(id: account.id) if account.persisted? |     scope = scope.where.not(id: account.id) if account.persisted? | ||||||
| 
 | 
 | ||||||
|     account.errors.add(:username, :taken) if scope.exists? |     account.errors.add(:username, :taken) if scope.exists? | ||||||
|  |  | ||||||
|  | @ -13,7 +13,7 @@ module Mastodon | ||||||
|     end |     end | ||||||
| 
 | 
 | ||||||
|     def patch |     def patch | ||||||
|       2 |       3 | ||||||
|     end |     end | ||||||
| 
 | 
 | ||||||
|     def pre |     def pre | ||||||
|  |  | ||||||
|  | @ -740,6 +740,24 @@ namespace :mastodon do | ||||||
|       LinkCrawlWorker.push_bulk status_ids |       LinkCrawlWorker.push_bulk status_ids | ||||||
|     end |     end | ||||||
| 
 | 
 | ||||||
|  |     desc 'Find case-insensitive username duplicates of local users' | ||||||
|  |     task find_duplicate_usernames: :environment do | ||||||
|  |       include RoutingHelper | ||||||
|  | 
 | ||||||
|  |       disable_log_stdout! | ||||||
|  | 
 | ||||||
|  |       duplicate_masters = Account.find_by_sql('SELECT * FROM accounts WHERE id IN (SELECT min(id) FROM accounts WHERE domain IS NULL GROUP BY lower(username) HAVING count(*) > 1)') | ||||||
|  |       pastel = Pastel.new | ||||||
|  | 
 | ||||||
|  |       duplicate_masters.each do |account| | ||||||
|  |         puts pastel.yellow("First of their name: ") + pastel.bold(account.username) + " (#{admin_account_url(account.id)})" | ||||||
|  | 
 | ||||||
|  |         Account.where('lower(username) = ?', account.username.downcase).where.not(id: account.id).each do |duplicate| | ||||||
|  |           puts "  " + pastel.red("Duplicate: ") + admin_account_url(duplicate.id) | ||||||
|  |         end | ||||||
|  |       end | ||||||
|  |     end | ||||||
|  | 
 | ||||||
|     desc 'Remove all home feed regeneration markers' |     desc 'Remove all home feed regeneration markers' | ||||||
|     task remove_regeneration_markers: :environment do |     task remove_regeneration_markers: :environment do | ||||||
|       keys = Redis.current.keys('account:*:regeneration') |       keys = Redis.current.keys('account:*:regeneration') | ||||||
|  |  | ||||||
		Loading…
	
	Add table
		
		Reference in a new issue