Fixed #18886: New user registrations only viewable by Administrator

Make sure the account of the user is removed when manually activating a user and make sure the unactivated users dashboard is based on is_enabled settings
ezsystems · Feb 14, 2012 · 28c7f7a · 28c7f7a
1 parent baedb4d
commit 28c7f7a
Show file tree

Hide file tree

Showing 4 changed files with 21 additions and 2 deletions.
diff --git a/kernel/classes/datatypes/ezuser/ezuser.php b/kernel/classes/datatypes/ezuser/ezuser.php
@@ -300,15 +300,19 @@ static function fetchByEmail( $email, $asObject = true )
     static public function fetchUnactivated( $sort = false, $limit = 10, $offset = 0 )
     {
         $accountDef = eZUserAccountKey::definition();
+        $settingsDef = eZUserSetting::definition();
 
         return eZPersistentObject::fetchObjectList(
             eZUser::definition(), null, null, $sort,
             array(
                 'limit' => $limit,
                 'offset' => $offset
             ),
-            true, false, null, array( $accountDef['name'] ),
-            " WHERE contentobject_id = user_id"
+            true, false, null,
+            array( $accountDef['name'], $settingsDef['name'] ),
+            " WHERE contentobject_id = {$accountDef['name']}.user_id"
+                . " AND {$settingsDef['name']}.user_id = contentobject_id"
+                . " AND is_enabled = 0"
         );
     }
 

diff --git a/kernel/user/ezuseroperationcollection.php b/kernel/user/ezuseroperationcollection.php
@@ -54,6 +54,10 @@ static public function setSettings( $userID, $isEnabled, $maxLogin )
             {
                 eZUser::removeSessionData( $userID );
             }
+            else
+            {
+                eZUserAccountKey::removeByUserID( $userID );
+            }
             return array( 'status' => true );
         }
         else

diff --git a/update/database/mysql/4.7/unstable/dbupdate-4.6.0-to-4.7.0alpha1.sql b/update/database/mysql/4.7/unstable/dbupdate-4.6.0-to-4.7.0alpha1.sql
@@ -4,3 +4,9 @@ UPDATE ezsite_data SET value='1' WHERE name='ezpublish-release';
 
 
 ALTER TABLE ezpending_actions ADD COLUMN id int(11) AUTO_INCREMENT PRIMARY KEY;
+
+
+-- Cleanup for #18886
+-- when a user is manually enabled through the admin interface,
+-- the corresponding ezuser_accountkey record is not removed
+DELETE FROM ezuser_accountkey WHERE user_id IN ( SELECT user_id FROM ezuser_setting WHERE is_enabled = 1 );
diff --git a/update/database/postgresql/4.7/unstable/dbupdate-4.6.0-to-4.7.0alpha1.sql b/update/database/postgresql/4.7/unstable/dbupdate-4.6.0-to-4.7.0alpha1.sql
@@ -60,3 +60,8 @@ CREATE SEQUENCE ezpending_actions_s
 
 ALTER TABLE ezpending_actions ADD id integer DEFAULT nextval('ezpending_actions_s'::text) NOT NULL;
 UPDATE ezpending_actions SET id=nextval('ezpending_actions_s'::text);
+
+-- Cleanup for #18886
+-- when a user is manually enabled through the admin interface,
+-- the corresponding ezuser_accountkey record is not removed
+DELETE FROM ezuser_accountkey WHERE user_id IN ( SELECT user_id FROM ezuser_setting WHERE is_enabled = 1 );