🚸(backend) use unaccented full name for user search

We have the user full name through OIDC in the database, but the search only
used the email field.
This change allows to search for a user by their first and/or
last name (fix #929).
Given that user names are more likely than emails to include diacritics, it
unaccents both the query and the database entry for search (fix #1091).
It also unaccents for email so that internationalized domain names are
managed whether or not the accent is included in the search.

Author: Ash-Crow

CHANGELOG.md

@@ -18,6 +18,7 @@ and this project adheres to
 - ♻️(frontend) preserve @ character when esc is pressed after typing it #1512
 - ♻️(frontend) make summary button fixed to remain visible during scroll #1581
 - ♻️(frontend) pdf embed use full width #1526
+- 🚸(backend) use unaccented full name for user search #1637
 
 ### Fixed
 

src/backend/core/api/viewsets.py

@@ -1,4 +1,5 @@
 """API endpoints"""
+
 # pylint: disable=too-many-lines
 
 import base64
@@ -10,6 +11,7 @@
 
 from django.conf import settings
 from django.contrib.postgres.aggregates import ArrayAgg
+from django.contrib.postgres.lookups import Unaccent
 from django.contrib.postgres.search import TrigramSimilarity
 from django.core.cache import cache
 from django.core.exceptions import ValidationError
@@ -18,7 +20,7 @@
 from django.db import connection, transaction
 from django.db import models as db
 from django.db.models.expressions import RawSQL
-from django.db.models.functions import Left, Length
+from django.db.models.functions import Greatest, Left, Length
 from django.http import Http404, StreamingHttpResponse
 from django.urls import reverse
 from django.utils.functional import cached_property
@@ -36,6 +38,7 @@
 from rest_framework.permissions import AllowAny
 
 from core import authentication, choices, enums, models
+from core.api.filters import remove_accents
 from core.services.ai_services import AIService
 from core.services.collaboration_services import CollaborationService
 from core.services.converter_services import (
@@ -187,13 +190,15 @@ def get_queryset(self):
             queryset = queryset.exclude(documentaccess__document_id=document_id)
 
         filter_data = filterset.form.cleaned_data
-        query = filter_data["q"]
+        query = remove_accents(filter_data["q"])
 
         # For emails, match emails by Levenstein distance to prevent typing errors
         if "@" in query:
             return (
                 queryset.annotate(
-                    distance=RawSQL("levenshtein(email::text, %s::text)", (query,))
+                    distance=RawSQL(
+                        "levenshtein(unaccent(email::text), %s::text)", (query,)
+                    )
                 )
                 .filter(distance__lte=3)
                 .order_by("distance", "email")[: settings.API_USERS_LIST_LIMIT]
@@ -202,11 +207,15 @@ def get_queryset(self):
         # Use trigram similarity for non-email-like queries
         # For performance reasons we filter first by similarity, which relies on an
         # index, then only calculate precise similarity scores for sorting purposes
+
         return (
-            queryset.filter(email__trigram_word_similar=query)
-            .annotate(similarity=TrigramSimilarity("email", query))
+            queryset.annotate(
+                sim_email=TrigramSimilarity(Unaccent("email"), query),
+                sim_name=TrigramSimilarity(Unaccent("full_name"), query),
+            )
+            .annotate(similarity=Greatest("sim_email", "sim_name"))
             .filter(similarity__gt=0.2)
-            .order_by("-similarity", "email")[: settings.API_USERS_LIST_LIMIT]
+            .order_by("-similarity")[: settings.API_USERS_LIST_LIMIT]
         )
 
     @drf.decorators.action(

src/backend/core/tests/test_api_users.py

@@ -76,6 +76,125 @@ def test_api_users_list_query_email():
     assert user_ids == []
 
 
+def test_api_users_list_query_email_with_internationalized_domain_names():
+    """
+    Authenticated users should be able to list users and filter by email.
+    It should work even if the email address contains an internationalized domain name.
+    """
+    user = factories.UserFactory()
+
+    client = APIClient()
+    client.force_login(user)
+
+    jean = factories.UserFactory(email="jean.martin@éducation.fr")
+    kurokawa = factories.UserFactory(email="contact@黒川.日本")
+
+    response = client.get(
+        "/api/v1.0/users/[email protected]",
+    )
+    assert response.status_code == 200
+    user_ids = [user["id"] for user in response.json()]
+    assert user_ids == [str(jean.id)]
+
+    response = client.get(
+        "/api/v1.0/users/?q=jean.martin@éducation.fr",
+    )
+    assert response.status_code == 200
+    user_ids = [user["id"] for user in response.json()]
+    assert user_ids == [str(jean.id)]
+
+    response = client.get(
+        "/api/v1.0/users/?q=contact@黒川.日本",
+    )
+    assert response.status_code == 200
+    user_ids = [user["id"] for user in response.json()]
+    assert user_ids == [str(kurokawa.id)]
+
+
+def test_api_users_list_query_full_name():
+    """
+    Authenticated users should be able to list users and filter by full name.
+    Only results with a Trigram similarity greater than 0.2 with the query should be returned.
+    """
+    user = factories.UserFactory()
+
+    client = APIClient()
+    client.force_login(user)
+
+    dave = factories.UserFactory(email="[email protected]", full_name="David Bowman")
+
+    response = client.get(
+        "/api/v1.0/users/?q=David",
+    )
+    assert response.status_code == 200
+    user_ids = [user["id"] for user in response.json()]
+    assert user_ids == [str(dave.id)]
+
+    response = client.get(
+        "/api/v1.0/users/?q=Bowman",
+    )
+    assert response.status_code == 200
+    user_ids = [user["id"] for user in response.json()]
+    assert user_ids == [str(dave.id)]
+
+    response = client.get(
+        "/api/v1.0/users/?q=Bovin",
+    )
+    assert response.status_code == 200
+    user_ids = [user["id"] for user in response.json()]
+    assert user_ids == []
+
+
+def test_api_users_list_query_accented_full_name():
+    """
+    Authenticated users should be able to list users and filter by full name with accents.
+    Only results with a Trigram similarity greater than 0.2 with the query should be returned.
+    """
+    user = factories.UserFactory()
+
+    client = APIClient()
+    client.force_login(user)
+
+    fred = factories.UserFactory(
+        email="[email protected]", full_name="Frédérique Lefèvre"
+    )
+
+    response = client.get(
+        "/api/v1.0/users/?q=Frédérique",
+    )
+    assert response.status_code == 200
+    user_ids = [user["id"] for user in response.json()]
+    assert user_ids == [str(fred.id)]
+
+    response = client.get(
+        "/api/v1.0/users/?q=Frederique",
+    )
+    assert response.status_code == 200
+    user_ids = [user["id"] for user in response.json()]
+    assert user_ids == [str(fred.id)]
+
+    response = client.get(
+        "/api/v1.0/users/?q=Lefèvre",
+    )
+    assert response.status_code == 200
+    user_ids = [user["id"] for user in response.json()]
+    assert user_ids == [str(fred.id)]
+
+    response = client.get(
+        "/api/v1.0/users/?q=Lefevre",
+    )
+    assert response.status_code == 200
+    user_ids = [user["id"] for user in response.json()]
+    assert user_ids == [str(fred.id)]
+
+    response = client.get(
+        "/api/v1.0/users/?q=François Lorfebvre",
+    )
+    assert response.status_code == 200
+    users = [user["full_name"] for user in response.json()]
+    assert users == []
+
+
 def test_api_users_list_limit(settings):
     """
     Authenticated users should be able to list users and the number of results