Skip to content

Commit

Permalink
Merge pull request #1379 from ryanrath/make_save_user_great_again
Browse files Browse the repository at this point in the history 
Ensuring that Users have a username
  • Loading branch information
@jpwhite4
jpwhite4 authored Mar 31, 2021
2 parents 4fed4da + 7ea0132 commit 9a0c837
Show file tree
Hide file tree
Showing 5 changed files with 61 additions and 7 deletions.
6 changes: 6 additions & 0 deletions classes/XDUser.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -924,6 +924,11 @@ public function saveUser()
throw new Exception('A user must have at least one acl.');
}

$match = preg_match(RESTRICTION_USERNAME, $this->_username);
if ($match === false || $match === 0) {
throw new Exception('A user must have a valid username.');
}

// Retrieve the userId (if any) for the email associated with this User
// object.
$id_of_user_holding_email_address = self::userExistsWithEmailAddress($this->_email);
Expand Down Expand Up @@ -962,6 +967,7 @@ public function saveUser()
if ($forUpdate) {
$update_data['id'] = $this->_id;
}

$update_data['username'] = $this->_username;
$includePassword = strlen($this->_password) <= CHARLIM_PASSWORD;
if ($includePassword) {
Expand Down
37 changes: 37 additions & 0 deletions configuration/etl/etl.d/xdmod-migration-9_0_0-9_5_0.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -120,6 +120,43 @@
"schema": "mod_shredder"
}
}
},
{
"name": "update-Users-table",
"description": "Updating Users.username to not allow null values.",
"class": "ManageTables",
"definition_file_list": [
"xdb/users.json"
],
"endpoints": {
"destination": {
"type": "mysql",
"name": "XDMoD Database",
"config": "database",
"schema": "moddb"
}
}
},
{
"name": "moddb-disable-empty-usernames",
"description": "Disable any accounts that have empty username values.",
"namespace": "ETL\\Maintenance",
"class": "ExecuteSql",
"options_class": "MaintenanceOptions",
"sql_file_list": [
{
"delimiter": ";",
"sql_file": "migrations/9.0.0-9.5.0/moddb/disable_empty_username.sql"
}
],
"endpoints": {
"destination": {
"type": "mysql",
"name": "XDMoD Database",
"config": "database",
"schema": "moddb"
}
}
}
],
"cloud-migration-9_0_0-9_5_0": [
Expand Down
6 changes: 6 additions & 0 deletions configuration/etl/etl_sql.d/migrations/9.0.0-9.5.0/moddb/disable_empty_username.sql
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
/*
* Description: The purpose of this script is to disable any Users who have an empty username.
*/
UPDATE moddb.Users u
SET u.account_is_active = FALSE
WHERE u.username = '';
11 changes: 10 additions & 1 deletion configuration/etl/etl_tables.d/xdb/users.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,8 @@
{
"name": "username",
"type": "varchar(200)",
"nullable": true
"nullable": false,
"default": ""
},
{
"name": "password",
Expand Down Expand Up @@ -121,6 +122,14 @@
],
"type": "BTREE",
"is_unique": true
},
{
"name": "idx_uniq_username",
"columns": [
"username"
],
"type": "BTREE",
"is_unique": true
}
],
"triggers": [
Expand Down
8 changes: 2 additions & 6 deletions tests/component/lib/XDUserTest.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -547,7 +547,7 @@ public function testSaveUserWithDefaultUserType()

/**
* @expectedException Exception
* @expectedExceptionMessageRegExp /User "(\w+)" not found/
* @expectedExceptionMessageRegExp /User "([\w\d.]+)" not found/
*/
public function testRemoveUser()
{
Expand Down Expand Up @@ -950,10 +950,6 @@ private static function getUser($password, $firstName, $middleName, $lastName, a

private static function getUserName($username)
{
while (array_key_exists($username, self::$users)) {
$suffix = rand(self::MIN_USERS, self::MAX_USERS);
$username = "$username$suffix";
}
return $username;
return sprintf("%s%s", $username, uniqid("", true));
}
}

0 comments on commit 9a0c837

Please sign in to comment.