Skip to content

Commit

Permalink
Merge branch 'MDL-63174-35-emptyusername' of git://github.com/mudrd8m…
Browse files Browse the repository at this point in the history 
…z/moodle into MOODLE_35_STABLE
  • Loading branch information
David Monllao committed Aug 27, 2018
2 parents 2267c9f + f6be98b commit e016281
Show file tree
Hide file tree
Showing 5 changed files with 144 additions and 4 deletions.
2 changes: 2 additions & 0 deletions lang/en/error.php
View file
Expand Up @@ -364,6 +364,7 @@
$string['invaliduserfield'] = 'Invalid user field: {$a}'; $string['invaliduserfield'] = 'Invalid user field: {$a}';
$string['invaliduserdata'] = 'Invalid user data: {$a}'; $string['invaliduserdata'] = 'Invalid user data: {$a}';
$string['invalidusername'] = 'The given username contains invalid characters'; $string['invalidusername'] = 'The given username contains invalid characters';
$string['invalidusernameblank'] = 'The username cannot be blank';
$string['invalidxmlfile'] = '"{$a}" is not a valid XML file'; $string['invalidxmlfile'] = '"{$a}" is not a valid XML file';
$string['iplookupfailed'] = 'Cannot find geo information about this IP address {$a}'; $string['iplookupfailed'] = 'Cannot find geo information about this IP address {$a}';
$string['iplookupprivate'] = 'Cannot display lookup of private IP address'; $string['iplookupprivate'] = 'Cannot display lookup of private IP address';
Expand Down Expand Up @@ -565,6 +566,7 @@
$string['userauthunsupported'] = 'Auth plugin not supported here'; $string['userauthunsupported'] = 'Auth plugin not supported here';
$string['useremailduplicate'] = 'Duplicate address'; $string['useremailduplicate'] = 'Duplicate address';
$string['usermustbemnet'] = 'Users in the MNET access control list must be remote MNET users'; $string['usermustbemnet'] = 'Users in the MNET access control list must be remote MNET users';
$string['usernamelowercase'] = 'The username must be in lower case';
$string['usernotaddederror'] = 'User not added - error'; $string['usernotaddederror'] = 'User not added - error';
$string['usernotaddedregistered'] = 'User not added - already registered'; $string['usernotaddedregistered'] = 'User not added - already registered';
$string['usernotavailable'] = 'The details of this user are not available to you'; $string['usernotavailable'] = 'The details of this user are not available to you';
Expand Down
7 changes: 7 additions & 0 deletions user/externallib.php
View file
Expand Up @@ -157,6 +157,13 @@ public static function create_users($users) {
$userids = array(); $userids = array();
$createpassword = false; $createpassword = false;
foreach ($params['users'] as $user) { foreach ($params['users'] as $user) {
// Make sure that the username, firstname and lastname are not blank.
foreach (array('username', 'firstname', 'lastname') as $fieldname) {
if (trim($user[$fieldname]) === '') {
throw new invalid_parameter_exception('The field '.$fieldname.' cannot be blank');
}
}

// Make sure that the username doesn't already exist. // Make sure that the username doesn't already exist.
if ($DB->record_exists('user', array('username' => $user['username'], 'mnethostid' => $CFG->mnet_localhost_id))) { if ($DB->record_exists('user', array('username' => $user['username'], 'mnethostid' => $CFG->mnet_localhost_id))) {
throw new invalid_parameter_exception('Username already exists: '.$user['username']); throw new invalid_parameter_exception('Username already exists: '.$user['username']);
Expand Down
12 changes: 8 additions & 4 deletions user/lib.php
View file
Expand Up @@ -48,12 +48,16 @@ function user_create_user($user, $updatepassword = true, $triggerevent = true) {
} }


// Check username. // Check username.
if (trim($user->username) === '') {
throw new moodle_exception('invalidusernameblank');
}

if ($user->username !== core_text::strtolower($user->username)) { if ($user->username !== core_text::strtolower($user->username)) {
throw new moodle_exception('usernamelowercase'); throw new moodle_exception('usernamelowercase');
} else { }
if ($user->username !== core_user::clean_field($user->username, 'username')) {
throw new moodle_exception('invalidusername'); if ($user->username !== core_user::clean_field($user->username, 'username')) {
} throw new moodle_exception('invalidusername');
} }


