From 154106c0c3b8fdd64f739fc449203b842924df0c Mon Sep 17 00:00:00 2001
From: Alex Gessner <alex.gessner@gmail.com>
Date: Wed, 10 Apr 2019 12:05:11 -0400
Subject: [PATCH] compare usernames case-insensitively on new proof creation
 flow (#10544)

* compare usernames case-insensitively on new proof creation flow

* Fix code style issue
---
 .../settings/identity_proofs_controller.rb      |  2 +-
 .../settings/identity_proofs_controller_spec.rb | 17 +++++++++++++----
 2 files changed, 14 insertions(+), 5 deletions(-)

diff --git a/app/controllers/settings/identity_proofs_controller.rb b/app/controllers/settings/identity_proofs_controller.rb
index 8f857fdccb..e22b4d9be9 100644
--- a/app/controllers/settings/identity_proofs_controller.rb
+++ b/app/controllers/settings/identity_proofs_controller.rb
@@ -18,7 +18,7 @@ class Settings::IdentityProofsController < Settings::BaseController
       provider_username: params[:provider_username]
     )
 
-    if current_account.username == params[:username]
+    if current_account.username.casecmp(params[:username]).zero?
       render layout: 'auth'
     else
       flash[:alert] = I18n.t('identity_proofs.errors.wrong_user', proving: params[:username], current: current_account.username)
diff --git a/spec/controllers/settings/identity_proofs_controller_spec.rb b/spec/controllers/settings/identity_proofs_controller_spec.rb
index 5c05eb83c3..2a0f91088a 100644
--- a/spec/controllers/settings/identity_proofs_controller_spec.rb
+++ b/spec/controllers/settings/identity_proofs_controller_spec.rb
@@ -28,11 +28,11 @@ describe Settings::IdentityProofsController do
 
   describe 'new proof creation' do
     context 'GET #new' do
-      context 'with all of the correct params' do
-        before do
-          allow_any_instance_of(ProofProvider::Keybase::Badge).to receive(:avatar_url) { full_pack_url('media/images/void.png') }
-        end
+      before do
+        allow_any_instance_of(ProofProvider::Keybase::Badge).to receive(:avatar_url) { full_pack_url('media/images/void.png') }
+      end
 
+      context 'with all of the correct params' do
         it 'renders the template' do
           get :new, params: new_proof_params
           expect(response).to render_template(:new)
@@ -54,6 +54,15 @@ describe Settings::IdentityProofsController do
           expect(flash[:alert]).to eq I18n.t('identity_proofs.errors.wrong_user', proving: 'someone_else', current: user.account.username)
         end
       end
+
+      context 'with params to prove the same username cased differently' do
+        let(:capitalized_username) { new_proof_params.merge(username: user.account.username.upcase) }
+
+        it 'renders the new template' do
+          get :new, params: capitalized_username
+          expect(response).to render_template(:new)
+        end
+      end
     end
 
     context 'POST #create' do
-- 
GitLab