From b21d5d3633b36ee0d2b1c4ee3f572775a022e43c Mon Sep 17 00:00:00 2001 From: Arpit Jalan Date: Wed, 8 Nov 2017 20:25:15 +0530 Subject: [PATCH] FIX: SSO email match should be case insensitive --- app/models/discourse_single_sign_on.rb | 2 +- spec/models/discourse_single_sign_on_spec.rb | 17 +++++++++++++++++ 2 files changed, 18 insertions(+), 1 deletion(-) diff --git a/app/models/discourse_single_sign_on.rb b/app/models/discourse_single_sign_on.rb index fbe2425ec96..3b976a57b37 100644 --- a/app/models/discourse_single_sign_on.rb +++ b/app/models/discourse_single_sign_on.rb @@ -176,7 +176,7 @@ class DiscourseSingleSignOn < SingleSignOn end def change_external_attributes_and_override(sso_record, user) - if SiteSetting.sso_overrides_email && user.email != email + if SiteSetting.sso_overrides_email && user.email != Email.downcase(email) user.email = email user.active = false if require_activation end diff --git a/spec/models/discourse_single_sign_on_spec.rb b/spec/models/discourse_single_sign_on_spec.rb index b4f4529f95d..aa835ea5dce 100644 --- a/spec/models/discourse_single_sign_on_spec.rb +++ b/spec/models/discourse_single_sign_on_spec.rb @@ -266,6 +266,23 @@ describe DiscourseSingleSignOn do expect(user.active).to eq(false) end + it 'does not deactivate user if email provided is capitalized' do + SiteSetting.email_editable = false + SiteSetting.sso_overrides_email = true + sso.require_activation = true + + user = sso.lookup_or_create_user(ip_address) + expect(user.active).to eq(false) + + user.update_columns(active: true) + user = sso.lookup_or_create_user(ip_address) + expect(user.active).to eq(true) + + sso.email = "Test@example.com" + user = sso.lookup_or_create_user(ip_address) + expect(user.active).to eq(true) + end + it 'deactivates accounts that have updated email address' do SiteSetting.email_editable = false