Commit c84751cb authored by Dries's avatar Dries

- Patch #565290 by flobruit, chx: fixed user register when configured not to use e-mails.

parent 157f6ee0
......@@ -2221,7 +2221,7 @@ function user_roles($membersonly = FALSE, $permission = NULL) {
* @param $role
* A string with the role name, or an integer with the role ID.
* @return
* A fully-loaded role object if a role with the given name or ID
* A fully-loaded role object if a role with the given name or ID
* exists, FALSE otherwise.
*/
function user_role_load($role) {
......@@ -2241,7 +2241,7 @@ function user_role_load($role) {
* @return
* Status constant indicating if role was created or updated.
* Failure to write the user role record will return FALSE. Otherwise.
* SAVED_NEW or SAVED_UPDATED is returned depending on the operation
* SAVED_NEW or SAVED_UPDATED is returned depending on the operation
* performed.
*/
function user_role_save($role) {
......@@ -2257,7 +2257,7 @@ function user_role_save($role) {
$status = drupal_write_record('role', $role);
module_invoke_all('user_role_insert', $role);
}
return $status;
}
......@@ -2280,10 +2280,10 @@ function user_role_delete($role) {
db_delete('users_roles')
->condition('rid', $role->rid)
->execute();
// Clear the user access cache.
user_access(NULL, NULL, TRUE);
module_invoke_all('user_role_delete', $role);
}
......@@ -2295,7 +2295,7 @@ function user_role_delete($role) {
* @param $permissions
* An array of permissions strings.
* @param $merge
* A boolean indicating whether to add permissions or to merge
* A boolean indicating whether to add permissions or to merge
* with all existing permissions.
*/
function user_role_set_permissions($role, array $permissions = array(), $merge = FALSE) {
......@@ -2971,57 +2971,42 @@ function user_register_submit($form, &$form_state) {
watchdog('user', 'New user: %name (%email).', array('%name' => $name, '%email' => $mail), WATCHDOG_NOTICE, l(t('edit'), 'user/' . $account->uid . '/edit'));
// The first user may login immediately, and receives a customized welcome e-mail.
if ($account->uid == 1) {
drupal_set_message(t('Welcome to Drupal. You are now logged in as user #1, which gives you full control over your website.'));
if (variable_get('user_email_verification', TRUE)) {
drupal_set_message(t('</p><p> Your password is <strong>%pass</strong>. You may change your password below.</p>', array('%pass' => $pass)));
}
$form_state['values'] += $merge_data;
user_authenticate(array_merge($form_state));
$form_state['redirect'] = 'user/1/edit';
// Add plain text password into user account to generate mail tokens.
$account->password = $pass;
if ($admin && !$notify) {
drupal_set_message(t('Created a new user account for <a href="@url">%name</a>. No e-mail has been sent.', array('@url' => url("user/$account->uid"), '%name' => $account->name)));
}
elseif (!variable_get('user_email_verification', TRUE) && $account->status && !$admin) {
// No e-mail verification is required, create new user account, and login
// user immediately.
_user_mail_notify('register_no_approval_required', $account);
$form_state['uid'] = $account->uid;
user_login_submit(array(), $form_state);
drupal_set_message(t('Registration successful. You are now logged in.'));
$form_state['redirect'] = '';
return;
}
else {
// Add plain text password into user account to generate mail tokens.
$account->password = $pass;
if ($admin && !$notify) {
drupal_set_message(t('Created a new user account for <a href="@url">%name</a>. No e-mail has been sent.', array('@url' => url("user/$account->uid"), '%name' => $account->name)));
}
elseif (!variable_get('user_email_verification', TRUE) && $account->status && !$admin) {
// No e-mail verification is required, create new user account, and login
// user immediately.
