Usernames should be consistently case-insensitive.

demiankatz · Jan 16, 2024 · 22bacf1 · 22bacf1
1 parent c9973f9
commit 22bacf1
Show file tree

Hide file tree

Showing 2 changed files with 32 additions and 4 deletions.
diff --git a/module/VuFind/src/VuFind/Db/Table/User.php b/module/VuFind/src/VuFind/Db/Table/User.php
@@ -139,7 +139,10 @@ public function getByCatalogId($catId)
      */
     public function getByUsername($username, $create = true)
     {
-        $row = $this->select(['username' => $username])->current();
+        $callback = function ($select) use ($username) {
+            $select->where->literal('lower(username) = lower(?)', [$username]);
+        };
+        $row = $this->select($callback)->current();
         return ($create && empty($row))
             ? $this->createRowForUsername($username) : $row;
     }

diff --git a/module/VuFind/tests/integration-tests/src/VuFindTest/Mink/AccountActionsTest.php b/module/VuFind/tests/integration-tests/src/VuFindTest/Mink/AccountActionsTest.php
@@ -71,7 +71,7 @@ public static function setUpBeforeClass(): void
      *
      * @return void
      */
-    public function testChangePassword()
+    public function testChangePassword(): void
     {
         $session = $this->getMinkSession();
         $session->visit($this->getVuFindUrl());
@@ -133,14 +133,39 @@ public function testChangePassword()
         $this->clickCss($page, '.logoutOptions a.logout');
     }
 
+    /**
+     * Test username case-insensitivity.
+     *
+     * @depends testChangePassword
+     *
+     * @return void
+     */
+    public function testCaseInsensitiveUsername(): void
+    {
+        $session = $this->getMinkSession();
+        $page = $session->getPage();
+
+        // Go to profile page:
+        $session->visit($this->getVuFindUrl('/MyResearch/Profile'));
+
+        // Log back in using UPPERCASE version of username (it was created in lowercase above).
+        $this->clickCss($page, '#loginOptions a');
+        $this->fillInLoginForm($page, 'USERNAME1', 'good');
+        $this->clickCss($page, '.modal-body .btn.btn-primary');
+        $this->waitForPageLoad($page);
+
+        // Confirm that we logged in based on the presence of a "change password" link.
+        $this->findAndAssertLink($page, 'Change Password');
+    }
+
     /**
      * Test that changing email is disabled by default.
      *
      * @depends testChangePassword
      *
      * @return void
      */
-    public function testChangeEmailDisabledByDefault()
+    public function testChangeEmailDisabledByDefault(): void
     {
         // Go to profile page:
         $session = $this->getMinkSession();
@@ -165,7 +190,7 @@ public function testChangeEmailDisabledByDefault()
      *
      * @return void
      */
-    public function testChangeEmail()
+    public function testChangeEmail(): void
     {
         // Turn on email change option:
         $this->changeConfigs(