From 12c70e636c432a5388f6fcb2508a9644ed24aa5c Mon Sep 17 00:00:00 2001
From: Robert Speicher <rspeicher@gmail.com>
Date: Tue, 12 Feb 2019 14:26:07 -0800
Subject: Admin section finds users case-insensitively

Previously, if you entered a username in the URL manually to view a
specific user, the lookup was done case-sensitively, despite usernames
being case-insensitive, often resulting in a 404. We now use the same
`find_routable!` logic as the non-admin Users controller.
---
 app/controllers/admin/users_controller.rb                | 10 +++++++---
 changelogs/unreleased/rs-admin-user-case-insensitive.yml |  5 +++++
 spec/controllers/admin/users_controller_spec.rb          | 11 +++++++++++
 3 files changed, 23 insertions(+), 3 deletions(-)
 create mode 100644 changelogs/unreleased/rs-admin-user-case-insensitive.yml

diff --git a/app/controllers/admin/users_controller.rb b/app/controllers/admin/users_controller.rb
index e93be1c1ba2..0eae007715a 100644
--- a/app/controllers/admin/users_controller.rb
+++ b/app/controllers/admin/users_controller.rb
@@ -1,6 +1,8 @@
 # frozen_string_literal: true
 
 class Admin::UsersController < Admin::ApplicationController
+  include RoutableActions
+
   before_action :user, except: [:index, :new, :create]
   before_action :check_impersonation_availability, only: :impersonate
 
@@ -177,11 +179,13 @@ class Admin::UsersController < Admin::ApplicationController
     user == current_user
   end
 
-  # rubocop: disable CodeReuse/ActiveRecord
   def user
-    @user ||= User.find_by!(username: params[:id])
+    @user ||= find_routable!(User, params[:id])
+  end
+
+  def build_canonical_path(user)
+    url_for(safe_params.merge(id: user.to_param))
   end
-  # rubocop: enable CodeReuse/ActiveRecord
 
   def redirect_back_or_admin_user(options = {})
     redirect_back_or_default(default: default_route, options: options)
diff --git a/changelogs/unreleased/rs-admin-user-case-insensitive.yml b/changelogs/unreleased/rs-admin-user-case-insensitive.yml
new file mode 100644
index 00000000000..40398c46a1e
--- /dev/null
+++ b/changelogs/unreleased/rs-admin-user-case-insensitive.yml
@@ -0,0 +1,5 @@
+---
+title: Admin section finds users case-insensitively
+merge_request:
+author:
+type: fixed
diff --git a/spec/controllers/admin/users_controller_spec.rb b/spec/controllers/admin/users_controller_spec.rb
index 6b66cbd2651..c934db9e237 100644
--- a/spec/controllers/admin/users_controller_spec.rb
+++ b/spec/controllers/admin/users_controller_spec.rb
@@ -8,6 +8,17 @@ describe Admin::UsersController do
     sign_in(admin)
   end
 
+  describe 'GET :id' do
+    it 'finds a user case-insensitively' do
+      user = create(:user, username: 'CaseSensitive')
+
+      get :show, params: { id: user.username.downcase }
+
+      expect(response).to be_redirect
+      expect(response.location).to end_with(user.username)
+    end
+  end
+
   describe 'DELETE #user with projects' do
     let(:project) { create(:project, namespace: user.namespace) }
     let!(:issue) { create(:issue, author: user) }
-- 
cgit v1.2.1