Skip to content

Commit

Permalink
Check email case insensitive in updateUser (#14950)
Browse files Browse the repository at this point in the history
  • Loading branch information
@tsteur
tsteur committed Oct 4, 2019
1 parent 07e84fd commit 9c19370
Show file tree
Hide file tree
Showing 2 changed files with 23 additions and 3 deletions.
6 changes: 4 additions & 2 deletions plugins/UsersManager/API.php
View file
Expand Up @@ -923,7 +923,9 @@ public function updateUser($userLogin, $password = false, $email = false, $alias
$email = $userInfo['email'];
}

if ($email != $userInfo['email']) {
$hasEmailChanged = Common::mb_strtolower($email) !== Common::mb_strtolower($userInfo['email']);

if ($hasEmailChanged) {
$this->checkEmail($email);
$changeShouldRequirePasswordConfirmation = true;
}
Expand All @@ -938,7 +940,7 @@ public function updateUser($userLogin, $password = false, $email = false, $alias

Cache::deleteTrackerCache();

if ($email != $userInfo['email'] && $isEmailNotificationOnInConfig) {
if ($hasEmailChanged && $isEmailNotificationOnInConfig) {
$this->sendEmailChangedEmail($userInfo, $email);
}

Expand Down
20 changes: 19 additions & 1 deletion plugins/UsersManager/tests/Integration/APITest.php
View file
Expand Up @@ -143,6 +143,8 @@ class APITest extends IntegrationTestCase

private $password = 'password';

private $email = 'userlogin@password.de';

public function setUp()
{
parent::setUp();
Expand All @@ -156,7 +158,7 @@ public function setUp()
Fixture::createWebsite('2014-01-01 00:00:00');
Fixture::createWebsite('2014-01-01 00:00:00');
Fixture::createWebsite('2014-01-01 00:00:00');
$this->api->addUser($this->login, $this->password, 'userlogin@password.de');
$this->api->addUser($this->login, $this->password, $this->email);
}

public function tearDown()
Expand Down Expand Up @@ -348,6 +350,22 @@ public function test_updateUser_doesNotSendEmailsIfTurnedOffInConfig()
$this->assertEquals([], $subjects);
}


public function test_updateUser_doesNotSendEmailIfNoChangeAndDoesNotRequirePassword()
{
$capturedMails = [];
Piwik::addAction('Mail.send', function (Mail $mail) use (&$capturedMails) {
$capturedMails[] = $mail;
});

$identity = FakeAccess::$identity;
FakeAccess::$identity = $this->login; // en
$this->api->updateUser($this->login, false, strtoupper($this->email), 'newAlias');
FakeAccess::$identity = $identity;

$this->assertEquals([], $capturedMails);
}

public function test_updateUser_doesNotChangePasswordIfFalsey()
{
$model = new Model();
Expand Down

0 comments on commit 9c19370

Please sign in to comment.