_user_mail_notify('register_no_approval_required', $account);
if (user_authenticate(array_merge($form_state['values'], $merge_data))) {
drupal_set_message(t('Registration successful. You are now logged in.'));
}
$form_state['redirect'] = '';
return;
}
elseif ($account->status || $notify) {
// Create new user account, no administrator approval required.
$op = $notify ? 'register_admin_created' : 'register_no_approval_required';
_user_mail_notify($op, $account);
if ($notify) {
drupal_set_message(t('Password and further instructions have been e-mailed to the new user <a href="@url">%name</a>.', array('@url' => url("user/$account->uid"), '%name' => $account->name)));
}
else {
drupal_set_message(t('Your password and further instructions have been sent to your e-mail address.'));
$form_state['redirect'] = '';
return;
}
elseif ($account->status || $notify) {
// Create new user account, no administrator approval required.
$op = $notify ? 'register_admin_created' : 'register_no_approval_required';
_user_mail_notify($op, $account);
if ($notify) {
drupal_set_message(t('Password and further instructions have been e-mailed to the new user <a href="@url">%name</a>.', array('@url' => url("user/$account->uid"), '%name' => $account->name)));
}
else {
// Create new user account, administrator approval required.
_user_mail_notify('register_pending_approval', $account);
drupal_set_message(t('Thank you for applying for an account. Your account is currently pending approval by the site administrator.<br />In the meantime, a welcome message with further instructions has been sent to your e-mail address.'));
drupal_set_message(t('Your password and further instructions have been sent to your e-mail address.'));
$form_state['redirect'] = '';
return;
}
}
else {
// Create new user account, administrator approval required.
_user_mail_notify('register_pending_approval', $account);
drupal_set_message(t('Thank you for applying for an account. Your account is currently pending approval by the site administrator.<br />In the meantime, a welcome message with further instructions has been sent to your e-mail address.'));
$form_state['redirect'] = '';
return;
}
}
/**
......
......@@ -5,109 +5,130 @@ class UserRegistrationTestCase extends DrupalWebTestCase {
public static function getInfo() {
return array(
'name' => 'User registration',
'description' => 'Registers a user, fails login, resets password, successfully logs in with the one time password, fails password change, changes password, logs out, successfully logs in with the new password, visits profile page.',
'description' => 'Test registration of user under different configurations.',
'group' => 'User'
);
}
/**
* Registers a user, fails login, resets password, successfully logs in with the one time password,
* changes password, logs out, successfully logs in with the new password, visits profile page.
*
* Assumes that the profile module is disabled.
*/
function testUserRegistration() {
// Set user registration to "Visitors can create accounts and no administrator approval is required."
function testRegistrationWithEmailVerification() {
// Require e-mail verification.
variable_set('user_email_verification', TRUE);
// Set registration to administrator only.
variable_set('user_register', 0);
$this->drupalGet('user/register');
$this->assertResponse(403, t('Registration page is inaccessible when only administrators can create accounts.'));
// Allow registration by site visitors without administrator approval.
variable_set('user_register', 1);
// Enable user-configurable time zones, and set the default time zone to Brussels time.
variable_set('configurable_timezones', 1);
variable_set('date_default_timezone', 'Europe/Brussels');
$edit = array();
$edit['name'] = $name = $this->randomName();
$edit['mail'] = $mail = $edit['name'] . '@example.com';
$this->drupalPost('user/register', $edit, t('Create new account'));
$this->assertText(t('Your password and further instructions have been sent to your e-mail address.'), t('User registered successfully.'));
// Check database for created user.
$users = user_load_multiple(array(), array('name' => $name, 'mail' => $mail));
$user = reset($users);
$this->assertTrue($user, t('User found in database.'));
$this->assertTrue($user->uid > 0, t('User has valid user id.'));
// Check user fields.
