summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDouwe Maan <douwe@selenight.nl>2017-12-11 11:10:15 +0100
committerDouwe Maan <douwe@selenight.nl>2017-12-11 11:10:15 +0100
commitf71e48a0d09597e19aa629e4c7d42035ca08d852 (patch)
tree9da648022f79d5369515ee063b1447e85232b8c7
parent0f811675706ad79129eb8251983de073e190f55a (diff)
downloadgitlab-ce-f71e48a0d09597e19aa629e4c7d42035ca08d852.tar.gz
Resolve conflicts in app/models/user.rbmk-pick-10-2-4-security-fixes
-rw-r--r--app/models/user.rb34
1 files changed, 7 insertions, 27 deletions
diff --git a/app/models/user.rb b/app/models/user.rb
index 7dc18c351e6..ccf0e043aed 100644
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -315,13 +315,8 @@ class User < ActiveRecord::Base
#
# Returns an ActiveRecord::Relation.
def search(query)
-<<<<<<< HEAD
-=======
- table = arel_table
query = query.downcase
- pattern = User.to_pattern(query)
->>>>>>> f45fc58d84... Merge branch 'bvl-10-2-email-disclosure' into 'security-10-2'
order = <<~SQL
CASE
WHEN users.name = %{query} THEN 0
@@ -331,16 +326,11 @@ class User < ActiveRecord::Base
END
SQL
-<<<<<<< HEAD
- fuzzy_search(query, [:name, :email, :username])
- .reorder(order % { query: ActiveRecord::Base.connection.quote(query) }, :name)
-=======
where(
- table[:name].matches(pattern)
- .or(table[:email].eq(query))
- .or(table[:username].matches(pattern))
+ fuzzy_arel_match(:name, query)
+ .or(fuzzy_arel_match(:username, query))
+ .or(arel_table[:email].eq(query))
).reorder(order % { query: ActiveRecord::Base.connection.quote(query) }, :name)
->>>>>>> f45fc58d84... Merge branch 'bvl-10-2-email-disclosure' into 'security-10-2'
end
# searches user by given pattern
@@ -348,28 +338,18 @@ class User < ActiveRecord::Base
# This method uses ILIKE on PostgreSQL and LIKE on MySQL.
def search_with_secondary_emails(query)
+ query = query.downcase
+
email_table = Email.arel_table
-<<<<<<< HEAD
matched_by_emails_user_ids = email_table
.project(email_table[:user_id])
- .where(Email.fuzzy_arel_match(:email, query))
+ .where(email_table[:email].eq(query))
where(
fuzzy_arel_match(:name, query)
- .or(fuzzy_arel_match(:email, query))
.or(fuzzy_arel_match(:username, query))
+ .or(arel_table[:email].eq(query))
.or(arel_table[:id].in(matched_by_emails_user_ids))
-=======
- query = query.downcase
- pattern = User.to_pattern(query)
- matched_by_emails_user_ids = email_table.project(email_table[:user_id]).where(email_table[:email].eq(query))
-
- where(
- table[:name].matches(pattern)
- .or(table[:email].eq(query))
- .or(table[:username].matches(pattern))
- .or(table[:id].in(matched_by_emails_user_ids))
->>>>>>> f45fc58d84... Merge branch 'bvl-10-2-email-disclosure' into 'security-10-2'
)
end