From c72c18e825a2318b45daaead535d473b6037cb1d Mon Sep 17 00:00:00 2001 From: Gary Sharp Date: Thu, 3 Nov 2016 17:12:50 +1100 Subject: [PATCH] Bug Fix #98 Ensure Usernames are not case-sensitive --- Disco.Services/Users/Cache.cs | 21 +++----- .../Areas/API/Controllers/DeviceController.cs | 2 +- .../Areas/API/Controllers/UserController.cs | 2 +- .../Device/DeviceParts/_Resources.cshtml | 2 +- .../DeviceParts/_Resources.generated.cs | 15 +++--- Disco.Web/Views/Job/JobParts/Resources.cshtml | 4 +- .../Views/Job/JobParts/Resources.generated.cs | 49 +++++++++---------- .../Views/User/UserParts/_Resources.cshtml | 2 +- .../User/UserParts/_Resources.generated.cs | 15 +++--- 9 files changed, 52 insertions(+), 60 deletions(-) diff --git a/Disco.Services/Users/Cache.cs b/Disco.Services/Users/Cache.cs index 7523b23f..0da0f346 100644 --- a/Disco.Services/Users/Cache.cs +++ b/Disco.Services/Users/Cache.cs @@ -3,16 +3,13 @@ using Disco.Models.Repository; using Disco.Services.Authorization; using System; using System.Collections.Concurrent; -using System.Collections.Generic; using System.Linq; -using System.Text; -using System.Threading.Tasks; namespace Disco.Services.Users { internal static class Cache { - private static ConcurrentDictionary> _Cache = new ConcurrentDictionary>(); + private static ConcurrentDictionary> _Cache = new ConcurrentDictionary>(StringComparer.OrdinalIgnoreCase); private const long CacheTimeoutTicks = 6000000000; // 10 Minutes internal static AuthorizationToken GetAuthorization(string UserId, DiscoDataContext Database, bool ForceRefresh) @@ -116,14 +113,13 @@ namespace Disco.Services.Users { var cache = _Cache; - string userId = UserId.ToLower(); Tuple record; - if (cache.TryGetValue(userId, out record)) + if (cache.TryGetValue(UserId, out record)) { if (record.Item3 > DateTime.Now) return record; else - cache.TryRemove(userId, out record); + cache.TryRemove(UserId, out record); } return null; } @@ -132,18 +128,17 @@ namespace Disco.Services.Users { var cache = _Cache; - string userId = UserId.ToLower(); Tuple record = new Tuple(Record.Item1, Record.Item2, DateTime.Now.AddTicks(CacheTimeoutTicks)); - if (cache.ContainsKey(userId)) + if (cache.ContainsKey(UserId)) { Tuple oldRecord; - if (cache.TryGetValue(userId, out oldRecord)) + if (cache.TryGetValue(UserId, out oldRecord)) { - cache.TryUpdate(userId, record, oldRecord); + cache.TryUpdate(UserId, record, oldRecord); return record; } } - cache.TryAdd(userId, record); + cache.TryAdd(UserId, record); return record; } @@ -170,7 +165,7 @@ namespace Disco.Services.Users } internal static void FlushCache() { - _Cache = new ConcurrentDictionary>(); + _Cache = new ConcurrentDictionary>(StringComparer.OrdinalIgnoreCase); } } } diff --git a/Disco.Web/Areas/API/Controllers/DeviceController.cs b/Disco.Web/Areas/API/Controllers/DeviceController.cs index 1fa87277..e43a274c 100644 --- a/Disco.Web/Areas/API/Controllers/DeviceController.cs +++ b/Disco.Web/Areas/API/Controllers/DeviceController.cs @@ -493,7 +493,7 @@ namespace Disco.Web.Areas.API.Controllers var da = new DeviceAttachment() { DeviceSerialNumber = d.SerialNumber, - TechUserId = UserService.CurrentUser.UserId, + TechUserId = CurrentUser.UserId, Filename = file.FileName, MimeType = contentType, Timestamp = DateTime.Now, diff --git a/Disco.Web/Areas/API/Controllers/UserController.cs b/Disco.Web/Areas/API/Controllers/UserController.cs index 80d5d71f..7ffac47d 100644 --- a/Disco.Web/Areas/API/Controllers/UserController.cs +++ b/Disco.Web/Areas/API/Controllers/UserController.cs @@ -78,7 +78,7 @@ namespace Disco.Web.Areas.API.Controllers var ua = new Disco.Models.Repository.UserAttachment() { UserId = u.UserId, - TechUserId = UserService.CurrentUser.UserId, + TechUserId = CurrentUser.UserId, Filename = file.FileName, MimeType = contentType, Timestamp = DateTime.Now, diff --git a/Disco.Web/Views/Device/DeviceParts/_Resources.cshtml b/Disco.Web/Views/Device/DeviceParts/_Resources.cshtml index 8110e644..80417769 100644 --- a/Disco.Web/Views/Device/DeviceParts/_Resources.cshtml +++ b/Disco.Web/Views/Device/DeviceParts/_Resources.cshtml @@ -36,7 +36,7 @@ { @da.DocumentTemplate.Description} else { @da.Comments }} - @da.TechUser.ToString()@if (canRemoveAnyAttachments || (canRemoveOwnAttachments && da.TechUserId == CurrentUser.UserId)) + @da.TechUser.ToString()@if (canRemoveAnyAttachments || (canRemoveOwnAttachments && da.TechUserId.Equals(CurrentUser.UserId, StringComparison.OrdinalIgnoreCase))) {}@da.Timestamp.ToFullDateTime() } diff --git a/Disco.Web/Views/Device/DeviceParts/_Resources.generated.cs b/Disco.Web/Views/Device/DeviceParts/_Resources.generated.cs index 7bff8e44..856e2d74 100644 --- a/Disco.Web/Views/Device/DeviceParts/_Resources.generated.cs +++ b/Disco.Web/Views/Device/DeviceParts/_Resources.generated.cs @@ -2,7 +2,7 @@ //------------------------------------------------------------------------------ // // This code was generated by a tool. -// Runtime Version:4.0.30319.34014 +// Runtime Version:4.0.30319.42000 // // Changes to this file may cause incorrect behavior and will be lost if // the code is regenerated. @@ -27,7 +27,6 @@ namespace Disco.Web.Views.Device.DeviceParts using System.Web.UI; using System.Web.WebPages; using Disco; - using Disco.BI.Extensions; using Disco.Models.Repository; using Disco.Services; using Disco.Services.Authorization; @@ -37,9 +36,9 @@ namespace Disco.Web.Views.Device.DeviceParts [System.CodeDom.Compiler.GeneratedCodeAttribute("RazorGenerator", "2.0.0.0")] [System.Web.WebPages.PageVirtualPathAttribute("~/Views/Device/DeviceParts/_Resources.cshtml")] - public partial class Resources : Disco.Services.Web.WebViewPage + public partial class _Resources : Disco.Services.Web.WebViewPage { - public Resources() + public _Resources() { } public override void Execute() @@ -256,7 +255,7 @@ WriteLiteral(""); #line 39 "..\..\Views\Device\DeviceParts\_Resources.cshtml" - if (canRemoveAnyAttachments || (canRemoveOwnAttachments && da.TechUserId == CurrentUser.UserId)) + if (canRemoveAnyAttachments || (canRemoveOwnAttachments && da.TechUserId.Equals(CurrentUser.UserId, StringComparison.OrdinalIgnoreCase))) { #line default @@ -277,14 +276,14 @@ WriteLiteral("(da.Timestamp.ToFullDateTime() + , Tuple.Create(Tuple.Create("", 2502), Tuple.Create(da.Timestamp.ToFullDateTime() #line default #line hidden -, 2461), false) +, 2502), false) ); WriteLiteral(" data-livestamp=\""); diff --git a/Disco.Web/Views/Job/JobParts/Resources.cshtml b/Disco.Web/Views/Job/JobParts/Resources.cshtml index 511eb717..1125448c 100644 --- a/Disco.Web/Views/Job/JobParts/Resources.cshtml +++ b/Disco.Web/Views/Job/JobParts/Resources.cshtml @@ -34,7 +34,7 @@ @foreach (var jl in Model.Job.JobLogs.OrderBy(m => m.Timestamp)) {
- @jl.TechUser.ToStringFriendly()@if (canRemoveAnyLogs || (canRemoveOwnLogs && jl.TechUserId == CurrentUser.UserId)) + @jl.TechUser.ToStringFriendly()@if (canRemoveAnyLogs || (canRemoveOwnLogs && jl.TechUserId.Equals(CurrentUser.UserId, StringComparison.OrdinalIgnoreCase))) {}@jl.Timestamp.ToFullDateTime()
@jl.Comments.ToHtmlComment()
