closed-social
/
mastodon
3
0
Fork 2
Code Issues 5 Pull Requests 0 Projects 0 Releases 3 Wiki Activity
Browse Source

Fix UniqueUsernameValidator comparison (#6926) 

Comparison was downcasing only one side, therefore if previously
existing account had a non-lowercase spelling, it would be ignored
when checking for duplicates.

New rake task `mastodon:maintenance:find_duplicate_usernames` will
help find constraint violations that might have occured from the
presence of this bug.

Bump version to 2.3.3
pull/4/head
Eugen Rochko 6 years ago
committed by GitHub
parent
40e5d2303b
commit
2a90da1837
No known key found for this signature in database GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 21 additions and 3 deletions
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. +1
    -1
      app/models/concerns/account_finder_concern.rb
  2. +1
    -1
      app/validators/unique_username_validator.rb
  3. +1
    -1
      lib/mastodon/version.rb
  4. +18
    -0
      lib/tasks/mastodon.rake

+ 1
- 1
app/models/concerns/account_finder_concern.rb View File

@ -30,7 +30,7 @@ module AccountFinderConcern
end
def account
scoped_accounts.take
scoped_accounts.order(id: :asc).take
end
private

+ 1
- 1
app/validators/unique_username_validator.rb View File

@ -6,7 +6,7 @@ class UniqueUsernameValidator < ActiveModel::Validator
normalized_username = account.username.downcase.delete('.')
scope = Account.where(domain: nil, username: normalized_username)
scope = Account.where(domain: nil).where('lower(username) = ?', normalized_username)
scope = scope.where.not(id: account.id) if account.persisted?
account.errors.add(:username, :taken) if scope.exists?

+ 1
- 1
lib/mastodon/version.rb View File

@ -13,7 +13,7 @@ module Mastodon
end
def patch
2
3
end
def pre

+ 18
- 0
lib/tasks/mastodon.rake View File

@ -740,6 +740,24 @@ namespace :mastodon do
LinkCrawlWorker.push_bulk status_ids
end
desc 'Find case-insensitive username duplicates of local users'
task find_duplicate_usernames: :environment do
include RoutingHelper
disable_log_stdout!
duplicate_masters = Account.find_by_sql('SELECT * FROM accounts WHERE id IN (SELECT min(id) FROM accounts WHERE domain IS NULL GROUP BY lower(username) HAVING count(*) > 1)')
pastel = Pastel.new
duplicate_masters.each do |account|
puts pastel.yellow("First of their name: ") + pastel.bold(account.username) + " (#{admin_account_url(account.id)})"
Account.where('lower(username) = ?', account.username.downcase).where.not(id: account.id).each do |duplicate|
puts " " + pastel.red("Duplicate: ") + admin_account_url(duplicate.id)
end
end
end
desc 'Remove all home feed regeneration markers'
task remove_regeneration_markers: :environment do
keys = Redis.current.keys('account:*:regeneration')

Write Preview
Loading…
Cancel
Save