diff --git a/src/routes/test/user-test.js b/src/routes/test/user-test.js index 927882883..6350b9fda 100644 --- a/src/routes/test/user-test.js +++ b/src/routes/test/user-test.js @@ -19,10 +19,10 @@ var config = require('../../config.js'), var SERVER_URL = 'http://localhost:' + config.get('port'); -var USERNAME_0 = 'admin', PASSWORD = 'Foobar?1337', EMAIL_0 = 'silly@me.com', EMAIL_0_NEW = 'stupid@me.com', DISPLAY_NAME_0_NEW = 'New Name'; -var USERNAME_1 = 'userTheFirst', EMAIL_1 = 'tao@zen.mac'; -var USERNAME_2 = 'userTheSecond', EMAIL_2 = 'user@foo.bar', EMAIL_2_NEW = 'happy@me.com'; -var USERNAME_3 = 'userTheThird', EMAIL_3 = 'user3@foo.bar'; +var USERNAME_0 = 'aDmIn', PASSWORD = 'Foobar?1337', EMAIL_0 = 'silLY@me.com', EMAIL_0_NEW = 'stupID@me.com', DISPLAY_NAME_0_NEW = 'New Name'; +var USERNAME_1 = 'userTheFirst', EMAIL_1 = 'taO@zen.mac'; +var USERNAME_2 = 'userTheSecond', EMAIL_2 = 'USER@foo.bar', EMAIL_2_NEW = 'happy@ME.com'; +var USERNAME_3 = 'userTheThird', EMAIL_3 = 'user3@FOO.bar'; var server; function setup(done) { @@ -152,8 +152,8 @@ describe('User API', function () { .query({ access_token: token }) .end(function (err, res) { expect(res.statusCode).to.equal(200); - expect(res.body.username).to.equal(USERNAME_0); - expect(res.body.email).to.equal(EMAIL_0); + expect(res.body.username).to.equal(USERNAME_0.toLowerCase()); + expect(res.body.email).to.equal(EMAIL_0.toLowerCase()); expect(res.body.admin).to.be.ok(); done(); @@ -183,8 +183,8 @@ describe('User API', function () { .query({ access_token: token }) .end(function (err, res) { expect(res.statusCode).to.equal(200); - expect(res.body.username).to.equal(USERNAME_0); - expect(res.body.email).to.equal(EMAIL_0); + expect(res.body.username).to.equal(USERNAME_0.toLowerCase()); + expect(res.body.email).to.equal(EMAIL_0.toLowerCase()); expect(res.body.admin).to.be.ok(); done(); }); @@ -222,8 +222,8 @@ describe('User API', function () { .set('Authorization', 'Bearer ' + token) .end(function (err, res) { expect(res.statusCode).to.equal(200); - expect(res.body.username).to.equal(USERNAME_0); - expect(res.body.email).to.equal(EMAIL_0); + expect(res.body.username).to.equal(USERNAME_0.toLowerCase()); + expect(res.body.email).to.equal(EMAIL_0.toLowerCase()); expect(res.body.admin).to.be.ok(); expect(res.body.displayName).to.be.a('string'); expect(res.body.password).to.not.be.ok(); @@ -413,8 +413,8 @@ describe('User API', function () { .query({ access_token: token_2 }) .end(function (error, result) { expect(result.statusCode).to.equal(200); - expect(result.body.username).to.equal(USERNAME_2); - expect(result.body.email).to.equal(EMAIL_2); + expect(result.body.username).to.equal(USERNAME_2.toLowerCase()); + expect(result.body.email).to.equal(EMAIL_2.toLowerCase()); expect(result.body.admin).to.not.be.ok(); done(); @@ -572,8 +572,8 @@ describe('User API', function () { .query({ access_token: token_2 }) .end(function (err, res) { expect(res.statusCode).to.equal(200); - expect(res.body.username).to.equal(USERNAME_2); - expect(res.body.email).to.equal(EMAIL_2_NEW); + expect(res.body.username).to.equal(USERNAME_2.toLowerCase()); + expect(res.body.email).to.equal(EMAIL_2_NEW.toLowerCase()); expect(res.body.admin).to.equal(false); expect(res.body.displayName).to.equal(''); @@ -593,8 +593,8 @@ describe('User API', function () { .query({ access_token: token }) .end(function (err, res) { expect(res.statusCode).to.equal(200); - expect(res.body.username).to.equal(USERNAME_2); - expect(res.body.email).to.equal(EMAIL_2); + expect(res.body.username).to.equal(USERNAME_2.toLowerCase()); + expect(res.body.email).to.equal(EMAIL_2.toLowerCase()); expect(res.body.admin).to.equal(false); expect(res.body.displayName).to.equal(''); @@ -614,8 +614,8 @@ describe('User API', function () { .query({ access_token: token }) .end(function (err, res) { expect(res.statusCode).to.equal(200); - expect(res.body.username).to.equal(USERNAME_0); - expect(res.body.email).to.equal(EMAIL_0); + expect(res.body.username).to.equal(USERNAME_0.toLowerCase()); + expect(res.body.email).to.equal(EMAIL_0.toLowerCase()); expect(res.body.admin).to.be.ok(); expect(res.body.displayName).to.equal(DISPLAY_NAME_0_NEW); diff --git a/src/test/user-test.js b/src/test/user-test.js index 6034875a1..4f8c70512 100644 --- a/src/test/user-test.js +++ b/src/test/user-test.js @@ -16,10 +16,10 @@ var async = require('async'), userdb = require('../userdb.js'), UserError = user.UserError; -var USERNAME = 'nobody'; -var USERNAME_NEW = 'nobodynew'; -var EMAIL = 'nobody@no.body'; -var EMAIL_NEW = 'nobodynew@no.body'; +var USERNAME = 'noBody'; +var USERNAME_NEW = 'noBodyNew'; +var EMAIL = 'noBody@no.body'; +var EMAIL_NEW = 'noBodyNew@no.body'; var PASSWORD = 'sTrOnG#$34134'; var NEW_PASSWORD = 'oTHER@#$235'; var DISPLAY_NAME = 'Nobody cares'; @@ -191,7 +191,7 @@ describe('User', function () { user.getOwner(function (error, owner) { expect(error).to.be(null); - expect(owner.email).to.be(EMAIL); + expect(owner.email).to.be(EMAIL.toLowerCase()); done(); }); }); @@ -284,6 +284,15 @@ describe('User', function () { done(); }); }); + + it('succeeds for different username case', function (done) { + user.verifyWithUsername(USERNAME.toUpperCase(), PASSWORD, function (error, result) { + expect(error).to.not.be.ok(); + expect(result).to.be.ok(); + + done(); + }); + }); }); describe('verifyWithEmail', function () { @@ -328,6 +337,15 @@ describe('User', function () { done(); }); }); + + it('succeeds for different email case', function (done) { + user.verifyWithEmail(EMAIL.toUpperCase(), PASSWORD, function (error, result) { + expect(error).to.not.be.ok(); + expect(result).to.be.ok(); + + done(); + }); + }); }); describe('retrieving', function () { @@ -348,8 +366,8 @@ describe('User', function () { expect(error).to.not.be.ok(); expect(result).to.be.ok(); expect(result.id).to.equal(userObject.id); - expect(result.email).to.equal(EMAIL); - expect(result.username).to.equal(USERNAME); + expect(result.email).to.equal(EMAIL.toLowerCase()); + expect(result.username).to.equal(USERNAME.toLowerCase()); expect(result.displayName).to.equal(DISPLAY_NAME); done(); @@ -386,8 +404,8 @@ describe('User', function () { user.get(userObject.id, function (error, result) { expect(error).to.not.be.ok(); expect(result).to.be.ok(); - expect(result.email).to.equal(EMAIL_NEW); - expect(result.username).to.equal(USERNAME_NEW); + expect(result.email).to.equal(EMAIL_NEW.toLowerCase()); + expect(result.username).to.equal(USERNAME_NEW.toLowerCase()); expect(result.displayName).to.equal(DISPLAY_NAME_NEW); done(); @@ -402,8 +420,8 @@ describe('User', function () { user.get(userObject.id, function (error, result) { expect(error).to.not.be.ok(); expect(result).to.be.ok(); - expect(result.email).to.equal(EMAIL_NEW); - expect(result.username).to.equal(USERNAME_NEW); + expect(result.email).to.equal(EMAIL_NEW.toLowerCase()); + expect(result.username).to.equal(USERNAME_NEW.toLowerCase()); expect(result.displayName).to.equal(DISPLAY_NAME_NEW); done(); @@ -455,7 +473,7 @@ describe('User', function () { user.getAllAdmins(function (error, admins) { expect(error).to.eql(null); expect(admins.length).to.equal(1); - expect(admins[0].username).to.equal(USERNAME); + expect(admins[0].username).to.equal(USERNAME.toLowerCase()); done(); }); }); @@ -480,8 +498,8 @@ describe('User', function () { user.getAllAdmins(function (error, admins) { expect(error).to.eql(null); expect(admins.length).to.equal(2); - expect(admins[0].username).to.equal(USERNAME); - expect(admins[1].username).to.equal(user1.username); + expect(admins[0].username).to.equal(USERNAME.toLowerCase()); + expect(admins[1].username).to.equal(user1.username.toLowerCase()); // one mail for user creation one mail for admin change checkMails(1, done); // FIXME should be 2 for admin change diff --git a/src/userdb.js b/src/userdb.js index e51b6a51f..c86839b96 100644 --- a/src/userdb.js +++ b/src/userdb.js @@ -50,7 +50,7 @@ function getByUsername(username, callback) { assert.strictEqual(typeof username, 'string'); assert.strictEqual(typeof callback, 'function'); - database.query('SELECT ' + USERS_FIELDS + ' FROM users WHERE username = ?', [ username ], function (error, result) { + database.query('SELECT ' + USERS_FIELDS + ' FROM users WHERE username = ?', [ username.toLowerCase() ], function (error, result) { if (error) return callback(new DatabaseError(DatabaseError.INTERNAL_ERROR, error)); if (result.length === 0) return callback(new DatabaseError(DatabaseError.NOT_FOUND)); @@ -62,7 +62,7 @@ function getByEmail(email, callback) { assert.strictEqual(typeof email, 'string'); assert.strictEqual(typeof callback, 'function'); - database.query('SELECT ' + USERS_FIELDS + ' FROM users WHERE email = ?', [ email ], function (error, result) { + database.query('SELECT ' + USERS_FIELDS + ' FROM users WHERE email = ?', [ email.toLowerCase() ], function (error, result) { if (error) return callback(new DatabaseError(DatabaseError.INTERNAL_ERROR, error)); if (result.length === 0) return callback(new DatabaseError(DatabaseError.NOT_FOUND)); @@ -139,7 +139,7 @@ function add(userId, user, callback) { assert.strictEqual(typeof user.displayName, 'string'); assert.strictEqual(typeof callback, 'function'); - var data = [ userId, user.username || null, user.password, user.email.toLowerCase(), user.salt, user.createdAt, user.modifiedAt, user.resetToken, user.displayName ]; + var data = [ userId, user.username ? user.username.toLowerCase() : null, user.password, user.email.toLowerCase(), user.salt, user.createdAt, user.modifiedAt, user.resetToken, user.displayName ]; database.query('INSERT INTO users (id, username, password, email, salt, createdAt, modifiedAt, resetToken, displayName) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?)', data, function (error, result) { if (error && error.code === 'ER_DUP_ENTRY') return callback(new DatabaseError(DatabaseError.ALREADY_EXISTS, error)); if (error || result.affectedRows !== 1) return callback(new DatabaseError(DatabaseError.INTERNAL_ERROR, error)); @@ -200,7 +200,7 @@ function update(userId, user, callback) { if (k === 'username') { assert.strictEqual(typeof user.username, 'string'); - args.push(user.username || null); + args.push(user.username ? user.username.toLowerCase() : null); } else if (k === 'email') { assert.strictEqual(typeof user.email, 'string'); args.push(user.email.toLowerCase());