// Save the password in a temp value for later. // Save the password in a temp value for later.
Expand Down
78 changes: 78 additions & 0 deletions user/tests/externallib_test.php
View file
Expand Up @@ -544,6 +544,84 @@ public function test_create_users() {
$createdusers = core_user_external::create_users(array($user1)); $createdusers = core_user_external::create_users(array($user1));
} }


/**
* Test create_users with invalid parameters
*
* @dataProvider data_create_users_invalid_parameter
* @param array $data User data to attempt to register.
* @param string $expectmessage Expected exception message.
*/
public function test_create_users_invalid_parameter(array $data, $expectmessage) {
global $USER, $CFG, $DB;

$this->resetAfterTest(true);
$this->assignUserCapability('moodle/user:create', SYSCONTEXTID);

$this->expectException('invalid_parameter_exception');
$this->expectExceptionMessage($expectmessage);

core_user_external::create_users(array($data));
}

/**
* Data provider for {@link self::test_create_users_invalid_parameter()}.
*
* @return array
*/
public function data_create_users_invalid_parameter() {
return [
'blank_username' => [
'data' => [
'username' => '',
'firstname' => 'Foo',
'lastname' => 'Bar',
'email' => 'foobar@example.com',
'createpassword' => 1,
],
'expectmessage' => 'The field username cannot be blank',
],
'blank_firtname' => [
'data' => [
'username' => 'foobar',
'firstname' => "\t \n",
'lastname' => 'Bar',
'email' => 'foobar@example.com',
'createpassword' => 1,
],
'expectmessage' => 'The field firstname cannot be blank',
],
'blank_lastname' => [
'data' => [
'username' => 'foobar',
'firstname' => '0',
'lastname' => ' ',
'email' => 'foobar@example.com',
'createpassword' => 1,
],
'expectmessage' => 'The field lastname cannot be blank',
],
'invalid_email' => [
'data' => [
'username' => 'foobar',
'firstname' => 'Foo',
'lastname' => 'Bar',
'email' => '@foobar',
'createpassword' => 1,
],
'expectmessage' => 'Email address is invalid',
],
'missing_password' => [
'data' => [
'username' => 'foobar',
'firstname' => 'Foo',
'lastname' => 'Bar',
'email' => 'foobar@example.com',
],
'expectmessage' => 'Invalid password: you must provide a password, or set createpassword',
],
];
}

/** /**
* Test delete_users * Test delete_users
*/ */
Expand Down
49 changes: 49 additions & 0 deletions user/tests/userlib_test.php
View file
Expand Up @@ -241,6 +241,55 @@ public function test_create_users() {
$this->assertDebuggingNotCalled(); $this->assertDebuggingNotCalled();
} }


/**
* Test that {@link user_create_user()} throws exception when invalid username is provided.
*
* @dataProvider data_create_user_invalid_username
* @param string $username Invalid username
* @param string $expectmessage Expected exception message
*/
public function test_create_user_invalid_username($username, $expectmessage) {
global $CFG;

$this->resetAfterTest();
$CFG->extendedusernamechars = false;

$user = [
'username' => $username,
];

$this->expectException('moodle_exception');
$this->expectExceptionMessage($expectmessage);

user_create_user($user);
}

/**
* Data provider for {@link self::test_create_user_invalid_username()}.
*
* @return array
*/
public function data_create_user_invalid_username() {
return [
'empty_string' => [
'',
'The username cannot be blank',
],
'only_whitespace' => [
"\t\t \t\n ",
'The username cannot be blank',
],
'lower_case' => [
'Mudrd8mz',
'The username must be in lower case',
],
'extended_chars' => [
'dmudrák',
'The given username contains invalid characters',
],
];
}

/** /**
* Test function user_count_login_failures(). * Test function user_count_login_failures().
*/ */
Expand Down

0 comments on commit e016281

Please sign in to comment.