Permalink
Browse files

[cfid-47] Change DDL scripts to allow mixed case username...

...but preserve case-insensitivity in queries.

[Fixes #35352693] [cfid-47] username should preserve case

Change-Id: I9f016d884d230e8e8ee1c50383abf25b0679a928
  • Loading branch information...
1 parent f9d04c1 commit 98397893ec6b180e2689fabbb63930b8dd2aa6c4 @dsyer dsyer committed Nov 26, 2012
@@ -39,7 +39,7 @@
public static final String USER_FIELDS = "id,username,password,email,givenName,familyName,created,lastModified ";
public static final String USER_BY_USERNAME_QUERY = "select " + USER_FIELDS + "from users "
- + "where username = ? and active=true";
+ + "where lower(username) = ? and active=true";
public static final String USER_AUTHORITIES_QUERY = "select g.displayName from groups g, group_membership m where g.id = m.group_id and m.member_id = ?";
@@ -17,17 +17,18 @@ CREATE TABLE USERS (
created TIMESTAMP default current_timestamp not null,
lastModified TIMESTAMP default current_timestamp not null,
version BIGINT default 0 not null,
- username VARCHAR(255) not null,
+ username VARCHAR_IGNORECASE(255) not null,
password VARCHAR(255) not null,
email VARCHAR(255) not null,
authorities VARCHAR(1024) default 'uaa.user' not null,
givenName VARCHAR(255),
familyName VARCHAR(255),
active BOOLEAN default true not null,
- phoneNumber VARCHAR(255),
- constraint unique_uk_1 unique(username)
+ phoneNumber VARCHAR(255)
) ;
+CREATE UNIQUE INDEX unique_uk_1 on users (username);
+
CREATE TABLE SEC_AUDIT (
principal_id char(36) not null,
event_type INTEGER not null,
@@ -67,7 +68,7 @@ CREATE TABLE GROUP_MEMBERSHIP (
primary key (group_id, member_id)
) ;
- create table oauth_client_token (
+create table oauth_client_token (
token_id VARCHAR(256),
token LONGVARBINARY,
authentication_id VARCHAR(256),
@@ -24,10 +24,11 @@ CREATE TABLE USERS (
givenName VARCHAR(255),
familyName VARCHAR(255),
active BOOLEAN default true not null,
- phoneNumber VARCHAR(255),
- constraint unique_uk_1 unique(username)
+ phoneNumber VARCHAR(255)
) ;
+CREATE UNIQUE INDEX unique_uk_1 on users (lower(username));
+
CREATE TABLE SEC_AUDIT (
principal_id char(36) not null,
event_type INTEGER not null,
@@ -67,7 +68,7 @@ CREATE TABLE GROUP_MEMBERSHIP (
primary key (group_id, member_id)
) ;
- create table oauth_client_token (
+create table oauth_client_token (
token_id VARCHAR(256),
token BYTEA,
authentication_id VARCHAR(256),
@@ -25,3 +25,4 @@ VARCHAR = VARCHAR
SYSDATE = current_timestamp
# for generating drop statements...
SEQUENCE = TABLE
+IGNORECASE = VARCHAR_IGNORECASE
@@ -3,3 +3,4 @@
);
#end
#macro (notnull $name)ALTER COLUMN ${name} set NOT NULL#end
+#macro (lower_constraint $name)${name}#end
@@ -25,3 +25,4 @@ VARCHAR = VARCHAR
SYSDATE = current_timestamp
# for generating drop statements...
SEQUENCE = SEQUENCE
+IGNORECASE = VARCHAR
@@ -1,3 +1,4 @@
#macro (sequence $name $value)CREATE SEQUENCE ${name} MAXVALUE 9223372036854775807 NO CYCLE;
#end
#macro (notnull $name)ALTER COLUMN ${name} SET NOT NULL#end
+#macro (lower_constraint $name)lower(${name})#end
@@ -17,17 +17,18 @@ CREATE TABLE USERS (
created ${TIMESTAMP} default ${SYSDATE} not null,
lastModified ${TIMESTAMP} default ${SYSDATE} not null,
version ${BIGINT} default 0 not null,
- username ${VARCHAR}(255) not null,
+ username ${IGNORECASE}(255) not null,
password ${VARCHAR}(255) not null,
email ${VARCHAR}(255) not null,
authorities ${VARCHAR}(1024) default 'uaa.user' not null,
givenName ${VARCHAR}(255),
familyName ${VARCHAR}(255),
active BOOLEAN default true not null,
- phoneNumber ${VARCHAR}(255),
- constraint unique_uk_1 unique(username)
+ phoneNumber ${VARCHAR}(255)
) $!{VOODOO};
+CREATE UNIQUE INDEX unique_uk_1 on users (#lower_constraint("username"));
+
CREATE TABLE SEC_AUDIT (
principal_id char(36) not null,
event_type INTEGER not null,
@@ -66,7 +66,7 @@
private void addUser(String id, String name, String password) {
TestUtils.assertNoSuchUser(template, "id", id);
- template.execute(String.format(addUserSqlFormat, id, name, password, name, name, name, ""));
+ template.execute(String.format(addUserSqlFormat, id, name, password, name.toLowerCase() + "@test.org", name, name, ""));
}
private void addGroup(String id, String name) {
@@ -90,7 +90,7 @@ public void initializeDb() throws Exception {
TestUtils.assertNoSuchUser(template, "id", MABEL_ID);
TestUtils.assertNoSuchUser(template, "userName", "jo@foo.com");
- addUser(JOE_ID, "joe", "joespassword");
+ addUser(JOE_ID, "Joe", "joespassword");
addUser(MABEL_ID, "mabel", "mabelspassword");
}
@@ -105,8 +105,19 @@ public void getValidUserSucceeds() {
UaaUser joe = db.retrieveUserByName("joe");
assertNotNull(joe);
assertEquals(JOE_ID, joe.getId());
- assertEquals("joe", joe.getUsername());
- assertEquals("joe", joe.getEmail());
+ assertEquals("Joe", joe.getUsername());
+ assertEquals("joe@test.org", joe.getEmail());
+ assertEquals("joespassword", joe.getPassword());
+ assertTrue("authorities does not contain uaa.user", joe.getAuthorities().contains(new SimpleGrantedAuthority("uaa.user")));
+ }
+
+ @Test
+ public void getValidUserCaseInsensitive() {
+ UaaUser joe = db.retrieveUserByName("JOE");
+ assertNotNull(joe);
+ assertEquals(JOE_ID, joe.getId());
+ assertEquals("Joe", joe.getUsername());
+ assertEquals("joe@test.org", joe.getEmail());
assertEquals("joespassword", joe.getPassword());
assertTrue("authorities does not contain uaa.user", joe.getAuthorities().contains(new SimpleGrantedAuthority("uaa.user")));
}
@@ -24,10 +24,11 @@ CREATE TABLE USERS (
email VARCHAR(255) not null,
authority BIGINT default 0,
givenName VARCHAR(255) not null,
- familyName VARCHAR(255) not null,
- constraint unique_uk_1 unique(username)
+ familyName VARCHAR(255) not null
) ;
+ALTER TABLE users DROP CONSTRAINT unique_uk_1;
+CREATE UNIQUE INDEX unique_uk_1_1 on users (LOWER(username));
ALTER TABLE USERS ADD COLUMN active BOOLEAN default true;
ALTER TABLE USERS ALTER COLUMN created SET NOT NULL;
ALTER TABLE USERS ALTER COLUMN lastModified SET NOT NULL;

0 comments on commit 9839789

Please sign in to comment.