Project

General

Profile

Bug #5897

Missing user mail address should not be required for admin updating a user

Added by Dominic Cleal about 5 years ago. Updated about 1 year ago.

Status:
Closed
Priority:
Normal
Assignee:
Category:
Authentication
Target version:
Difficulty:
Triaged:
Bugzilla link:
Team Backlog:
Fixed in Releases:
Found in Releases:

Description

Cloned from https://bugzilla.redhat.com/show_bug.cgi?id=1099988
Description of problem:
When creating a user the --mail option is not required but when updating it is.

Version-Release number of selected component (if applicable):
hammer (0.1.0) * hammer_cli_foreman (0.1.0) * hammer_cli_katello (0.0.3)

How reproducible:
Aways

Steps to Reproduce:
1. # hammer user create --login testuser --password userpasswd --auth-source-id 1
User created
2. # hammer user list --per-page 10000 | grep testuser
48 | testuser | |
3. # hammer user update --id 48 --login usertest
Could not update the user:
Email address can't be blank
4. # hammer user update --id 48 --login usertest --mail
User updated
5. # hammer user list --per-page 10000 | grep "48 "
48 | usertest | |
Actual results:

Expected results:
If the --mail is required on creation then should ensure that it is filled on update. But if it is not required on creation it should be not required when updating.

Additional info:


Related issues

Related to Foreman - Refactor #10946: User mail address should either be always optional or always requiredNew2015-06-29

Associated revisions

Revision 564b322f (diff)
Added by Tom Caspy about 4 years ago

fixes #5897 - when user doesn't have an email, email isn't required

History

#1 Updated by Dominic Cleal about 5 years ago

  • Category set to Authentication
  • Assignee deleted (Dominic Cleal)

This is currently by design, so an admin can create a user without an e-mail address and they're forced to update it on their first login. I'm not sure that's a great design though and would prefer to simply make it optional. Thoughts?

#2 Updated by Tom Caspy over 4 years ago

  • Assignee set to Tom Caspy

proposed solution - user's auth source defaults to requiring email. in case of hidden, external and LDAP auth sources, they allow blank emails. creating pull request.

#3 Updated by The Foreman Bot over 4 years ago

  • Status changed from New to Ready For Testing
  • Pull request https://github.com/theforeman/foreman/pull/2065 added
  • Pull request deleted ()

#4 Updated by Daniel Lobato Garcia over 4 years ago

Not a bug in my opinion, only users that have never logged in the UI can be in the db without a password, as soon as they log in they have to set one.

#5 Updated by Dominic Cleal over 4 years ago

There are two parts to this, in my opinion.

The bug here is that an admin who creates a user without an e-mail address then updates it before the user has logged in, shouldn't be required to provide the e-mail address on update. I think this is valid.

The design issue of forcing a user to set their e-mail address on login is perhaps a separate issue, but I thought when filing this that if we fixed the design, we might eliminate the bug above. My view on the design is that we should perhaps simply have the e-mail address as an optional field and not force anybody to set it - or have it required, but that'd introduce issues with certain auth sources.

#6 Updated by Tom Caspy over 4 years ago

  • Status changed from Ready For Testing to Assigned
  • Pull request added
  • Pull request deleted (https://github.com/theforeman/foreman/pull/2065)

#7 Updated by The Foreman Bot over 4 years ago

  • Status changed from Assigned to Ready For Testing
  • Pull request https://github.com/theforeman/foreman/pull/2244 added
  • Pull request deleted ()

#8 Updated by Dominic Cleal about 4 years ago

  • Subject changed from User mail address should either be always optional or always required to Missing user mail address should not be required for admin updating a user
  • Legacy Backlogs Release (now unused) set to 35

#9 Updated by Dominic Cleal about 4 years ago

  • Legacy Backlogs Release (now unused) deleted (35)

#10 Updated by Dominic Cleal about 4 years ago

  • Related to Refactor #10946: User mail address should either be always optional or always required added

#11 Updated by Dominic Cleal about 4 years ago

  • Legacy Backlogs Release (now unused) set to 63

#12 Updated by Tom Caspy about 4 years ago

  • Status changed from Ready For Testing to Closed
  • % Done changed from 0 to 100

Also available in: Atom PDF