From 645ebe3d40e6a148dca52054e91483253b3d7568 Mon Sep 17 00:00:00 2001
From: Jochen Wiedmann <jochen.wiedmann@gmail.com>
Date: Wed, 27 Apr 2011 15:20:55 -0700
Subject: Bug 423612 - Allow editing extern_id for users from the admin
 interface r=mkanat, a=mkanat

---
 Bugzilla/Auth.pm              | 10 ++++++++++
 Bugzilla/Auth/Login.pm        |  9 +++++++++
 Bugzilla/Auth/Login/Env.pm    |  1 +
 Bugzilla/Auth/Login/Stack.pm  |  6 ++++++
 Bugzilla/Auth/Verify.pm       |  9 +++++++++
 Bugzilla/Auth/Verify/Stack.pm |  5 +++++
 Bugzilla/Template.pm          |  1 +
 Bugzilla/User.pm              | 27 +++++++++++++++++++++++++++
 8 files changed, 68 insertions(+)

(limited to 'Bugzilla')

diff --git a/Bugzilla/Auth.pm b/Bugzilla/Auth.pm
index 782953878..e6127d32a 100644
--- a/Bugzilla/Auth.pm
+++ b/Bugzilla/Auth.pm
@@ -134,6 +134,12 @@ sub user_can_create_account {
            && $getter->user_can_create_account;
 }
 
+sub extern_id_used {
+    my ($self) = @_;
+    return $self->{_info_getter}->extern_id_used
+           ||  $self->{_verifier}->extern_id_used;
+}
+
 sub can_change_email {
     return $_[0]->user_can_create_account;
 }
@@ -397,6 +403,10 @@ Params:      None
 Returns:     C<true> if users are allowed to create new Bugzilla accounts,
              C<false> otherwise.
 
+=item C<extern_id_used>
+  
+Description: Whether or not current login system uses extern_id.
+
 =item C<can_change_email>
 
 Description: Whether or not the current login system allows users to
diff --git a/Bugzilla/Auth/Login.pm b/Bugzilla/Auth/Login.pm
index b3add7365..42ce51c62 100644
--- a/Bugzilla/Auth/Login.pm
+++ b/Bugzilla/Auth/Login.pm
@@ -28,6 +28,7 @@ use constant requires_persistence  => 1;
 use constant requires_verification => 1;
 use constant user_can_create_account => 0;
 use constant is_automatic => 0;
+use constant extern_id_used => 0; 
 
 sub new {
     my ($class) = @_;
@@ -131,4 +132,12 @@ just passes us an environment variable on most page requests, and does not
 ask the user for authentication information directly in Bugzilla.) Defaults
 to C<false>.
 
+=item C<extern_id_used>
+
+Whether or not this login method uses the extern_id field. If
+used, users with editusers permission will be be allowed to
+edit the extern_id for all users.
+
+The default value is C<0>.
+
 =back
diff --git a/Bugzilla/Auth/Login/Env.pm b/Bugzilla/Auth/Login/Env.pm
index f93034ef3..76227f18b 100644
--- a/Bugzilla/Auth/Login/Env.pm
+++ b/Bugzilla/Auth/Login/Env.pm
@@ -32,6 +32,7 @@ use constant can_login  => 0;
 use constant requires_persistence  => 0;
 use constant requires_verification => 0;
 use constant is_automatic => 1;
+use constant extern_id_used => 1;
 
 sub get_login_info {
     my ($self) = @_;
diff --git a/Bugzilla/Auth/Login/Stack.pm b/Bugzilla/Auth/Login/Stack.pm
index f490d243b..0f3661954 100644
--- a/Bugzilla/Auth/Login/Stack.pm
+++ b/Bugzilla/Auth/Login/Stack.pm
@@ -28,6 +28,7 @@ use fields qw(
 );
 use Hash::Util qw(lock_keys);
 use Bugzilla::Hook;
+use List::MoreUtils qw(any);
 
 sub new {
     my $class = shift;
@@ -97,4 +98,9 @@ sub user_can_create_account {
     return 0;
 }
 
+sub extern_id_used {
+    my ($self) = @_;
+    return any { $_->extern_id_used } @{ $self->{_stack} };
+}
+
 1;
diff --git a/Bugzilla/Auth/Verify.pm b/Bugzilla/Auth/Verify.pm
index b293e2583..a8cd0af2c 100644
--- a/Bugzilla/Auth/Verify.pm
+++ b/Bugzilla/Auth/Verify.pm
@@ -25,6 +25,7 @@ use Bugzilla::User;
 use Bugzilla::Util;
 
 use constant user_can_create_account => 1;
+use constant extern_id_used => 0;
 
 sub new {
     my ($class, $login_type) = @_;
@@ -232,4 +233,12 @@ C<false>.
 Whether or not users can manually create accounts in this type of
 account source. Defaults to C<true>.
 
