diff --git a/app/controllers/state_file/archived_intakes/archived_intake_controller.rb b/app/controllers/state_file/archived_intakes/archived_intake_controller.rb index c371a22a97..dcd859ea97 100644 --- a/app/controllers/state_file/archived_intakes/archived_intake_controller.rb +++ b/app/controllers/state_file/archived_intakes/archived_intake_controller.rb @@ -3,7 +3,7 @@ module ArchivedIntakes class ArchivedIntakeController < ApplicationController before_action :check_feature_flag def current_request - request = StateFileArchivedIntakeRequest.find_by(ip_address: ip_for_irs, email_address: session[:email_address]) + request = StateFileArchivedIntakeRequest.where("ip_address = ? AND LOWER(email_address) = LOWER(?)", ip_for_irs, session[:email_address]).first unless request Rails.logger.warn "StateFileArchivedIntakeRequest not found for IP: #{ip_for_irs}, Email: #{session[:email_address]}" Sentry.capture_message "StateFileArchivedIntakeRequest not found for IP: #{ip_for_irs}, Email: #{session[:email_address]}" diff --git a/app/controllers/state_file/archived_intakes/email_address_controller.rb b/app/controllers/state_file/archived_intakes/email_address_controller.rb index faae4832cf..b7d2ec2023 100644 --- a/app/controllers/state_file/archived_intakes/email_address_controller.rb +++ b/app/controllers/state_file/archived_intakes/email_address_controller.rb @@ -10,7 +10,7 @@ def update @form = EmailAddressForm.new(email_address_form_params) if @form.valid? - archived_intake = StateFileArchivedIntake.find_by(email_address: @form.email_address) + archived_intake = StateFileArchivedIntake.where("LOWER(email_address) = LOWER(?)", @form.email_address).first session[:email_address] = @form.email_address StateFileArchivedIntakeRequest.find_or_create_by(email_address: @form.email_address, ip_address: ip_for_irs, state_file_archived_intake_id: archived_intake&.id ) create_state_file_access_log("issued_email_challenge") diff --git a/spec/controllers/state_file/archived_intake/archived_intake_controller_spec.rb b/spec/controllers/state_file/archived_intake/archived_intake_controller_spec.rb index d902b88efe..86bfc531f5 100644 --- a/spec/controllers/state_file/archived_intake/archived_intake_controller_spec.rb +++ b/spec/controllers/state_file/archived_intake/archived_intake_controller_spec.rb @@ -22,6 +22,12 @@ expect(controller.current_request).to be_nil end + + it 'matches email case insensitively' do + session[:email_address] = 'TeSt@ExAmPlE.cOm' + + expect(controller.current_request).to eq(request_instance) + end end describe '#current_archived_intake' do diff --git a/spec/controllers/state_file/archived_intake/email_address_controller_spec.rb b/spec/controllers/state_file/archived_intake/email_address_controller_spec.rb index 017215e258..24a0c01298 100644 --- a/spec/controllers/state_file/archived_intake/email_address_controller_spec.rb +++ b/spec/controllers/state_file/archived_intake/email_address_controller_spec.rb @@ -15,6 +15,7 @@ describe "POST #update" do let(:valid_email_address) { "test@example.com" } + let(:mixed_case_email_address) { "Test@Example.COM" } let(:invalid_email_address) { "" } let(:ip_address) { "127.0.0.1" } @@ -44,6 +45,23 @@ state_file_archived_intakes_edit_verification_code_path ) end + + it "matches email case insensitively" do + post :update, params: { + state_file_archived_intakes_email_address_form: { email_address: mixed_case_email_address } + } + + expect(assigns(:form)).to be_valid + + request = StateFileArchivedIntakeRequest.last + expect(request.ip_address).to eq(ip_address) + expect(request.email_address.downcase).to eq(valid_email_address) + expect(request.state_file_archived_intake_id).to eq(archived_intake.id) + + expect(response).to redirect_to( + state_file_archived_intakes_edit_verification_code_path + ) + end end context "and a archived does not exist with the email address" do