Ruderverein-Donau-Linz/rowt
1
1
Fork 1
Code Issues 52 Pull Requests Actions Packages Projects Wiki Activity

Merge pull request 'fix-uppercase-non-ascii-name' (#1062) from fix-uppercase-non-ascii-name into staging
All checks were successful
CI/CD Pipeline / test (push) Successful in 14m10s
Details
CI/CD Pipeline / deploy-staging (push) Successful in 7m2s
Details
CI/CD Pipeline / deploy-main (push) Has been skipped
Details

Browse Source 
Reviewed-on: #1062
This commit is contained in:
philipp
2025-05-27 08:54:45 +02:00
parent de62585b64 c6a2b529c3
commit f769af279b
1 changed files with 25 additions and 29 deletions
Download Patch File Download Diff File Expand all files Collapse all files

34
src/model/user/mod.rs
View File

@ -1,21 +1,20 @@
use std::{fmt::Display, ops::DerefMut}; use std::{fmt::Display, ops::DerefMut};
use argon2::{Argon2, PasswordHasher, password_hash::SaltString}; use argon2::{password_hash::SaltString, Argon2, PasswordHasher};
use chrono::{Datelike, Local, NaiveDate}; use chrono::{Datelike, Local, NaiveDate};
use log::info; use log::info;
use rocket::async_trait; use rocket::async_trait;
use rocket::{ use rocket::{
Request,
http::{Cookie, Status}, http::{Cookie, Status},
request::{FromRequest, Outcome}, request::{FromRequest, Outcome},
time::{Duration, OffsetDateTime}, time::{Duration, OffsetDateTime},
Request,
}; };
use serde::{Deserialize, Serialize}; use serde::{Deserialize, Serialize};
use sqlx::{FromRow, Sqlite, SqlitePool, Transaction}; use sqlx::{FromRow, Sqlite, SqlitePool, Transaction};
use super::activity::{ActivityBuilder, ReasonAuth}; use super::activity::{ActivityBuilder, ReasonAuth};
use super::{ use super::{
Day,
log::Log, log::Log,
logbook::Logbook, logbook::Logbook,
mail::Mail, mail::Mail,
@ -24,6 +23,7 @@ use super::{
planned::tripdetails::TripDetails, planned::tripdetails::TripDetails,
role::Role, role::Role,
stat::Stat, stat::Stat,
Day,
}; };
use crate::AMOUNT_DAYS_TO_SHOW_TRIPS_AHEAD; use crate::AMOUNT_DAYS_TO_SHOW_TRIPS_AHEAD;
use scheckbuch::ScheckbuchUser; use scheckbuch::ScheckbuchUser;
@ -303,15 +303,17 @@ WHERE id like ?
} }
pub async fn find_by_name(db: &SqlitePool, name: &str) -> Option<Self> { pub async fn find_by_name(db: &SqlitePool, name: &str) -> Option<Self> {
let name = name.trim().to_lowercase(); let name = name.trim();
let lowered_name = name.to_lowercase();
sqlx::query_as!( sqlx::query_as!(
Self, Self,
" "
SELECT id, name, pw, deleted, last_access, dob, weight, sex, member_since_date, birthdate, mail, nickname, phone, address, family_id, user_token SELECT id, name, pw, deleted, last_access, dob, weight, sex, member_since_date, birthdate, mail, nickname, phone, address, family_id, user_token
FROM user FROM user
WHERE lower(name)=? WHERE lower(name)=? OR name=?
", ",
lowered_name,
name name
) )
.fetch_one(db) .fetch_one(db)
@ -850,8 +852,8 @@ special_user!(SteeringUser, +"cox", +"Bootsführer");
special_user!(AdminUser, +"admin"); special_user!(AdminUser, +"admin");
special_user!(AllowedForPlannedTripsUser, +"Donau Linz", +"scheckbuch", +"Förderndes Mitglied"); special_user!(AllowedForPlannedTripsUser, +"Donau Linz", +"scheckbuch", +"Förderndes Mitglied");
special_user!(DonauLinzUser, +"Donau Linz", -"Unterstützend", -"Förderndes Mitglied"); // TODO: special_user!(DonauLinzUser, +"Donau Linz", -"Unterstützend", -"Förderndes Mitglied"); // TODO:
// remove -> // remove ->
// RegularUser // RegularUser
special_user!(SchnupperBetreuerUser, +"schnupper-betreuer"); special_user!(SchnupperBetreuerUser, +"schnupper-betreuer");
special_user!(VorstandUser, +"admin", +"Vorstand"); special_user!(VorstandUser, +"admin", +"Vorstand");
special_user!(EventUser, +"manage_events"); special_user!(EventUser, +"manage_events");
@ -965,21 +967,17 @@ mod test {
#[sqlx::test] #[sqlx::test]
fn wrong_pw() { fn wrong_pw() {
let pool = testdb!(); let pool = testdb!();
assert!( assert!(User::login(&pool, "admin".into(), "admi".into())
User::login(&pool, "admin".into(), "admi".into())
.await .await
.is_err() .is_err());
);
} }
#[sqlx::test] #[sqlx::test]
fn wrong_username() { fn wrong_username() {
let pool = testdb!(); let pool = testdb!();
assert!( assert!(User::login(&pool, "admi".into(), "admin".into())
User::login(&pool, "admi".into(), "admin".into())
.await .await
.is_err() .is_err());
);
} }
#[sqlx::test] #[sqlx::test]
@ -999,11 +997,9 @@ mod test {
let pool = testdb!(); let pool = testdb!();
let user = User::find_by_id(&pool, 1).await.unwrap(); let user = User::find_by_id(&pool, 1).await.unwrap();
assert!( assert!(User::login(&pool, "admin".into(), "abc".into())
User::login(&pool, "admin".into(), "abc".into())
.await .await
.is_err() .is_err());
);
user.update_pw(&pool, "abc".into()).await; user.update_pw(&pool, "abc".into()).await;