From e14b1689d8d1c49b8f7b60e0fd92fd8d9a93373b Mon Sep 17 00:00:00 2001 From: Samuel Dreyer Date: Mon, 2 Feb 2026 16:49:01 +0000 Subject: [PATCH 1/4] Restricted user name search. --- routes/user_router.py | 2 ++ 1 file changed, 2 insertions(+) diff --git a/routes/user_router.py b/routes/user_router.py index 4011e93f..4ade11b3 100644 --- a/routes/user_router.py +++ b/routes/user_router.py @@ -139,6 +139,8 @@ def search_users( users = db.query(User_DB) if name: + if len(name) < 3: + raise HTTPException(400, "Too few characters, search string must be at least 3.") name_filters: list[ColumnElement[bool]] = [] for term in name.split(" "): name_filters.append(or_(User_DB.first_name.ilike(f"%{term}%"), User_DB.last_name.ilike(f"%{term}%"))) From 8ce842c5a1867d7ffa2268c12ad77e1b4bbbcb68 Mon Sep 17 00:00:00 2001 From: Samuel Dreyer Date: Mon, 2 Feb 2026 16:56:52 +0000 Subject: [PATCH 2/4] Added the option of having names with less than 3 characters. --- routes/user_router.py | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) diff --git a/routes/user_router.py b/routes/user_router.py index 4ade11b3..249bdfd3 100644 --- a/routes/user_router.py +++ b/routes/user_router.py @@ -139,12 +139,15 @@ def search_users( users = db.query(User_DB) if name: - if len(name) < 3: - raise HTTPException(400, "Too few characters, search string must be at least 3.") name_filters: list[ColumnElement[bool]] = [] - for term in name.split(" "): - name_filters.append(or_(User_DB.first_name.ilike(f"%{term}%"), User_DB.last_name.ilike(f"%{term}%"))) - users = users.filter(and_(*name_filters)) + if len(name) < 3: + for term in name.split(" "): + name_filters.append(or_(User_DB.first_name == f"%{term}%", User_DB.last_name == f"%{term}%")) + users = users.filter(and_(*name_filters)) + else: + for term in name.split(" "): + name_filters.append(or_(User_DB.first_name.ilike(f"%{term}%"), User_DB.last_name.ilike(f"%{term}%"))) + users = users.filter(and_(*name_filters)) if program: users = users.filter_by(program=program) From 00033875d8c8a6a65005dff01a3a06413b958c3a Mon Sep 17 00:00:00 2001 From: Samuel Dreyer Date: Mon, 2 Feb 2026 17:44:47 +0000 Subject: [PATCH 3/4] Fixed very short names. --- routes/user_router.py | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/routes/user_router.py b/routes/user_router.py index 249bdfd3..1f33ce16 100644 --- a/routes/user_router.py +++ b/routes/user_router.py @@ -2,7 +2,7 @@ from pathlib import Path from typing import Annotated, Optional from fastapi.responses import FileResponse -from sqlalchemy import ColumnElement, and_, or_ +from sqlalchemy import ColumnElement, and_, or_, func from fastapi import APIRouter, Depends, File, HTTPException, Query, Response, UploadFile, status from database import DB_dependency from db_models.user_model import User_DB @@ -138,11 +138,14 @@ def search_users( ): users = db.query(User_DB) + # The idea is to not get one million results before you have even typed anything useful. + # However, in special cases with very short names you do get results if you type them excactly. if name: name_filters: list[ColumnElement[bool]] = [] if len(name) < 3: - for term in name.split(" "): - name_filters.append(or_(User_DB.first_name == f"%{term}%", User_DB.last_name == f"%{term}%")) + name_filters.append( + or_(func.lower(User_DB.first_name) == name.lower(), func.lower(User_DB.last_name) == name.lower()) + ) users = users.filter(and_(*name_filters)) else: for term in name.split(" "): From b8d4bd7b49a26b0e8bdd2287c57b4d7f9821741f Mon Sep 17 00:00:00 2001 From: Samuel Dreyer Date: Mon, 2 Feb 2026 17:45:43 +0000 Subject: [PATCH 4/4] Finishing touches. --- routes/user_router.py | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/routes/user_router.py b/routes/user_router.py index 1f33ce16..4bfd8900 100644 --- a/routes/user_router.py +++ b/routes/user_router.py @@ -146,11 +146,10 @@ def search_users( name_filters.append( or_(func.lower(User_DB.first_name) == name.lower(), func.lower(User_DB.last_name) == name.lower()) ) - users = users.filter(and_(*name_filters)) else: for term in name.split(" "): name_filters.append(or_(User_DB.first_name.ilike(f"%{term}%"), User_DB.last_name.ilike(f"%{term}%"))) - users = users.filter(and_(*name_filters)) + users = users.filter(and_(*name_filters)) if program: users = users.filter_by(program=program)