From 13c9a73842e78a649633d69cdd3f0695182f6e85 Mon Sep 17 00:00:00 2001 From: Johannes Meyer Date: Thu, 20 Mar 2025 16:20:59 +0100 Subject: [PATCH] DbUserBackend: Match usernames case-insensitive on pgsql --- .../Icinga/Authentication/User/DbUserBackend.php | 16 +++++++++------- 1 file changed, 9 insertions(+), 7 deletions(-) diff --git a/library/Icinga/Authentication/User/DbUserBackend.php b/library/Icinga/Authentication/User/DbUserBackend.php index 0e8cc6a54..6cf56a844 100644 --- a/library/Icinga/Authentication/User/DbUserBackend.php +++ b/library/Icinga/Authentication/User/DbUserBackend.php @@ -11,6 +11,7 @@ use Icinga\Exception\AuthenticationException; use Icinga\Repository\DbRepository; use Icinga\User; use PDO; +use Zend_Db_Expr; class DbUserBackend extends DbRepository implements UserBackendInterface, Inspectable { @@ -179,23 +180,24 @@ class DbUserBackend extends DbRepository implements UserBackendInterface, Inspec { if ($this->ds->getDbType() === 'pgsql') { // Since PostgreSQL version 9.0 the default value for bytea_output is 'hex' instead of 'escape' - $columns = array('password_hash' => 'ENCODE(password_hash, \'escape\')'); + $columns = ['password_hash' => new Zend_Db_Expr('ENCODE(password_hash, \'escape\')')]; } else { - $columns = array('password_hash'); + $columns = ['password_hash']; } - $nameColumn = 'name'; + $nameColumn = 'user'; if ($this->ds->getDbType() === 'mysql') { $username = strtolower($username); - $nameColumn = 'BINARY LOWER(name)'; + $nameColumn = new Zend_Db_Expr('BINARY LOWER(name)'); } - $query = $this->ds->select() - ->from($this->prependTablePrefix('user'), $columns) + $query = $this + ->select() + ->from('user', $columns) ->where($nameColumn, $username) ->where('active', true); - $statement = $this->ds->getDbAdapter()->prepare($query->getSelectQuery()); + $statement = $this->ds->getDbAdapter()->prepare($query->getQuery()->getSelectQuery()); $statement->execute(); $statement->bindColumn(1, $lob, PDO::PARAM_LOB); $statement->fetch(PDO::FETCH_BOUND);