Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Don't lookup empty email when canonicalizing #3

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Don't lookup empty email when canonicalizing #3

wants to merge 1 commit into from

Commits on Jun 15, 2016

  1. Don't lookup empty email when canonicalizing 

    Email addresses are optional.  Very bad things happen if we treat all
users who have no email address as the same user.

Example:

1. $RT::Config::ValidateUserEmailAddresses is enabled (as per default)
2. There exists user "A" whose EmailAddress is empty.
3. There exists user "B" whose EmailAddress is '[email protected]'.
4. User A is merged into User B.

Suppose RT::Interface::Web::AttemptExternalAuth() calls

    $UserObj->Create(Name => ..., Gecos => ...);

The call will fail, since the call gets canonicalized to

    $UserObj->Create(
        Name => ..., Gecos => ...,
        EmailAddress => '[email protected]'
    );

and RT::User::ValidateUserEmailAddress() will reject it with an
"Email address in use" error.

This commit changes CanonicalizeEmailAddress() so that it does not try
to rewrite an empty address.  In addition, a conditional has been
rewritten to avoid a double negative and an excessively long line.
    Derek Poon committed Jun 15, 2016
    Configuration menu
    Copy the full SHA
    239c8a4 View commit details
    Browse the repository at this point in the history