From 1e9a85ff05c229b7e4a4599db0bfbc06b8d795b9 Mon Sep 17 00:00:00 2001 From: Tim Abbott Date: Thu, 28 Feb 2013 16:30:46 -0500 Subject: [PATCH] Fix use of case-sensitive comparisons on email addresses. (imported from commit d420169640a9f9c034b3d9ded207e583691f6652) --- zephyr/decorator.py | 4 ++-- zephyr/lib/actions.py | 10 +++++----- zephyr/management/commands/dump_useractivity.py | 2 +- zephyr/management/commands/populate_db.py | 4 ++-- zephyr/retention_policy.py | 2 +- zephyr/tests.py | 10 +++++----- zephyr/views.py | 6 +++--- 7 files changed, 19 insertions(+), 19 deletions(-) diff --git a/zephyr/decorator.py b/zephyr/decorator.py index 0c080fd94c..250c191526 100644 --- a/zephyr/decorator.py +++ b/zephyr/decorator.py @@ -61,7 +61,7 @@ def get_tornado_user_profile(user_id): @cache_with_key(lambda email: 'tornado_user_profile_email:%s' % (email,)) def get_tornado_user_profile_by_email(email): - return UserProfile.objects.select_related().get(user__email=email) + return UserProfile.objects.select_related().get(user__email__iexact=email) # authenticated_api_view will add the authenticated user's user_profile to # the view function's arguments list, since we have to look it up @@ -80,7 +80,7 @@ def authenticated_api_view(view_func): # any mutable fields (just ids plus the realm.domain) user_profile = get_tornado_user_profile_by_email(email) else: - user_profile = UserProfile.objects.select_related().get(user__email=email) + user_profile = UserProfile.objects.select_related().get(user__email__iexact=email) except UserProfile.DoesNotExist: return json_error("Invalid user: %s" % (email,)) if api_key != user_profile.api_key: diff --git a/zephyr/lib/actions.py b/zephyr/lib/actions.py index 61b6806d73..387afa3e9a 100644 --- a/zephyr/lib/actions.py +++ b/zephyr/lib/actions.py @@ -87,7 +87,7 @@ def compute_mit_user_fullname(email): @transaction.commit_on_success def create_mit_user_if_needed(realm, email): try: - return UserProfile.objects.get(user__email=email) + return UserProfile.objects.get(user__email__iexact=email) except UserProfile.DoesNotExist: try: # Forge a user for this person @@ -98,7 +98,7 @@ def create_mit_user_if_needed(realm, email): # Unless we raced with another thread doing the same # thing, in which case we should get the user they made transaction.commit() - return UserProfile.objects.get(user__email=email) + return UserProfile.objects.get(user__email__iexact=email) def log_message(message): if not message.sending_client.name.startswith("test:"): @@ -175,13 +175,13 @@ def internal_send_message(sender_email, recipient_type, recipient, if len(content) > MAX_MESSAGE_LENGTH: content = content[0:3900] + "\n\n[message was too long and has been truncated]" message = Message() - message.sender = UserProfile.objects.get(user__email=sender_email) + message.sender = UserProfile.objects.get(user__email__iexact=sender_email) if recipient_type == Recipient.STREAM: stream, _ = create_stream_if_needed(message.sender.realm, recipient) type_id = stream.id else: - type_id = UserProfile.objects.get(user__email=recipient).id + type_id = UserProfile.objects.get(user__email__iexact=recipient).id message.recipient = Recipient.objects.get(type_id=type_id, type=recipient_type) @@ -273,7 +273,7 @@ def do_create_realm(domain, replay=False): # Sent a notification message message = Message() - message.sender = UserProfile.objects.get(user__email="humbug+signups@humbughq.com") + message.sender = UserProfile.objects.get(user__email__iexact="humbug+signups@humbughq.com") stream, _ = create_stream_if_needed(message.sender.realm, "signups") message.recipient = Recipient.objects.get(type_id=stream.id, type=Recipient.STREAM) message.subject = domain diff --git a/zephyr/management/commands/dump_useractivity.py b/zephyr/management/commands/dump_useractivity.py index 86aed9451f..0992e07110 100644 --- a/zephyr/management/commands/dump_useractivity.py +++ b/zephyr/management/commands/dump_useractivity.py @@ -15,7 +15,7 @@ def dump(): def restore(change): for (email, client_name, query, count, timestamp) in simplejson.loads(file("dumped-activity").read()): - user_profile = UserProfile.objects.get(user__email=email) + user_profile = UserProfile.objects.get(user__email__iexact=email) client = get_client(client_name) last_visit = timestamp_to_datetime(timestamp) print "%s: activity for %s,%s" % (email, client_name, query) diff --git a/zephyr/management/commands/populate_db.py b/zephyr/management/commands/populate_db.py index 7bfe5b87ff..992d8b8118 100644 --- a/zephyr/management/commands/populate_db.py +++ b/zephyr/management/commands/populate_db.py @@ -535,13 +535,13 @@ def restore_saved_messages(): continue elif message_type == "user_change_full_name": # Just handle these the slow way - user_profile = UserProfile.objects.get(user__email=old_message["user"]) + user_profile = UserProfile.objects.get(user__email__iexact=old_message["user"]) user_profile.full_name = old_message["full_name"] user_profile.save() continue elif message_type == "enable_desktop_notifications_changed": # Just handle these the slow way - user_profile = UserProfile.objects.get(user__email=old_message["user"]) + user_profile = UserProfile.objects.get(user__email__iexact=old_message["user"]) user_profile.enable_desktop_notifications = (old_message["enable_desktop_notifications"] != "false") user_profile.save() continue diff --git a/zephyr/retention_policy.py b/zephyr/retention_policy.py index e14247c623..292fc75e55 100644 --- a/zephyr/retention_policy.py +++ b/zephyr/retention_policy.py @@ -44,7 +44,7 @@ def should_expunge_from_log(msg, now): user_email = msg['sender_email'] domain = domain_cache.get(user_email) if not domain: - domain = UserProfile.objects.get(user__email=user_email).realm.domain + domain = UserProfile.objects.get(user__email__iexact=user_email).realm.domain domain_cache[user_email] = domain if domain not in max_age: diff --git a/zephyr/tests.py b/zephyr/tests.py index b4069175fc..7cd4170b42 100644 --- a/zephyr/tests.py +++ b/zephyr/tests.py @@ -78,7 +78,7 @@ class AuthedTestCase(TestCase): User that has that email. """ # Usernames are unique, even across Realms. - return UserProfile.objects.get(user__email=email) + return UserProfile.objects.get(user__email__iexact=email) def send_message(self, sender_name, recipient_name, message_type): sender = self.get_user_profile(sender_name) @@ -720,7 +720,7 @@ class SubscriptionAPITest(AuthedTestCase): them. """ other_email = "iago@humbughq.com" - other_profile = UserProfile.objects.get(user__email=other_email) + other_profile = UserProfile.objects.get(user__email__iexact=other_email) self.assertIsInstance(other_profile, UserProfile) current_streams = self.get_streams(other_email) self.assertNotEqual(len(current_streams), 0) # necessary for full test coverage @@ -738,7 +738,7 @@ class SubscriptionAPITest(AuthedTestCase): msg = Message.objects.latest('id') self.assertEqual(msg.recipient.type, msg.recipient.PERSONAL) self.assertEqual(msg.sender_id, UserProfile.objects.get( - user__email="humbug+notifications@humbughq.com").id) + user__email__iexact="humbug+notifications@humbughq.com").id) expected_msg = ("Hi there! We thought you'd like to know that %s just " "subscribed you to the stream '%s'" % (self.user_profile.full_name, add_streams[0])) @@ -755,7 +755,7 @@ class SubscriptionAPITest(AuthedTestCase): invalid_principal = "rosencrantz-and-guildenstern@humbughq.com" # verify that invalid_principal actually doesn't exist with self.assertRaises(UserProfile.DoesNotExist): - UserProfile.objects.get(user__email=invalid_principal) + UserProfile.objects.get(user__email__iexact=invalid_principal) result = self.client.post("/json/subscriptions/add", {"subscriptions": simplejson.dumps(self.streams), "principals": simplejson.dumps([invalid_principal])}) @@ -768,7 +768,7 @@ class SubscriptionAPITest(AuthedTestCase): realm should return a JSON error. """ principal = "starnine@mit.edu" - profile = UserProfile.objects.get(user__email=principal) + profile = UserProfile.objects.get(user__email__iexact=principal) # verify that principal exists (thus, the reason for the error is the cross-realming) self.assertIsInstance(profile, UserProfile) result = self.client.post("/json/subscriptions/add", diff --git a/zephyr/views.py b/zephyr/views.py index ecc8645ad8..87f599229c 100644 --- a/zephyr/views.py +++ b/zephyr/views.py @@ -130,7 +130,7 @@ class PrincipalError(JsonableError): def principal_to_user_profile(agent, principal): principal_doesnt_exist = False try: - principal_user_profile = UserProfile.objects.get(user__email=principal) + principal_user_profile = UserProfile.objects.get(user__email__iexact=principal) except UserProfile.DoesNotExist: principal_doesnt_exist = True @@ -533,7 +533,7 @@ class NarrowBuilder(object): # Personals with other user; include both directions. try: - narrow_profile = UserProfile.objects.get(user__email=operand) + narrow_profile = UserProfile.objects.get(user__email__iexact=operand) except UserProfile.DoesNotExist: raise BadNarrowOperator('unknown user ' + operand) @@ -738,7 +738,7 @@ def create_mirrored_message_users(request, user_profile, recipients): for email in referenced_users: create_mit_user_if_needed(user_profile.realm, email) - sender = UserProfile.objects.get(user__email=sender_email) + sender = UserProfile.objects.get(user__email__iexact=sender_email) return (True, sender) def recipient_for_emails(emails, not_forged_zephyr_mirror, user_profile, sender):