$this->assertEqual($user->name, $name, t('Username matches.'));
$this->assertEqual($user->mail, $mail, t('E-mail address matches.'));
$this->assertEqual($user->theme, '', t('Correct theme field.'));
$this->assertEqual($user->signature, '', t('Correct signature field.'));
$this->assertTrue(($user->created > REQUEST_TIME - 20 ), t('Correct creation time.'));
$this->assertEqual($user->status, variable_get('user_register', 1) == 1 ? 1 : 0, t('Correct status field.'));
$this->assertEqual($user->timezone, variable_get('date_default_timezone'), t('Correct time zone field.'));
$this->assertEqual($user->language, '', t('Correct language field.'));
$this->assertEqual($user->picture, '', t('Correct picture field.'));
$this->assertEqual($user->init, $mail, t('Correct init field.'));
// Attempt to login with incorrect password.
$new_user = reset(user_load_multiple(array(), array('name' => $name, 'mail' => $mail)));
$this->assertTrue($new_user->status, t('New account is active after registration.'));
// Allow registration by site visitors, but require administrator approval.
variable_set('user_register', 2);
$edit = array();
$edit['name'] = $name;
$edit['pass'] = 'foo';
$this->drupalPost('user', $edit, t('Log in'));
$this->assertText(t('Sorry, unrecognized username or password. Have you forgotten your password?'), t('Invalid login attempt failed.'));
// Login using password reset page.
$url = user_pass_reset_url($user);
$this->drupalGet($url);
$this->assertText(t('This login can be used only once.'), t('Login can be used only once.'));
$this->drupalPost(NULL, NULL, t('Log in'));
$this->assertText(t('You have just used your one-time login link. It is no longer necessary to use this link to login. Please change your password.'), t('This link is no longer valid.'));
// Check password type validation
$edit['name'] = $name = $this->randomName();
$edit['mail'] = $mail = $edit['name'] . '@example.com';
$this->drupalPost('user/register', $edit, t('Create new account'));
$new_user = reset(user_load_multiple(array(), array('name' => $name, 'mail' => $mail)));
$this->assertFalse($new_user->status, t('New account is blocked until approved by an administrator.'));
}
function testRegistrationWithoutEmailVerification() {
// Don't require e-mail verification.
variable_set('user_email_verification', FALSE);
// Allow registration by site visitors without administrator approval.
variable_set('user_register', 1);
$edit = array();
$edit['name'] = $name = $this->randomName();
$edit['mail'] = $mail = $edit['name'] . '@example.com';
// Try entering a mismatching password.
$edit['pass[pass1]'] = '99999.0';
$edit['pass[pass2]'] = '99999';
$this->drupalPost(NULL, $edit, t('Save'));
$this->drupalPost('user/register', $edit, t('Create new account'));
$this->assertText(t('The specified passwords do not match.'), t('Type mismatched passwords display an error message.'));
$this->assertNoText(t('The changes have been saved.'), t('Save user password with mismatched type in password confirm.'));
// Change user password.
$new_pass = user_password();
$edit = array();
$edit['pass[pass1]'] = $new_pass;
// Enter a correct password.
$edit['pass[pass1]'] = $new_pass = $this->randomName();
$edit['pass[pass2]'] = $new_pass;
$this->drupalPost(NULL, $edit, t('Save'));
$this->assertText(t('The changes have been saved.'), t('Password changed to @password', array('@password' => $new_pass)));
// Make sure password changes are present in database.
require_once DRUPAL_ROOT . '/' . variable_get('password_inc', 'includes/password.inc');
$user = user_load($user->uid, TRUE);
$this->assertTrue(user_check_password($new_pass, $user), t('Correct password in database.'));
// Logout of user account.
$this->clickLink(t('Log out'));
$this->assertNoText($user->name, t('Logged out.'));
// Login user.
