AO3-6359 Fix Possible to delete the pseud that corresponds with your username if the capitalization or diacritics differ

[Dobe-Time]

AO3-6359 Fix Possible to delete the pseud that corresponds with your username if the capitalization or diacritics differ

Pull Request Checklist

• Have you read "How to write the perfect pull request"?
• Have you read the contributing guidelines?
• Have you added tests for any changed functionality?
• Have you added the Jira issue number
  as the first thing in your pull request title (e.g. AO3-1234 Fix thing)
• Do you have fewer than 5 pull requests already open? If not, please wait
  until they are reviewed and merged before creating new pull requests.

Issue

https://otwarchive.atlassian.net/browse/AO3-6359

Purpose

What does this PR do?
Fixes issue AO3-6359 where it was possible to delete the pseud that corresponds to your username if you already had a pseud with the same spelling but different capitalization or diacritics, the fix was to add a new path to the psued update function for when a username is updated. This new path checks if the user already has a matching pseud and updates the capitalization and diacritics to match the new username.

Testing Instructions

How can the Archive's QA team verify that this is working as you intended?
Similar to replication instructions from the ticket except for step number 4 where delete is now not possible.

1. Log in
2. Create a pseud
   a. Hi, username! > My Preferences > Manage My Pseuds > New Pseud
   b. Fill in the “Name” field with a something that will also be valid as a username (and is not currently someone’s username), e.g. Issue6359Test
   • Usernames must consist of 3 to 40 characters (A-Z, a-z, _, 0-9 only), no spaces, and cannot begin or end with underscore ( _ )
     c. Press "Create Pseud"
3. Change your username to a differently capitalized version of your new pseud
   a. Hi, username! > My Preferences > Change Username
   b. Fill in the “New user name” field with a differently capitalized version of your new pseud, e.g. issue6359test
   c. Fill in the “Password” field with your account password
   d. Press “Change Username”
4. Attempt to delete the pseud from Step 2 (This is no longer possible)
   a. Hi, username! > My Preferences > Manage My Pseuds
   b. There should not be an option to delete the pseud

If you have a Jira account with access, please update or comment on the issue
with any new or missing testing instructions instead.

You can remove this section if there are already full testing instructions in the Jira issue.

References

Are there other relevant issues/pull requests/mailing list discussions? If not, you can remove this section.

Yes: Old closed pull request for the same issue: #4307 (Closed for being years old)
Thank you Sarken, Brianjaustin, and Tickinginstant for your comments on the above PR, I have attempted to address them all in this new PR.

Credit

Credit

Dobe He/Him
What name and pronouns should we use to credit you in the Archive of Our Own's Release Notes?

If you have a Jira account, please include the same name in the "Full name"
field on your Jira profile, so we can assign you the issues you're working on.

Please note that if you do not fill in this section, we will use your GitHub account name and
they/them pronouns.

[sarken]

I just wanted to say a quick thank you for picking this back up!

[Bilka2]

Thanks for working on this!

[Bilka2]

From what I can see the Justifiable module already disables its validation is justification is disabled, so we shouldn't need this special case here

[Dobe-Time]

I think that is disabled here: https://github.com/otwcode/otwarchive/blob/master/app/models/user.rb#L538-L540
Without justification_enabled the test cases where an Admin updates the user name fails for

     Failure/Error: pseud_to_update.save!

     ActiveRecord::RecordInvalid:
       Validation failed: Ticket ID can't be blank, Ticket ID may begin with an # and otherwise contain only numbers.

[Bilka2]

Which test case fails?

[Dobe-Time]

These 3

rspec ./spec/models/user_spec.rb:226 # User#update when logged in as an admin when username is changed only sets admin_renamed_at
rspec ./spec/models/user_spec.rb:233 # User#update when logged in as an admin when username is changed creates an admin log item
rspec ./spec/models/user_spec.rb:249 # User#update when logged in as an admin username was recently changed does not prevent changing the username

All for this reason

  3) User#update when logged in as an admin username was recently changed does not prevent changing the username
     Failure/Error: pseud_to_update.save!

     ActiveRecord::RecordInvalid:
       Validation failed: Ticket ID can't be blank, Ticket ID may begin with an # and otherwise contain only numbers.

[Bilka2]

Thanks! The test setup of these is a bit strange but ultimately you are correct that this validation fails for renames if enabled. To confirm that, I modified the feature test in admin_abuser_users to have an existing pseud for what it renames to and that test also fails. Poking at the code while it's in action, the justification_enabled? here is always false because login_changed? is always false.

So the straightforward change here would be to just go back to setting false directly. I'm a bit hesitant about this because we also disable validations like pseud name length here. However, the pseud validations on names are more permissive than the username ones and we're already manually making sure it's unique, so there's not really any harm disabling them. And it's what the old code did. So please just change this to pseud_to_update.save!(validate: false)

(We could theoretically set the ticket number on the pseud to force the validations to pass but I don't think there's much of a point. Hopefully.)

[Dobe-Time]

Thank you for looking into this! I will update it as soon as I can.

[Dobe-Time]

Sorry as a note the last two commits are also me I don't know why it commited from the wrong email. I'll sort it out.
Sorry again.
Thank you for reviewing this!

[Bilka2]

They have different diacritics, are they meant to?

[Dobe-Time]

Yes, I can make the message more descriptive, but we want it to match regardless of diacritics so I had this test as a exiting pseud with capitals and diacritics with the most basic version as the new login.

[Bilka2]

I suppose the better question is what the difference between this and the next test is meant to be. And then put that answer into the description