From 614ec644bf7749130bd5421987258f25998ed09b Mon Sep 17 00:00:00 2001
From: srosse <none@none>
Date: Fri, 17 Jun 2016 08:55:56 +0200
Subject: [PATCH] OO-2064: search the identity by name with explicit lower case

---
 .../org/olat/basesecurity/BaseSecurity.java   |  2 ++
 .../basesecurity/BaseSecurityManager.java     | 14 ++++++++++
 .../ldap/manager/LDAPLoginManagerImpl.java    |  5 ++--
 .../basesecurity/BaseSecurityManagerTest.java | 28 +++++++++++++++++++
 4 files changed, 47 insertions(+), 2 deletions(-)

diff --git a/src/main/java/org/olat/basesecurity/BaseSecurity.java b/src/main/java/org/olat/basesecurity/BaseSecurity.java
index eedbc943f82..9ce13fd39fc 100644
--- a/src/main/java/org/olat/basesecurity/BaseSecurity.java
+++ b/src/main/java/org/olat/basesecurity/BaseSecurity.java
@@ -157,6 +157,8 @@ public interface BaseSecurity {
 	 */
 	public Identity findIdentityByName(String identityName);
 	
+	public Identity findIdentityByNameCaseInsensitive(String identityName);
+	
 	public List<Identity> findIdentitiesByName(Collection<String> identityName);
 
 	/**
diff --git a/src/main/java/org/olat/basesecurity/BaseSecurityManager.java b/src/main/java/org/olat/basesecurity/BaseSecurityManager.java
index aa88909c3b8..651f1d4dd21 100644
--- a/src/main/java/org/olat/basesecurity/BaseSecurityManager.java
+++ b/src/main/java/org/olat/basesecurity/BaseSecurityManager.java
@@ -949,6 +949,20 @@ public class BaseSecurityManager implements BaseSecurity {
 		}
 		return identities.get(0);
 	}
+	
+	@Override
+	public Identity findIdentityByNameCaseInsensitive(String identityName) {
+		if (identityName == null) throw new AssertException("findIdentitybyName: name was null");
+
+		StringBuilder sb = new StringBuilder();
+		sb.append("select ident from ").append(IdentityImpl.class.getName()).append(" as ident where lower(ident.name)=:username");
+		
+		List<Identity> identities = DBFactory.getInstance().getCurrentEntityManager()
+				.createQuery(sb.toString(), Identity.class)
+				.setParameter("username", identityName.toLowerCase())
+				.getResultList();
+		return identities == null || identities.isEmpty() ? null : identities.get(0);
+	}
 
 	/**
 	 * Custom search operation by BiWa
diff --git a/src/main/java/org/olat/ldap/manager/LDAPLoginManagerImpl.java b/src/main/java/org/olat/ldap/manager/LDAPLoginManagerImpl.java
index 237a9c8306d..5d67410e46f 100644
--- a/src/main/java/org/olat/ldap/manager/LDAPLoginManagerImpl.java
+++ b/src/main/java/org/olat/ldap/manager/LDAPLoginManagerImpl.java
@@ -437,7 +437,7 @@ public class LDAPLoginManagerImpl implements LDAPLoginManager, GenericEventListe
 				.getOlatPropertyToLdapAttribute(LDAPConstants.LDAP_USER_IDENTIFYER)));
 		String email = getAttributeValue(userAttributes.get(syncConfiguration.getOlatPropertyToLdapAttribute(UserConstants.EMAIL)));
 		// Lookup user
-		if (securityManager.findIdentityByName(uid) != null) {
+		if (securityManager.findIdentityByNameCaseInsensitive(uid) != null) {
 			log.error("Can't create user with username='" + uid + "', this username does already exist in OLAT database", null);
 			return null;
 		}
@@ -587,8 +587,9 @@ public class LDAPLoginManagerImpl implements LDAPLoginManager, GenericEventListe
 	 *         otherwise (if user exists but not managed by LDAP, error Object is
 	 *         modified)
 	 */
+	@Override
 	public Identity findIdentyByLdapAuthentication(String uid, LDAPError errors) {
-		Identity identity = securityManager.findIdentityByName(uid);
+		Identity identity = securityManager.findIdentityByNameCaseInsensitive(uid);
 		if (identity == null) {
 			return null;
 		} else {
diff --git a/src/test/java/org/olat/basesecurity/BaseSecurityManagerTest.java b/src/test/java/org/olat/basesecurity/BaseSecurityManagerTest.java
index a480287c311..26cce036751 100644
--- a/src/test/java/org/olat/basesecurity/BaseSecurityManagerTest.java
+++ b/src/test/java/org/olat/basesecurity/BaseSecurityManagerTest.java
@@ -171,6 +171,34 @@ public class BaseSecurityManagerTest extends OlatTestCase {
 		Assert.assertEquals(id, foundId);
 	}
 	
+	@Test
+	public void findIdentityByNameCaseInsensitive() {
+		//create a user it
+		String username = "find-ME-2-" + UUID.randomUUID().toString();
+		Identity id = JunitTestHelper.createAndPersistIdentityAsUser(username);
+		Assert.assertNotNull(id);
+		Assert.assertEquals(username, id.getName());
+		dbInstance.commitAndCloseSession();
+		
+		//find it
+		Identity foundId = securityManager.findIdentityByNameCaseInsensitive(username);
+		Assert.assertNotNull(foundId);
+		Assert.assertEquals(username, foundId.getName());
+		Assert.assertEquals(id, foundId);
+		
+		//find it lower case
+		Identity foundLoweredId = securityManager.findIdentityByNameCaseInsensitive(username.toLowerCase());
+		Assert.assertNotNull(foundLoweredId);
+		Assert.assertEquals(username, foundLoweredId.getName());
+		Assert.assertEquals(id, foundLoweredId);
+		
+		//find it upper case
+		Identity foundUpperedId = securityManager.findIdentityByNameCaseInsensitive(username.toUpperCase());
+		Assert.assertNotNull(foundUpperedId);
+		Assert.assertEquals(username, foundUpperedId.getName());
+		Assert.assertEquals(id, foundUpperedId);
+	}
+	
 	@Test
 	public void testFindIdentityByNames() {
 		//create a user it
-- 
GitLab