-
Notifications
You must be signed in to change notification settings - Fork 68
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Ensuring that Users have a username #1379
Conversation
@@ -12,7 +12,7 @@ | |||
{ | |||
"name": "username", | |||
"type": "varchar(200)", | |||
"nullable": true | |||
"nullable": false |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Should we worry about the situation where an existing install has a null username (for whatever reason) and then the upgrade fails?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We talked about that exact thing. That is why this was moved to 9.5 for the moment, so we can think about all the ways this could already be broken. I cant see a way for the user to login, so I would say we should just delete the user that have null... as part of the upgrade
a4aa427
to
f1edd93
Compare
Note: For anybody reviewing this one. SonarCloud has a hissy fit whenever you merge in changes from upstream, rebase some local changes on top of that and then force push it up. The duplicate code has nothing to do with this PR. |
Co-authored-by: Ben Plessinger <[email protected]>
This change applies the same validation that is used when creating a new user via the Internal Dashboard ( `create_user.php` ) to the saveUser function.
These two changes will ensure that upgrades for existing installations that have managed to create a user with a null username will complete sucessfully instead of erroring out when the ETL framework attempts to update the User table. Once these null username Users have are converted to empty string username Users then a SQL script will be run that deactivates the User as it should be possible to create a user with an empty / null username.
Since we can't have Users with empty / null usernames anymore we needed to replace the method used to generate a username. This method relies on the uniqueness of `uniqid("", true)` to ensure that we get a unique username the first time without having to check a second time.
It turns out that things work better ( or at all ) when you have them running in the correct migration.
Since we updated the way our test usernames were generated in the last commit, we need to update the expected exception message when a user is not found.
b122cc7
to
bf4233f
Compare
NOTE: this is up for discussion / inclusion in 9.5
Description
Just something we ran across while testing things for the OpenOnDemand / XDMoD tutorial. Turns out that you can end up with user's without a username. These changes ensure that when
saveUser
is called that an exception is thrown if_username
is empty. We've also updated the username column to not accept null values & to also have a unique index.Motivation and Context
No more null username Users!
Tests performed
Types of changes
Checklist: