Updates the database queries to handle casing inconsistencies
and improves SQL query parameter escaping for better
security and compatibility.
Refactors group existence checks for simplicity, enhancing
readability and maintainability.
Addresses issues related to unique constraints in user
registration by improving error handling for duplicate
usernames.
Improves SQL query execution by ensuring proper casing for identifiers across various database types, particularly for Postgres.
Enhances security and compatibility by using an identifier escaping method, preventing potential errors due to case sensitivity in SQL queries.
Addresses potential issues with existing queries for better reliability and consistency.
Consolidates the creation of SQL query builders across multiple classes to ensure a unified approach for database operations.
Replaces manual type checks and specific query creators with a generic method for better maintainability and to prevent errors.
Improves code readability and reduces duplication, facilitating easier updates in the future.
Removes obsolete query builder interface and implementations.
Introduces a new namespace for query-related classes to enhance organization.
Updates various database managers to use the new query utilities, promoting code reuse and maintainability.
Enhances query functionality, ensuring better consistency across the codebase.
Added an exception `UserGroupUpdateLockedException`, which appears when a hook locks a group change.
Added an overload for `UserManager.SetUserGroup`, with the `TSPlayer` parameter (author)
The old system for hashing passwords and permitting users to select
their algorithm has been deprecated and phased out since 2015. This
removes the remaining functions for hashing passwords to clear the way
for .NET5/6 and for OTAPI 3.
In 211b70ca37, I allowed blank passwords
to upgrade to bcrypt hashes. However, the minimum password length has
been 4 historically for a long time. So I don't actually assume a lot of
users have blank passwords, so I think there are very few, if any of the
old hashes laying around.
So therefore, I think this is pretty much safe to merge.
Previously, blank passwords were not upgraded to bcrypt hashes. This is
annoying and problematic because it makes it difficult to remove the old
password hashing system because those passwords might still be checked
against non-bcrypt hashes.
If there's one thing I learned in this exercise, it's that letting
people add random python scripts to the repo like gpltext.py that
promise to be easier than find and replace is a bad idea.
For some reason, we were catching our own exceptions and then
throwing UesrManagerExceptions despite the fact that we explicitly
threw more specific exceptions.
Fixes#1315.
Apparently the convention is UpperCamel for private functions too.
Fixed a stray brace that caused people to brace for a sudden evisceration of limbs.
Use Int32.Parse instead of Convert.ToInt32, because Microsoft exposes public
APIs they say not to use. 👏
Fixes problems reported by @MarioE and @Simon311:
- Users can no longer register with whitespace for a password.
- Users can no longer register with 4 whitespaces for a password.
Note that several times, user.Password was set to a plain text password,
but then later changed to a hashed password, creating data inconsistency.
This also changes User.Password to private set to prevent further accidents.
