Closed mishaschwartz closed 10 months ago
All modified and coverable lines are covered by tests :white_check_mark:
Comparison is base (
436c7f9
) 80.92% compared to head (d6d1666
) 81.01%. Report is 9 commits behind head on master.
:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.
@tlvu Just FYI to validate on your side if this is already applied in your platforms. The (eventual) migration script could break deployment if there is a conflicting case-insensitive user name. In the meantime, if there are such users, they probably get funky responses anyway.
@tlvu Just FYI to validate on your side if this is already applied in your platforms. The (eventual) migration script could break deployment if there is a conflicting case-insensitive user name. In the meantime, if there are such users, they probably get funky responses anyway.
@fmigneault Thanks for the heads up. Due to the sanitized {username}
from JupyterHub, we do not have duplicate capital case in our usernames.
The valid user name regex should be updated to directly disallow uppercase.
I'm very confused now. The whole point of the strategy that you suggested here: https://github.com/bird-house/birdhouse-deploy/pull/396 (especially overriding the normalize_username
function) was to allow there to be usernames with uppercase characters.
If we now want to disallow all uppercase characters here, we could have avoided making those changes in the first place.
We shouldn't have to go back everywhere to apply lower().
This is what ziggurat foundations does, if we want to conform with that code then we have to ensure that we're matching names in a case-insensitive way.
Finally, I propose that another more explicit message is added to check_user utility to verify if user_name != user_name.lower() and raise the relevant error that will better guide the registering user why their user name is considered invalid.
The easiest way to do this would be to just remove the soft checks here: https://github.com/Ouranosinc/Magpie/pull/596/files#diff-5de931472d59cdf71cb9fe436020658d35e0d8ec69aea8d7aeb0cd79e4314024R570
I'm not really sure why these checks are needed in the first place
Closed in favour of #597
Do not allow users to have the same username that only differs in terms of upper/lowercase Ziggurat foundations assumes that users will not have usernames that differ in terms of case. This means that if the database contains a user with the username "Test" and another with the username "test". The login procedure will not know to differentiate the two.
Resolves #595