@@ -68,7 +68,7 @@ { @ja.DocumentTemplate.Description} else { @ja.Comments }} - @ja.TechUser.ToStringFriendly()@if (canRemoveAnyAttachments || (canRemoveOwnAttachments && ja.TechUserId == CurrentUser.UserId)) + @ja.TechUser.ToStringFriendly()@if (canRemoveAnyAttachments || (canRemoveOwnAttachments && ja.TechUserId.Equals(CurrentUser.UserId, StringComparison.OrdinalIgnoreCase))) {}@ja.Timestamp.ToFullDateTime() } diff --git a/Disco.Web/Views/Job/JobParts/Resources.generated.cs b/Disco.Web/Views/Job/JobParts/Resources.generated.cs index c403847f..bb47ceea 100644 --- a/Disco.Web/Views/Job/JobParts/Resources.generated.cs +++ b/Disco.Web/Views/Job/JobParts/Resources.generated.cs @@ -2,7 +2,7 @@ //------------------------------------------------------------------------------ // // This code was generated by a tool. -// Runtime Version:4.0.30319.34014 +// Runtime Version:4.0.30319.42000 // // Changes to this file may cause incorrect behavior and will be lost if // the code is regenerated. @@ -27,7 +27,6 @@ namespace Disco.Web.Views.Job.JobParts using System.Web.UI; using System.Web.WebPages; using Disco; - using Disco.BI.Extensions; using Disco.Models.Repository; using Disco.Services; using Disco.Services.Authorization; @@ -181,7 +180,7 @@ WriteLiteral(""); #line 37 "..\..\Views\Job\JobParts\Resources.cshtml" - if (canRemoveAnyLogs || (canRemoveOwnLogs && jl.TechUserId == CurrentUser.UserId)) + if (canRemoveAnyLogs || (canRemoveOwnLogs && jl.TechUserId.Equals(CurrentUser.UserId, StringComparison.OrdinalIgnoreCase))) { #line default @@ -213,14 +212,14 @@ WriteLiteral(" data-livestamp=\""); #line hidden WriteLiteral("\""); -WriteAttribute("title", Tuple.Create(" title=\"", 2091), Tuple.Create("\"", 2129) +WriteAttribute("title", Tuple.Create(" title=\"", 2132), Tuple.Create("\"", 2170) #line 38 "..\..\Views\Job\JobParts\Resources.cshtml" - , Tuple.Create(Tuple.Create("", 2099), Tuple.Create(jl.Timestamp.ToFullDateTime() + , Tuple.Create(Tuple.Create("", 2140), Tuple.Create(jl.Timestamp.ToFullDateTime() #line default #line hidden -, 2099), false) +, 2140), false) ); WriteLiteral(">"); @@ -324,14 +323,14 @@ WriteLiteral(">\r\n (canAddAttachments ? "canAddAttachments" : "cannotAddAttachments" +, Tuple.Create(Tuple.Create("", 2997), Tuple.Create(canAddAttachments ? "canAddAttachments" : "cannotAddAttachments" #line default #line hidden -, 2956), false) +, 2997), false) ); WriteLiteral(">\r\n \r\n"); #line hidden WriteLiteral(" (Url.Action(MVC.API.Job.AttachmentDownload(ja.Id)) +, Tuple.Create(Tuple.Create("", 3408), Tuple.Create(Url.Action(MVC.API.Job.AttachmentDownload(ja.Id)) #line default #line hidden -, 3367), false) +, 3408), false) ); WriteLiteral(" data-attachmentid=\""); @@ -397,42 +396,42 @@ WriteLiteral(">\r\n (ja.Filename +, Tuple.Create(Tuple.Create("", 3576), Tuple.Create(ja.Filename #line default #line hidden -, 3535), false) +, 3576), false) ); WriteLiteral(">\r\n (Url.Action(MVC.API.Job.AttachmentThumbnail(ja.Id)) +, Tuple.Create(Tuple.Create("", 3665), Tuple.Create(Url.Action(MVC.API.Job.AttachmentThumbnail(ja.Id)) #line default #line hidden -, 3624), false) +, 3665), false) ); WriteLiteral(" />\r\n (ja.Comments +, Tuple.Create(Tuple.Create("", 3793), Tuple.Create(ja.Comments #line default #line hidden -, 3752), false) +, 3793), false) ); WriteLiteral(">\r\n"); @@ -495,7 +494,7 @@ WriteLiteral(""); #line 71 "..\..