New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Fixed Hard Coupling (com_users | plg_users_joomla) #20275
Conversation
plugins/user/joomla/joomla.php
Outdated
*/ | ||
public function onContentPrepareForm($form, $data) | ||
{ | ||
if (!($form instanceof JForm)) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
hmm IMO this check can be dropped as if we get here without a valid form something else is broken anyway. I have not checked it but IIRC $this->_subject->setError('JERROR_NOT_A_FORM');
would not work anyway.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
if we get here without a valid form something else is broken anyway
I thought same, but I saw we use it inside another plugin, and no wanted to drop something without knowing the "exactly why"
Done @zero-24 and thank you |
plugins/user/joomla/joomla.php
Outdated
* | ||
* @return boolean | ||
* | ||
* @since 3.8 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Please use __DEPLOY__VERSION__
this way the release script replace it with the correct version where that method get committed in :)
plugins/user/joomla/joomla.php
Outdated
* | ||
* @return boolean | ||
* | ||
* @since __DEPLOY__VERSION__ |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Align. Add one more space.
I have just tested this and found two issue. In case there is a validation error $data is no stdClass but just an empty array. And the second is what happen when the plugin is disabled. Currently the password field is not required. But it needs to be required than. How to reproduce (First Issue)
How to reproduce (Second Issue)
How to solve the issues
|
@zero-24 if you disabled the plugin, others things like the login logic will break, among other things. In fact, there is a string warning about this. In case this plugin is disabled because another plugin will handle User synchronization, then we no need more the "Notification Mail to User", and we no need check for this.
We can add an |
Try to create another user with the same username. Error pops up. When you debug you notice that the $data array is empty
I do not understand why the drone fail here? |
Well my point is that the password fields are than not required in that case ;) But I'm also fine merge this without that change and when this got accepted i do a PR that would handle the proposed solution. |
@Quy can you give me a hand here? This code is marked as a conflict for the merge, was moved to the plugin for solved the issue. Or maybe I understand wrong this. |
I think you have to update your branch since there were changes to |
Thank you @Quy |
plugins/user/joomla/joomla.php
Outdated
* | ||
* @return boolean | ||
* | ||
* @since __DEPLOY__VERSION__ |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It's __DEPLOY_VERSION__
(one underscore between words).
plugins/user/joomla/joomla.php
Outdated
if ($name === 'com_users.user') | ||
{ | ||
// Passwords fields are required when mail to user is set to No | ||
if (is_object($data) && $data->id === 0 && $this->params->get('mail_to_user', '1') === '0') |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Change mail_to_user
param fallback value and comparison value to be integer and comparison to be not type-safe:
$this->params->get('mail_to_user', 1) == 0
or !$this->params->get('mail_to_user', 1)
.
Thank you @SharkyKZ |
Done, thank @Quy |
plugins/user/joomla/joomla.php
Outdated
if ($name === 'com_users.user') | ||
{ | ||
// In case there is a validation error (like duplicated user), $data is not a stdClass but just an empty array | ||
// TODO: Check inside the FormModel line 230, for put the right associated data for the form |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Really shouldn't make a reference to a specific line number in a code comment. If the code's updated, this reference goes away.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Is true, thank you @mbabker my mistake, sorry
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The first comment should also be updated. $data
is an empty array on save. After returning from error, $data
is an array but populated.
@mbabker can you comment on form data issue? FormController
does not load form data by default, making it unavailable in onContentPrepareForm
when saving. Code based on Form::getValue()
also fails. Is this correct behavior? Should we use data from input instead?
Related issue #17700 about empty $data. |
This is the correct way then to do this or need a different way? |
The code works fine now. Still thinking about @zero-24's suggestion to make password fields required by default. It would make sense not to auto-generate passwords when plugin is disabled, when mail to user option in plugin is disabled or when sending passwords is disabled in com_users. |
Ok, let do the suggestion of @zero-24 |
It never makes sense in the admin to make creating a password required. |
For creating a new account, I'd say it would make sense to default it to required and conditionally unrequire it based on the other settings. Otherwise you're left in a spot where admin creates an account without setting a password and the new user's only way of getting into the account is through the "forgot my password" interface. I don't think that's necessarily the best new user experience, but we all know what opinions are like. |
This is a valid argument imo #20247 (comment) |
@carlitorweb are the Test Instructions up-to-date? |
@fran so far, yes |
"Notification Mail to User"-option is "No", both Password-Fields have a "*". I'm confused about the Test Instructions. Also "Expected" and "Actual Result" have the same Description. |
@franz-wohlkoenig Behavior before and after patch should be the same. |
I have tested this item ✅ successfully on fe03395 This comment was created with the J!Tracker Application at issues.joomla.org/tracker/joomla-cms/20275. |
I have tested this item ✅ successfully on b633bbf This comment was created with the J!Tracker Application at issues.joomla.org/tracker/joomla-cms/20275. |
RTC This comment was created with the J!Tracker Application at issues.joomla.org/tracker/joomla-cms/20275. |
Thanks |
Pull Request for Issue #20249
Summary of Changes
Added
onContentPrepareForm
event to the plugin for doing the form require alterations to the passwords fields.Testing Instructions
Go to the administration and create a new user. Check the form that is shown need have the passwords fields with the attribute "require" if the plugin User - Joomla! have the Notification Mail to User option as No.
Expected result
Passwords field with the "require" attribute
Actual result
Passwords field with the "require" attribute
Documentation Changes Required
No