From 24b1894a84a67387377a4d0c7ac5425ef5ba2cfb Mon Sep 17 00:00:00 2001
From: cong meng <mcpacino@gmail.com>
Date: Wed, 10 Feb 2021 15:29:28 +1300
Subject: [PATCH] feat(authtication): #3580 Rename all usernames to lowercase
 (#4603)

* feat(authtication): Rename all usernames to lowercase

* feat(authentication): Remove database migration (#3580)

* feat(authentication): Make UserByUsername compare usernames case-insensitively (#3580)

* feat(authentication): validate new username case-insensitively (#3580)

Co-authored-by: Simon Meng <simon.meng@portainer.io>
---
 api/bolt/user/user.go                        | 7 ++++++-
 app/portainer/views/users/usersController.js | 2 +-
 2 files changed, 7 insertions(+), 2 deletions(-)

diff --git a/api/bolt/user/user.go b/api/bolt/user/user.go
index fa0c5c151..b74e0b524 100644
--- a/api/bolt/user/user.go
+++ b/api/bolt/user/user.go
@@ -4,6 +4,7 @@ import (
 	"github.com/portainer/portainer/api"
 	"github.com/portainer/portainer/api/bolt/errors"
 	"github.com/portainer/portainer/api/bolt/internal"
+	"strings"
 
 	"github.com/boltdb/bolt"
 )
@@ -47,6 +48,8 @@ func (service *Service) User(ID portainer.UserID) (*portainer.User, error) {
 func (service *Service) UserByUsername(username string) (*portainer.User, error) {
 	var user *portainer.User
 
+	username = strings.ToLower(username)
+
 	err := service.db.View(func(tx *bolt.Tx) error {
 		bucket := tx.Bucket([]byte(BucketName))
 		cursor := bucket.Cursor()
@@ -58,7 +61,7 @@ func (service *Service) UserByUsername(username string) (*portainer.User, error)
 				return err
 			}
 
-			if u.Username == username {
+			if strings.ToLower(u.Username) == username {
 				user = &u
 				break
 			}
@@ -123,6 +126,7 @@ func (service *Service) UsersByRole(role portainer.UserRole) ([]portainer.User,
 // UpdateUser saves a user.
 func (service *Service) UpdateUser(ID portainer.UserID, user *portainer.User) error {
 	identifier := internal.Itob(int(ID))
+	user.Username = strings.ToLower(user.Username)
 	return internal.UpdateObject(service.db, BucketName, identifier, user)
 }
 
@@ -133,6 +137,7 @@ func (service *Service) CreateUser(user *portainer.User) error {
 
 		id, _ := bucket.NextSequence()
 		user.ID = portainer.UserID(id)
+		user.Username = strings.ToLower(user.Username)
 
 		data, err := internal.MarshalObject(user)
 		if err != nil {
diff --git a/app/portainer/views/users/usersController.js b/app/portainer/views/users/usersController.js
index acbb9b237..be8562057 100644
--- a/app/portainer/views/users/usersController.js
+++ b/app/portainer/views/users/usersController.js
@@ -29,7 +29,7 @@ angular.module('portainer.app').controller('UsersController', [
     $scope.checkUsernameValidity = function () {
       var valid = true;
       for (var i = 0; i < $scope.users.length; i++) {
-        if ($scope.formValues.Username === $scope.users[i].Username) {
+        if ($scope.formValues.Username.toLocaleLowerCase() === $scope.users[i].Username.toLocaleLowerCase()) {
           valid = false;
           break;
         }