+=item C<extern_id_used>
+
+Whether or not this verifier method uses the extern_id field. If
+used, users with editusers permission will be be allowed to
+edit the extern_id for all users.
+
+The default value is C<false>.
+
 =back
diff --git a/Bugzilla/Auth/Verify/Stack.pm b/Bugzilla/Auth/Verify/Stack.pm
index 2df3fcd25..dfc920420 100644
--- a/Bugzilla/Auth/Verify/Stack.pm
+++ b/Bugzilla/Auth/Verify/Stack.pm
@@ -86,4 +86,9 @@ sub user_can_create_account {
     return 0;
 }
 
+sub extern_id_used {
+    my ($self) = @_;
+    return any { $_->extern_id_used } @{ $self->{_stack} };
+}
+
 1;
diff --git a/Bugzilla/Template.pm b/Bugzilla/Template.pm
index 93c318456..612291ceb 100644
--- a/Bugzilla/Template.pm
+++ b/Bugzilla/Template.pm
@@ -955,6 +955,7 @@ sub create {
                 }
                 return \@optional;
             },
+            'default_authorizer' => new Bugzilla::Auth(),
         },
     };
 
diff --git a/Bugzilla/User.pm b/Bugzilla/User.pm
index f23873991..89cd7ce72 100644
--- a/Bugzilla/User.pm
+++ b/Bugzilla/User.pm
@@ -97,6 +97,7 @@ use constant DB_COLUMNS => (
     'profiles.mybugslink AS showmybugslink',
     'profiles.disabledtext',
     'profiles.disable_mail',
+    'profiles.extern_id',
 );
 use constant NAME_FIELD => 'login_name';
 use constant ID_FIELD   => 'userid';
@@ -108,6 +109,7 @@ use constant VALIDATORS => {
     disabledtext  => \&_check_disabledtext,
     login_name    => \&check_login_name_for_creation,
     realname      => \&_check_realname,
+    extern_id     => \&_check_extern_id,
 };
 
 sub UPDATE_COLUMNS {
@@ -117,6 +119,7 @@ sub UPDATE_COLUMNS {
         disabledtext
         login_name
         realname
+        extern_id
     );
     push(@cols, 'cryptpassword') if exists $self->{cryptpassword};
     return @cols;
@@ -135,6 +138,12 @@ sub new {
     bless ($user, $class);
     return $user unless $param;
 
+    if (ref($param) eq 'HASH') {
+        if (defined $param->{extern_id}) {
+            $param = { condition => 'extern_id = ?' , values => [$param->{extern_id}] };
+            $_[0] = $param;
+        }
+    }
     return $class->SUPER::new(@_);
 }
 
@@ -180,6 +189,22 @@ sub update {
 sub _check_disable_mail { return $_[1] ? 1 : 0; }
 sub _check_disabledtext { return trim($_[1]) || ''; }
 
+# Check whether the extern_id is unique.
+sub _check_extern_id {
+    my ($invocant, $extern_id) = @_;
+    $extern_id = trim($extern_id);
+    return undef unless defined($extern_id) && $extern_id ne "";
+    if (!ref($invocant) || $invocant->extern_id ne $extern_id) {
+        my $existing_login = $invocant->new({ extern_id => $extern_id });
+        if ($existing_login) {
+            ThrowUserError( 'extern_id_exists',
+                            { extern_id => $extern_id,
+                              existing_login_name => $existing_login->login });
+        }
+    }
+    return $extern_id;
+}
+
 # This is public since createaccount.cgi needs to use it before issuing
 # a token for account creation.
 sub check_login_name_for_creation {
@@ -219,6 +244,7 @@ sub _check_realname { return trim($_[1]) || ''; }
 
 sub set_disabledtext { $_[0]->set('disabledtext', $_[1]); }
 sub set_disable_mail { $_[0]->set('disable_mail', $_[1]); }
+sub set_extern_id    { $_[0]->set('extern_id', $_[1]); }
 
 sub set_login {
     my ($self, $login) = @_;
@@ -243,6 +269,7 @@ sub set_password { $_[0]->set('cryptpassword', $_[1]); }
 # Accessors for user attributes
 sub name  { $_[0]->{realname};   }
 sub login { $_[0]->{login_name}; }
+sub extern_id { $_[0]->{extern_id}; }
 sub email { $_[0]->login . Bugzilla->params->{'emailsuffix'}; }
 sub disabledtext { $_[0]->{'disabledtext'}; }
 sub is_disabled { $_[0]->disabledtext ? 1 : 0; }
-- 
cgit v1.2.3-24-g4f1b