diff --git a/src/Ombi.Core/Rule/Rules/Request/AutoApproveRule.cs b/src/Ombi.Core/Rule/Rules/Request/AutoApproveRule.cs index 6b528e806..f427434f0 100644 --- a/src/Ombi.Core/Rule/Rules/Request/AutoApproveRule.cs +++ b/src/Ombi.Core/Rule/Rules/Request/AutoApproveRule.cs @@ -24,7 +24,8 @@ namespace Ombi.Core.Rule.Rules.Request public async Task Execute(BaseRequest obj) { - var user = await _manager.Users.FirstOrDefaultAsync(x => x.UserName.Equals(User.Identity.Name, StringComparison.InvariantCultureIgnoreCase)); + var username = User.Identity.Name.ToUpper(); + var user = await _manager.Users.FirstOrDefaultAsync(x => x.NormalizedUserName == username); if (await _manager.IsInRoleAsync(user, OmbiRoles.Admin) || user.IsSystemUser) { obj.Approved = true; diff --git a/src/Ombi.Core/Rule/Rules/Request/CanRequestRule.cs b/src/Ombi.Core/Rule/Rules/Request/CanRequestRule.cs index 213aa94c8..a81ea3665 100644 --- a/src/Ombi.Core/Rule/Rules/Request/CanRequestRule.cs +++ b/src/Ombi.Core/Rule/Rules/Request/CanRequestRule.cs @@ -25,7 +25,9 @@ namespace Ombi.Core.Rule.Rules.Request public async Task Execute(BaseRequest obj) { - var user = await _manager.Users.FirstOrDefaultAsync(x => x.UserName.Equals(User.Identity.Name, StringComparison.InvariantCultureIgnoreCase)); + + var username = User.Identity.Name.ToUpper(); + var user = await _manager.Users.FirstOrDefaultAsync(x => x.NormalizedUserName == username); if (await _manager.IsInRoleAsync(user, OmbiRoles.Admin) || user.IsSystemUser) return Success(); diff --git a/src/Ombi.Store/Context/OmbiContext.cs b/src/Ombi.Store/Context/OmbiContext.cs index bd4b383da..a8beecc68 100644 --- a/src/Ombi.Store/Context/OmbiContext.cs +++ b/src/Ombi.Store/Context/OmbiContext.cs @@ -61,7 +61,7 @@ namespace Ombi.Store.Context using (var tran = Database.BeginTransaction()) { // Make sure we have the API User - var apiUserExists = Users.ToList().Any(x => x.UserName.Equals("Api", StringComparison.CurrentCultureIgnoreCase)); + var apiUserExists = Users.ToList().Any(x => x.NormalizedUserName == "API"); if (!apiUserExists) { Users.Add(new OmbiUser diff --git a/src/Ombi/Controllers/V1/IdentityController.cs b/src/Ombi/Controllers/V1/IdentityController.cs index 2a8122633..550d90332 100644 --- a/src/Ombi/Controllers/V1/IdentityController.cs +++ b/src/Ombi/Controllers/V1/IdentityController.cs @@ -280,7 +280,8 @@ namespace Ombi.Controllers.V1 [Authorize] public async Task GetCurrentUser() { - var user = await UserManager.Users.FirstOrDefaultAsync(x => x.UserName.Equals(User.Identity.Name, StringComparison.InvariantCultureIgnoreCase)); + var username = User.Identity.Name.ToUpper(); + var user = await UserManager.Users.FirstOrDefaultAsync(x => x.NormalizedUserName == username); return await GetUserWithRoles(user); } @@ -875,7 +876,9 @@ namespace Ombi.Controllers.V1 [ApiExplorerSettings(IgnoreApi = true)] public async Task GetUserAccessToken() { - var user = await UserManager.Users.FirstOrDefaultAsync(x => x.UserName.Equals(User.Identity.Name, StringComparison.InvariantCultureIgnoreCase)); + + var username = User.Identity.Name.ToUpper(); + var user = await UserManager.Users.FirstOrDefaultAsync(x => x.NormalizedUserName == username); if (user == null) { return Guid.Empty.ToString("N"); @@ -897,7 +900,8 @@ namespace Ombi.Controllers.V1 [HttpGet("notificationpreferences")] public async Task> GetUserPreferences() { - var user = await UserManager.Users.FirstOrDefaultAsync(x => x.UserName.Equals(User.Identity.Name, StringComparison.InvariantCultureIgnoreCase)); + var username = User.Identity.Name.ToUpper(); + var user = await UserManager.Users.FirstOrDefaultAsync(x => x.NormalizedUserName == username); return await GetPreferences(user); } @@ -950,7 +954,9 @@ namespace Ombi.Controllers.V1 return NotFound(); } // Check if we are editing a different user than ourself, if we are then we need to power user role - var me = await UserManager.Users.FirstOrDefaultAsync(x => x.UserName.Equals(User.Identity.Name, StringComparison.InvariantCultureIgnoreCase)); + + var username = User.Identity.Name.ToUpper(); + var me = await UserManager.Users.FirstOrDefaultAsync(x => x.NormalizedUserName == username); if (!me.Id.Equals(user.Id, StringComparison.InvariantCultureIgnoreCase)) { var isPowerUser = await UserManager.IsInRoleAsync(me, OmbiRoles.PowerUser); diff --git a/src/Ombi/Controllers/V1/IssuesController.cs b/src/Ombi/Controllers/V1/IssuesController.cs index 49b4fe8d1..e65f19fe3 100644 --- a/src/Ombi/Controllers/V1/IssuesController.cs +++ b/src/Ombi/Controllers/V1/IssuesController.cs @@ -130,7 +130,9 @@ namespace Ombi.Controllers.V1 public async Task CreateIssue([FromBody]Issues i) { i.IssueCategory = null; - i.UserReportedId = (await _userManager.Users.FirstOrDefaultAsync(x => x.UserName.Equals(User.Identity.Name, StringComparison.InvariantCultureIgnoreCase))).Id; + + var username = User.Identity.Name.ToUpper(); + i.UserReportedId = (await _userManager.Users.FirstOrDefaultAsync(x => x.NormalizedUserName == username)).Id; await _issues.Add(i); var category = await _categories.GetAll().FirstOrDefaultAsync(x => i.IssueCategoryId == x.Id); if (category != null) diff --git a/src/Ombi/Controllers/V1/MobileController.cs b/src/Ombi/Controllers/V1/MobileController.cs index a2b1f05e3..2bae31c9d 100644 --- a/src/Ombi/Controllers/V1/MobileController.cs +++ b/src/Ombi/Controllers/V1/MobileController.cs @@ -40,7 +40,8 @@ namespace Ombi.Controllers.V1 { if (body?.PlayerId.HasValue() ?? false) { - var user = await _userManager.Users.FirstOrDefaultAsync(x => x.UserName.Equals(User.Identity.Name, StringComparison.InvariantCultureIgnoreCase)); + var username = User.Identity.Name.ToUpper(); + var user = await _userManager.Users.FirstOrDefaultAsync(x => x.NormalizedUserName == username); // Check if we already have this notification id var alreadyExists = await _notification.GetAll().AnyAsync(x => x.PlayerId == body.PlayerId && x.UserId == user.Id); diff --git a/src/Ombi/Controllers/V2/MobileController.cs b/src/Ombi/Controllers/V2/MobileController.cs index f6185e18e..9ee33e857 100644 --- a/src/Ombi/Controllers/V2/MobileController.cs +++ b/src/Ombi/Controllers/V2/MobileController.cs @@ -36,7 +36,9 @@ namespace Ombi.Controllers.V2 { if (!string.IsNullOrEmpty(body?.Token)) { - var user = await _userManager.Users.FirstOrDefaultAsync(x => x.UserName.Equals(User.Identity.Name, StringComparison.InvariantCultureIgnoreCase)); + + var username = User.Identity.Name.ToUpper(); + var user = await _userManager.Users.FirstOrDefaultAsync(x => x.NormalizedUserName == username); // Check if we already have this notification id var alreadyExists = await _mobileDevices.GetAll().AnyAsync(x => x.Token == body.Token && x.UserId == user.Id); @@ -64,7 +66,8 @@ namespace Ombi.Controllers.V2 public async Task RemoveNotifications() { - var user = await _userManager.Users.FirstOrDefaultAsync(x => x.UserName.Equals(User.Identity.Name, StringComparison.InvariantCultureIgnoreCase)); + var username = User.Identity.Name.ToUpper(); + var user = await _userManager.Users.FirstOrDefaultAsync(x => x.NormalizedUserName == username); // Check if we already have this notification id var currentDevices = await _mobileDevices.GetAll().Where(x => x.UserId == user.Id).ToListAsync(); diff --git a/src/Ombi/Middleware/ApiKeyMiddlewear.cs b/src/Ombi/Middleware/ApiKeyMiddlewear.cs index e8fa02d78..0efe5b860 100644 --- a/src/Ombi/Middleware/ApiKeyMiddlewear.cs +++ b/src/Ombi/Middleware/ApiKeyMiddlewear.cs @@ -102,10 +102,16 @@ namespace Ombi if (username.IsNullOrEmpty()) { UseApiUser(context); + } + else + { + username = username.ToUpper(); } + var um = context.RequestServices.GetService(); + var user = await um.Users.FirstOrDefaultAsync(x => - x.UserName.Equals(username, StringComparison.InvariantCultureIgnoreCase)); + x.NormalizedUserName == username); if (user == null) { context.Response.StatusCode = (int)HttpStatusCode.Unauthorized;