From 9c3e603bdaea48c97b4b13fb9356e2c3e15461a5 Mon Sep 17 00:00:00 2001
From: John Niang <johnniang@fastmail.com>
Date: Thu, 7 Sep 2023 13:52:11 +0800
Subject: [PATCH] Fix the problem of username being case-insensitive and
 logging in without permissions (#4552)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

#### What type of PR is this?

/kind bug
/area core
/milestone 2.10.x

#### What this PR does / why we need it:

This PR fixes the problem of username being case-insensitive and logging in without permissions. Please note that the problem only occurs with MySQL.

#### Which issue(s) this PR fixes:

Fixes https://github.com/halo-dev/halo/issues/4549

#### Special notes for your reviewer:

```bash
docker run -it --rm --name halodb -p 3306:3306 -e MYSQL_ROOT_PASSWORD=openmysql -e MYSQL_DATABASE=halo mysql:8

./gradlew bootRun --args="--spring.profiles.active=dev,mysql --halo.plugin.runtime-mode=deployment"
```

#### Does this PR introduce a user-facing change?

```release-note
修复因大小写问题导致登录后无权限的问题
```
---
 .../java/run/halo/app/security/DefaultUserDetailService.java | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/application/src/main/java/run/halo/app/security/DefaultUserDetailService.java b/application/src/main/java/run/halo/app/security/DefaultUserDetailService.java
index e0e614fad..95bf446c5 100644
--- a/application/src/main/java/run/halo/app/security/DefaultUserDetailService.java
+++ b/application/src/main/java/run/halo/app/security/DefaultUserDetailService.java
@@ -41,13 +41,14 @@ public class DefaultUserDetailService
             .onErrorMap(UserNotFoundException.class,
                 e -> new BadCredentialsException("Invalid Credentials"))
             .flatMap(user -> {
-                var subject = new Subject(KIND, username, GROUP);
+                var name = user.getMetadata().getName();
+                var subject = new Subject(KIND, name, GROUP);
                 return roleService.listRoleRefs(subject)
                     .filter(this::isRoleRef)
                     .map(RoleRef::getName)
                     .collectList()
                     .map(roleNames -> User.builder()
-                        .username(username)
+                        .username(name)
                         .password(user.getSpec().getPassword())
                         .roles(roleNames.toArray(new String[0]))
                         .build());