$this->drupalPost('user/register', $edit, t('Create new account'));
$new_user = reset(user_load_multiple(array(), array('name' => $name, 'mail' => $mail)));
$this->assertText(t('Registration successful. You are now logged in.'), t('Users are logged in after registering.'));
$this->drupalLogout();
// Allow registration by site visitors, but require administrator approval.
variable_set('user_register', 2);
$edit = array();
$edit['name'] = $user->name;
$edit['pass'] = $new_pass;
$this->drupalPost('user', $edit, t('Log in'));
$this->assertText(t('Log out'), t('Logged in.'));
$edit['name'] = $name = $this->randomName();
$edit['mail'] = $mail = $edit['name'] . '@example.com';
$edit['pass[pass1]'] = $pass = $this->randomName();
$edit['pass[pass2]'] = $pass;
$this->drupalPost('user/register', $edit, t('Create new account'));
$this->assertText(t('Thank you for applying for an account. Your account is currently pending approval by the site administrator.'), t('Users are notified of pending approval'));
// Try to login before administrator approval.
$auth = array(
'name' => $name,
'pass' => $pass,
);
$this->drupalPost('user/login', $auth, t('Log in'));
$this->assertText(t('The username @name has not been activated or is blocked.', array('@name' => $name)), t('User cannot login yet.'));
$this->assertText($user->name, t('[logged in] Username found.'));
$this->assertNoText(t('Sorry. Unrecognized username or password.'), t('[logged in] No message for unrecognized username or password.'));
$this->assertNoText(t('User login'), t('[logged in] No user login form present.'));
// Activate the new account.
$new_user = reset(user_load_multiple(array(), array('name' => $name, 'mail' => $mail)));
$admin_user = $this->drupalCreateUser(array('administer users'));
$this->drupalLogin($admin_user);
$edit = array(
'status' => 1,
);
$this->drupalPost('user/' . $new_user->uid . '/edit', $edit, t('Save'));
$this->drupalLogout();
// Login after administrator approval.
$this->drupalPost('user/login', $auth, t('Log in'));
$this->assertText(t('Member for'), t('User can log in after administrator approval.'));
}
$this->drupalGet('user');
$this->assertText($user->name, t('[user auth] Not login page.'));
$this->assertText(t('View'), t('[user auth] Found view tab on the profile page.'));
$this->assertText(t('Edit'), t('[user auth] Found edit tab on the profile page.'));
function testRegistrationDefaultValues() {
// Allow registration by site visitors without administrator approval.
variable_set('user_register', 1);
// Don't require e-mail verification.
variable_set('user_email_verification', FALSE);
// Set the default timezone to Brussels.
variable_set('configurable_timezones', 1);
variable_set('date_default_timezone', 'Europe/Brussels');
$edit = array();
$edit['name'] = $name = $this->randomName();
$edit['mail'] = $mail = $edit['name'] . '@example.com';
$edit['pass[pass1]'] = $new_pass = $this->randomName();
$edit['pass[pass2]'] = $new_pass;
$this->drupalPost('user/register', $edit, t('Create new account'));
// Check user fields.
$new_user = reset(user_load_multiple(array(), array('name' => $name, 'mail' => $mail)));
$this->assertEqual($new_user->name, $name, t('Username matches.'));
$this->assertEqual($new_user->mail, $mail, t('E-mail address matches.'));
$this->assertEqual($new_user->theme, '', t('Correct theme field.'));
$this->assertEqual($new_user->signature, '', t('Correct signature field.'));
$this->assertTrue(($new_user->created > REQUEST_TIME - 20 ), t('Correct creation time.'));
$this->assertEqual($new_user->status, variable_get('user_register', 1) == 1 ? 1 : 0, t('Correct status field.'));
$this->assertEqual($new_user->timezone, variable_get('date_default_timezone'), t('Correct time zone field.'));
$this->assertEqual($new_user->language, '', t('Correct language field.'));
$this->assertEqual($new_user->picture, '', t('Correct picture field.'));
$this->assertEqual($new_user->init, $mail, t('Correct init field.'));
}
}
class UserValidationTestCase extends DrupalWebTestCase {
public static function getInfo() {
return array(
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment