[Rt-commit] r18634 - in rt/3.8/trunk: lib/RT

Tue Mar 3 08:57:51 EST 2009

Author: elacour
Date: Tue Mar  3 08:57:51 2009
New Revision: 18634

Modified:
   rt/3.8/trunk/lib/RT/User_Overlay.pm
   rt/3.8/trunk/t/api/user.t

Log:
Add checks for user email address syntax, and cover bad syntaxes by tests
(closes: #12726).
Reported by Richard Hartmann.

Modified: rt/3.8/trunk/lib/RT/User_Overlay.pm
==============================================================================

--- rt/3.8/trunk/lib/RT/User_Overlay.pm	(original)
+++ rt/3.8/trunk/lib/RT/User_Overlay.pm	Tue Mar  3 08:57:51 2009
@@ -166,8 +166,8 @@
         $TempUser->Load( $args{'Name'} );
         return ( 0, $self->loc('Name in use') ) if ( $TempUser->Id );
 
-        return ( 0, $self->loc('Email address in use') )
-          unless ( $self->ValidateEmailAddress( $args{'EmailAddress'} ) );
+        my ($val, $message) = $self->ValidateEmailAddress( $args{'EmailAddress'} );
+        return (0, $message) unless ( $val );
     }
     else {
         $RT::Logger->warning( "$self couldn't check for pre-existing users");
@@ -530,13 +530,18 @@
     # if the email address is null, it's always valid
     return (1) if ( !$Value || $Value eq "" );
 
+    # We only allow one valid email address
+    my @addresses = Email::Address->parse($Value);
+    return ( 0, $self->loc('Invalid syntax for email address') ) unless ( ( scalar (@addresses) == 1 ) && ( $addresses[0]->address ) );
+
+
     my $TempUser = RT::User->new($RT::SystemUser);
     $TempUser->LoadByEmail($Value);
 
     if ( $TempUser->id && ( !$self->id || $TempUser->id != $self->id ) )
     {    # if we found a user with that address
             # it's invalid to set this user's address to it
-        return (undef);
+        return ( 0, $self->loc('Email address in use') );
     }
     else {    #it's a valid email address
         return (1);
@@ -554,10 +559,11 @@
     my $self = shift;
     my $Value = shift;
 
-    if ( $self->ValidateEmailAddress( $Value ) ) {
+    my ($val, $message) = $self->ValidateEmailAddress( $Value );
+    if ( $val ) {
         return $self->_Set( Field => 'EmailAddress', Value => $Value );
     } else {
-        return ( 0, $self->loc('Email address in use') )
+        return ( 0, $message )
     }
 
 }

Modified: rt/3.8/trunk/t/api/user.t
==============================================================================
--- rt/3.8/trunk/t/api/user.t	(original)
+++ rt/3.8/trunk/t/api/user.t	Tue Mar  3 08:57:51 2009
@@ -2,7 +2,7 @@
 use strict;
 use warnings;
 use Test::More; 
-plan tests => 105;
+plan tests => 108;
 use RT;
 use RT::Test;
 
@@ -61,7 +61,20 @@
 ok ($id, $msg);
 is_empty ($u7->EmailAddress);
 
+# Make sur we can't create a user with multiple email adresses separated by comma
+my $u8 = RT::User->new($RT::SystemUser);
+($id, $msg) = $u8->Create(Name => 'CreateTest8'.$$, EmailAddress => $$.'create-test-81 at example.com, '.$$.'create-test-82 at example.com');
+ok (!$id, $msg);
+
+# Make sur we can't create a user with multiple email adresses separated by space
+my $u9 = RT::User->new($RT::SystemUser);
+($id, $msg) = $u9->Create(Name => 'CreateTest9'.$$, EmailAddress => $$.'create-test-91 at example.com '.$$.'create-test-92 at example.com');
+ok (!$id, $msg);
 
+# Make sur we can't create a user with invalid email address
+my $u10 = RT::User->new($RT::SystemUser);
+($id, $msg) = $u10->Create(Name => 'CreateTest10'.$$, EmailAddress => $$.'create-test10}@[.com');
+ok (!$id, $msg);
 
 }
 
