feat(users): lowercase username

This commit is contained in:
Anthony Lapenna
2020-05-09 10:18:47 +12:00
parent 8046fb0438
commit b4e38b6b38
5 changed files with 46 additions and 15 deletions
+4 -2
View File
@@ -47,7 +47,9 @@ func (handler *Handler) authenticate(w http.ResponseWriter, r *http.Request) *ht
return &httperror.HandlerError{http.StatusInternalServerError, "Unable to retrieve settings from the database", err}
}
u, err := handler.UserService.UserByUsername(payload.Username)
userName := strings.ToLower(payload.Username)
u, err := handler.UserService.UserByUsername(userName)
if err != nil && err != portainer.ErrObjectNotFound {
return &httperror.HandlerError{http.StatusInternalServerError, "Unable to retrieve a user with the specified username from the database", err}
}
@@ -58,7 +60,7 @@ func (handler *Handler) authenticate(w http.ResponseWriter, r *http.Request) *ht
if settings.AuthenticationMethod == portainer.AuthenticationLDAP {
if u == nil && settings.LDAPSettings.AutoCreateUsers {
return handler.authenticateLDAPAndCreateUser(w, payload.Username, payload.Password, &settings.LDAPSettings)
return handler.authenticateLDAPAndCreateUser(w, userName, payload.Password, &settings.LDAPSettings)
} else if u == nil && !settings.LDAPSettings.AutoCreateUsers {
return &httperror.HandlerError{http.StatusUnprocessableEntity, "Invalid credentials", portainer.ErrUnauthorized}
}
+2 -1
View File
@@ -2,6 +2,7 @@ package users
import (
"net/http"
"strings"
"github.com/asaskevich/govalidator"
httperror "github.com/portainer/libhttp/error"
@@ -43,7 +44,7 @@ func (handler *Handler) adminInit(w http.ResponseWriter, r *http.Request) *httpe
}
user := &portainer.User{
Username: payload.Username,
Username: strings.ToLower(payload.Username),
Role: portainer.AdministratorRole,
PortainerAuthorizations: portainer.DefaultPortainerAuthorizations(),
}
+5 -2
View File
@@ -2,6 +2,7 @@ package users
import (
"net/http"
"strings"
"github.com/asaskevich/govalidator"
httperror "github.com/portainer/libhttp/error"
@@ -49,7 +50,9 @@ func (handler *Handler) userCreate(w http.ResponseWriter, r *http.Request) *http
return &httperror.HandlerError{http.StatusForbidden, "Permission denied to create administrator user", portainer.ErrResourceAccessDenied}
}
user, err := handler.UserService.UserByUsername(payload.Username)
userName := strings.ToLower(payload.Username)
user, err := handler.UserService.UserByUsername(userName)
if err != nil && err != portainer.ErrObjectNotFound {
return &httperror.HandlerError{http.StatusInternalServerError, "Unable to retrieve users from the database", err}
}
@@ -58,7 +61,7 @@ func (handler *Handler) userCreate(w http.ResponseWriter, r *http.Request) *http
}
user = &portainer.User{
Username: payload.Username,
Username: strings.ToLower(userName),
Role: portainer.UserRole(payload.Role),
PortainerAuthorizations: portainer.DefaultPortainerAuthorizations(),
}