Skip to content
Permalink
Browse files Browse the repository at this point in the history
XWIKI-17942: Email validation check is not properly reset
  * Ensure to reset the validation email key once validated
  • Loading branch information
surli committed Dec 16, 2020
1 parent e4dec4e commit f9a6774
Show file tree
Hide file tree
Showing 2 changed files with 7 additions and 1 deletion.
Expand Up @@ -3857,10 +3857,14 @@ public int validateUser(boolean withConfirmEmail, XWikiContext context) throws X

// Compare the two keys
if ((!storedKey.equals("") && (storedKey.equals(validationKey)))) {
// Ensure to remove the validation key value, so it cannot be used afterwards to enable back
// a disabled user.
userObject.setStringValue("validkey", "");
saveDocument(userDocument, context);

XWikiUser xWikiUser = new XWikiUser(userDocument.getDocumentReference());
xWikiUser.setDisabled(false, context);
xWikiUser.setEmailChecked(true, context);
saveDocument(userDocument, context);

if (withConfirmEmail) {
String email = userObject.getStringValue("email");
Expand Down
Expand Up @@ -580,6 +580,8 @@ public void testValidationKeyStorage() throws Exception
this.xwiki.saveDocument(testUser, context);

assertEquals(0, this.xwiki.validateUser(false, this.oldcore.getXWikiContext()));
XWikiDocument reloadedDocument = this.xwiki.getDocument(testUser, context);
assertEquals("", reloadedDocument.getObject("XWiki.XWikiUsers").getStringValue("validkey"));

// Check with an incorrect plaintext key
validationKey.setValue("wrong key");
Expand Down

0 comments on commit f9a6774

Please sign in to comment.