\Views\Job\JobParts\Resources.cshtml" - if (canRemoveAnyAttachments || (canRemoveOwnAttachments && ja.TechUserId == CurrentUser.UserId)) + if (canRemoveAnyAttachments || (canRemoveOwnAttachments && ja.TechUserId.Equals(CurrentUser.UserId, StringComparison.OrdinalIgnoreCase))) { #line default @@ -527,14 +526,14 @@ WriteLiteral(" data-livestamp=\""); #line hidden WriteLiteral("\""); -WriteAttribute("title", Tuple.Create(" title=\"", 4459), Tuple.Create("\"", 4497) +WriteAttribute("title", Tuple.Create(" title=\"", 4541), Tuple.Create("\"", 4579) #line 72 "..\..\Views\Job\JobParts\Resources.cshtml" - , Tuple.Create(Tuple.Create("", 4467), Tuple.Create(ja.Timestamp.ToFullDateTime() + , Tuple.Create(Tuple.Create("", 4549), Tuple.Create(ja.Timestamp.ToFullDateTime() #line default #line hidden -, 4467), false) +, 4549), false) ); WriteLiteral(">"); diff --git a/Disco.Web/Views/User/UserParts/_Resources.cshtml b/Disco.Web/Views/User/UserParts/_Resources.cshtml index e7a76540..95b32422 100644 --- a/Disco.Web/Views/User/UserParts/_Resources.cshtml +++ b/Disco.Web/Views/User/UserParts/_Resources.cshtml @@ -36,7 +36,7 @@ { @ua.DocumentTemplate.Description} else { @ua.Comments }} - @ua.TechUser.ToStringFriendly()@if (canRemoveAnyAttachments || (canRemoveOwnAttachments && ua.TechUserId == CurrentUser.UserId)) + @ua.TechUser.ToStringFriendly()@if (canRemoveAnyAttachments || (canRemoveOwnAttachments && ua.TechUserId.Equals(CurrentUser.UserId, StringComparison.OrdinalIgnoreCase))) {}@ua.Timestamp.ToFullDateTime() } diff --git a/Disco.Web/Views/User/UserParts/_Resources.generated.cs b/Disco.Web/Views/User/UserParts/_Resources.generated.cs index ada03750..8d5b2da8 100644 --- a/Disco.Web/Views/User/UserParts/_Resources.generated.cs +++ b/Disco.Web/Views/User/UserParts/_Resources.generated.cs @@ -2,7 +2,7 @@ //------------------------------------------------------------------------------ // // This code was generated by a tool. -// Runtime Version:4.0.30319.34014 +// Runtime Version:4.0.30319.42000 // // Changes to this file may cause incorrect behavior and will be lost if // the code is regenerated. @@ -27,7 +27,6 @@ namespace Disco.Web.Views.User.UserParts using System.Web.UI; using System.Web.WebPages; using Disco; - using Disco.BI.Extensions; using Disco.Models.Repository; using Disco.Services; using Disco.Services.Authorization; @@ -37,9 +36,9 @@ namespace Disco.Web.Views.User.UserParts [System.CodeDom.Compiler.GeneratedCodeAttribute("RazorGenerator", "2.0.0.0")] [System.Web.WebPages.PageVirtualPathAttribute("~/Views/User/UserParts/_Resources.cshtml")] - public partial class Resources : Disco.Services.Web.WebViewPage + public partial class _Resources : Disco.Services.Web.WebViewPage { - public Resources() + public _Resources() { } public override void Execute() @@ -256,7 +255,7 @@ WriteLiteral(""); #line 39 "..\..\Views\User\UserParts\_Resources.cshtml" - if (canRemoveAnyAttachments || (canRemoveOwnAttachments && ua.TechUserId == CurrentUser.UserId)) + if (canRemoveAnyAttachments || (canRemoveOwnAttachments && ua.TechUserId.Equals(CurrentUser.UserId, StringComparison.OrdinalIgnoreCase))) { #line default @@ -288,14 +287,14 @@ WriteLiteral(" data-livestamp=\""); #line hidden WriteLiteral("\""); -WriteAttribute("title", Tuple.Create(" title=\"", 2487), Tuple.Create("\"", 2525) +WriteAttribute("title", Tuple.Create(" title=\"", 2528), Tuple.Create("\"", 2566) #line 40 "..\..\Views\User\UserParts\_Resources.cshtml" - , Tuple.Create(Tuple.Create("", 2495), Tuple.Create(ua.Timestamp.ToFullDateTime() + , Tuple.Create(Tuple.Create("", 2536), Tuple.Create(ua.Timestamp.ToFullDateTime() #line default #line hidden -, 2495), false) +, 2536), false) ); WriteLiteral(">");