New Foswiki release 2.1.6 is available with important security fixes.
Sourceforge foswiki email lists being discontinued. Subscribe to the new Foswiki announce and discuss lists at MailingLists
You are here: Foswiki>Tasks Web>Item12205 (02 Dec 2012, GeorgeClark)Edit Attach

Item12205: Registration accepts LoginName and then cannot access it

Priority: Normal
Current State: Closed
Released In: 1.1.6
Target Release: patch
Applies To: Engine
Component: FoswikiUIRegister
Branches: Release01x01 trunk
Reported By: GeorgeClark
Waiting For:
Last Change By: GeorgeClark
I've been trying to create a unit test for a "delete user" function, porting the tests from AntiWikiSpamPlugin to the core ManageDotPm tests. The various mappings Foswiki::Func::getCanonicalUserID, and Foswiki::Func::getWikiName seemed to be not working, depending upon the setting of {Register}{AllowLoginName}.

The problem seems to be that Register and TopicUserMapping will record a LoginName into the mapping table, even though AllowLoginName is disabled. However the various access functions are then unable to find that mapping and report that the user does not exist.

I'm not sure of the correct behavior. When {AllowLoginName} is disabled, should Register
  • Allow it anyway? (current behavior, and the error is in the mappers being unable to find the entries?)
  • Silently set it to the WikiName
  • Generate an Oops that the LoginName is not permitted.

After some brief IRC discussion, I've implemented the oops message. It really should not be encountered in practice,
Topic revision: r9 - 02 Dec 2012, GeorgeClark - This page was cached on 22 Mar 2018 - 18:03.

The copyright of the content on this website is held by the contributing authors, except where stated elsewhere. See Copyright Statement. Creative Commons License