Fix #142 - Escape ILIKE special characters from Account.find_remote
This commit is contained in:
		| @@ -142,7 +142,7 @@ class Account < ApplicationRecord | |||||||
|     end |     end | ||||||
|  |  | ||||||
|     def find_remote!(username, domain) |     def find_remote!(username, domain) | ||||||
|       where(arel_table[:username].matches(username)).where(domain.nil? ? { domain: nil } : arel_table[:domain].matches(domain)).take! |       where(arel_table[:username].matches(username.gsub(/[%_]/, '\\\\\0'))).where(domain.nil? ? { domain: nil } : arel_table[:domain].matches(domain.gsub(/[%_]/, '\\\\\0'))).take! | ||||||
|     end |     end | ||||||
|  |  | ||||||
|     def find_local(username) |     def find_local(username) | ||||||
|   | |||||||
| @@ -107,11 +107,51 @@ RSpec.describe Account, type: :model do | |||||||
|   end |   end | ||||||
|  |  | ||||||
|   describe '.find_local' do |   describe '.find_local' do | ||||||
|     pending |     before do | ||||||
|  |       Fabricate(:account, username: 'Alice') | ||||||
|  |     end | ||||||
|  |  | ||||||
|  |     it 'returns Alice for alice' do | ||||||
|  |       expect(Account.find_local('alice')).to_not be_nil | ||||||
|  |     end | ||||||
|  |  | ||||||
|  |     it 'returns Alice for Alice' do | ||||||
|  |       expect(Account.find_local('Alice')).to_not be_nil | ||||||
|  |     end | ||||||
|  |  | ||||||
|  |     it 'does not return anything for a_ice' do | ||||||
|  |       expect(Account.find_local('a_ice')).to be_nil | ||||||
|  |     end | ||||||
|  |  | ||||||
|  |     it 'does not return anything for al%' do | ||||||
|  |       expect(Account.find_local('al%')).to be_nil | ||||||
|  |     end | ||||||
|   end |   end | ||||||
|  |  | ||||||
|   describe '.find_remote' do |   describe '.find_remote' do | ||||||
|     pending |     before do | ||||||
|  |       Fabricate(:account, username: 'Alice', domain: 'mastodon.social') | ||||||
|  |     end | ||||||
|  |  | ||||||
|  |     it 'returns Alice for alice@mastodon.social' do | ||||||
|  |       expect(Account.find_remote('alice', 'mastodon.social')).to_not be_nil | ||||||
|  |     end | ||||||
|  |  | ||||||
|  |     it 'returns Alice for ALICE@MASTODON.SOCIAL' do | ||||||
|  |       expect(Account.find_remote('ALICE', 'MASTODON.SOCIAL')).to_not be_nil | ||||||
|  |     end | ||||||
|  |  | ||||||
|  |     it 'does not return anything for a_ice@mastodon.social' do | ||||||
|  |       expect(Account.find_remote('a_ice', 'mastodon.social')).to be_nil | ||||||
|  |     end | ||||||
|  |  | ||||||
|  |     it 'does not return anything for alice@m_stodon.social' do | ||||||
|  |       expect(Account.find_remote('alice', 'm_stodon.social')).to be_nil | ||||||
|  |     end | ||||||
|  |  | ||||||
|  |     it 'does not return anything for alice@m%' do | ||||||
|  |       expect(Account.find_remote('alice', 'm%')).to be_nil | ||||||
|  |     end | ||||||
|   end |   end | ||||||
|  |  | ||||||
|   describe 'MENTION_RE' do |   describe 'MENTION_RE' do | ||||||
|   | |||||||
		Reference in New Issue
	
	Block a user