Non-secret emails not working

I'm not sure if this is a technical issue or a documentation issue.

The problem: If a user has no email address in Foswiki's htpasswd file, that user cannot receive email (for resetting their password) even if they have an Email form-field and/or 'Set Email =' line in their user topic. The error they get is:

Attention

Password reset failed

Can't get an e-mail address for some_username (required for password reset)

Is this technical?...

All documentation I've seen within the Foswiki installation itself seems to indicate that this is incorrect behavior. For instance, ChangeEmailAddress says "If Foswiki can't find a registered e-mail for you in the secret database, it will look in your user topic for a form field called Email. If this form field does not exist it will look for a line like this:

* Set Email = user@example.com
"

Similarly, the infotext for configure > Security and Authentication > {AntiSpam}{HideUserDetails} says "Normally Foswiki stores the user's sensitive information (such as their e-mail address) in a database out of public view. This is to help prevent e-mail spam and identity fraud. If that is not a risk for you (e.g. you are behind a firewall) and you are happy for e-mails to be made public to all Foswiki users, then you can set this option." (With the implication that then the sensitive information will not be in a database out of public view.)

If it's a technical problem, my question is What do I try next? Or do I just wait for a bugfix?

Technical details:

• I'm running Foswiki 1.1.4 on Ubuntu.
• Email itself is working fine: the Test Email Configuration button works like a charm, and if there is an email address in the htpasswd file, password changes work smoothly.
• Most users are being migrated from an earlier (1.0.X) Foswiki installation, though I've tried making a few new users via registration and the behavior is the same for them.
• I'm running Foswiki under FastCGI. (fcgi, specifically)
• Changing the setting of {AntiSpam}{HideUserDetails} doesn't seem to affect the behavior.
• Changing the setting of {Htpasswd}{Encoding} doesn't seem to affect the behavior.
• Changing the setting of {Register}{AllowLoginName} doesn't seem to affect the behavior, though I had a harder time testing this one, so most tests have been with it turned on;
• It doesn't seem to matter whether the user's htpasswd entry was created manually (via the htpasswd command) or by user registration (which I usually have turned off, but turned on long enough to test this).

...or documentation?

However, the answer to Question602 implies that the above behavior is as designed - that Foswiki always stores the user's email address in the htpasswd file, and will not look in user topics for a form field called Email or a 'Set Email =' line.

If this is true, there's no functional bug, but updating the documentation - particularly updating the /bin/configure infotext for {AntiSpam}{HideUserDetails} with a warning that lack of emails in the htpasswd file will mean that system-generated emails just flat-out won't work - might save someone else the hair-pulling frustration of my past hour or two.

If it's a documentation problem, I have two questions:

1. What can I do to help make the above documentation change happen?
2. How do I register my preference that it should be possible for users to simply + easily edit their email address on their topic page, rather than having to use a special purpose Change E-mail Address page in the System Web?

-- EricReuss - 16 Jun 2012

I'd say at this point it's a documentation issue. IF the password manager supports storing emails in the password system, then that is the only source of email addresses. There is a script in the tools directory for migrating emails from user topics to the password database.

if you really want the mapper to manage email addresses as part of the User topics, then you might try a local modification to foswiki. Edit lib/Foswiki/Users/HtPasswdUser.pm and find the following code:

sub isManagingEmails {
    return 1;
}

And change the return 1; to return 0;. That will tell the Mapper code that it will be responsible for managing email addresses. I gave this a quick test and it appears that it should work. New users were registered with their email address in their User form. Note that we don't have a tool that will migrate passwords back from the password system to the user topics. So manual intervention would be needed for existing users.

-- GeorgeClark - 17 Jun 2012

Thank you very much! The edit to HtPasswdUser.pm seems to be just what I needed, and is certainly simple enough once one knows about it. I also appreciate mention of the tool for migrating emails from user topics to the password database.

-- EricReuss - 17 Jun 2012

Commenting is disabled while not logged in