summaryrefslogtreecommitdiffstats
path: root/Bugzilla/Auth/Verify.pm
diff options
context:
space:
mode:
Diffstat (limited to 'Bugzilla/Auth/Verify.pm')
-rw-r--r--Bugzilla/Auth/Verify.pm54
1 files changed, 30 insertions, 24 deletions
diff --git a/Bugzilla/Auth/Verify.pm b/Bugzilla/Auth/Verify.pm
index ef5b749b1..20318b3a5 100644
--- a/Bugzilla/Auth/Verify.pm
+++ b/Bugzilla/Auth/Verify.pm
@@ -36,7 +36,8 @@ sub create_or_update_user {
my $dbh = Bugzilla->dbh;
my $extern_id = $params->{extern_id};
- my $username = $params->{bz_username} || $params->{username};
+ my $login = $params->{bz_username} || $params->{username};
+ my $email = Bugzilla->params->{use_email_as_login} ? $login : $params->{email};
my $password = $params->{password} || '*';
my $real_name = $params->{realname} || '';
my $user_id = $params->{user_id};
@@ -44,7 +45,7 @@ sub create_or_update_user {
# A passed-in user_id always overrides anything else, for determining
# what account we should return.
if (!$user_id) {
- my $username_user_id = login_to_id($username || '');
+ my $login_user_id = login_to_id($login || '');
my $extern_user_id;
if ($extern_id) {
trick_taint($extern_id);
@@ -52,26 +53,26 @@ sub create_or_update_user {
FROM profiles WHERE extern_id = ?', undef, $extern_id);
}
- # If we have both a valid extern_id and a valid username, and they are
+ # If we have both a valid extern_id and a valid login, and they are
# not the same id, then we have a conflict.
- if ($username_user_id && $extern_user_id
- && $username_user_id ne $extern_user_id)
+ if ($login_user_id && $extern_user_id
+ && $login_user_id ne $extern_user_id)
{
my $extern_name = Bugzilla::User->new($extern_user_id)->login;
return { failure => AUTH_ERROR, error => "extern_id_conflict",
details => {extern_id => $extern_id,
extern_user => $extern_name,
- username => $username} };
+ username => $login} };
}
- # If we have a valid username, but no valid id,
+ # If we have a valid login, but no valid id,
# then we have to create the user. This happens when we're
- # passed only a username, and that username doesn't exist already.
- if ($username && !$username_user_id && !$extern_user_id) {
- validate_email_syntax($username)
- || return { failure => AUTH_ERROR,
+ # passed only a login, and that login doesn't exist already.
+ if ($login && !$login_user_id && !$extern_user_id) {
+ validate_email_syntax($email)
+ || return { failure => AUTH_ERROR,
error => 'auth_invalid_email',
- details => {addr => $username} };
+ details => {addr => $email} };
# Usually we'd call validate_password, but external authentication
# systems might follow different standards than ours. So in this
# place here, we call trick_taint without checks.
@@ -79,23 +80,24 @@ sub create_or_update_user {
# XXX Theoretically this could fail with an error, but the fix for
# that is too involved to be done right now.
- my $user = Bugzilla::User->create({
- login_name => $username,
+ my $user = Bugzilla::User->create({
+ login_name => $login,
+ email => $email,
cryptpassword => $password,
realname => $real_name});
- $username_user_id = $user->id;
+ $login_user_id = $user->id;
}
- # If we have a valid username id and an extern_id, but no valid
+ # If we have a valid login id and an extern_id, but no valid
# extern_user_id, then we have to set the user's extern_id.
- if ($extern_id && $username_user_id && !$extern_user_id) {
+ if ($extern_id && $login_user_id && !$extern_user_id) {
$dbh->do('UPDATE profiles SET extern_id = ? WHERE userid = ?',
- undef, $extern_id, $username_user_id);
- Bugzilla->memcached->clear({ table => 'profiles', id => $username_user_id });
+ undef, $extern_id, $login_user_id);
+ Bugzilla->memcached->clear({ table => 'profiles', id => $login_user_id });
}
# Finally, at this point, one of these will give us a valid user id.
- $user_id = $extern_user_id || $username_user_id;
+ $user_id = $extern_user_id || $login_user_id;
}
# If we still don't have a valid user_id, then we weren't passed
@@ -109,11 +111,15 @@ sub create_or_update_user {
# Now that we have a valid User, we need to see if any data has to be updated.
my $changed = 0;
- if ($username && lc($user->login) ne lc($username)) {
- validate_email_syntax($username)
+ if ($email && lc($user->email) ne lc($email)) {
+ validate_email_syntax($email)
|| return { failure => AUTH_ERROR, error => 'auth_invalid_email',
- details => {addr => $username} };
- $user->set_login($username);
+ details => {addr => $email} };
+ $user->set_email($email);
+ $changed = 1;
+ }
+ if ($login && lc($user->login) ne lc($login)) {
+ $user->set_login($login);
$changed = 1;
}
if ($real_name && $user->name ne $real_name) {