From c84751cbf5ce01c91fca16ef8b328e5595074dfd Mon Sep 17 00:00:00 2001
From: Dries Buytaert <dries@buytaert.net>
Date: Wed, 9 Sep 2009 11:27:00 +0000
Subject: [PATCH] - Patch #565290 by flobruit, chx: fixed user register when
configured not to use e-mails.
---
modules/user/user.module | 83 ++++++++----------
modules/user/user.test | 183 ++++++++++++++++++++++-----------------
2 files changed, 136 insertions(+), 130 deletions(-)
diff --git a/modules/user/user.module b/modules/user/user.module
index e2aa808c893a..13479217f852 100644
--- a/modules/user/user.module
+++ b/modules/user/user.module
@@ -2221,7 +2221,7 @@ function user_roles($membersonly = FALSE, $permission = NULL) {
* @param $role
* A string with the role name, or an integer with the role ID.
* @return
- * A fully-loaded role object if a role with the given name or ID
+ * A fully-loaded role object if a role with the given name or ID
* exists, FALSE otherwise.
*/
function user_role_load($role) {
@@ -2241,7 +2241,7 @@ function user_role_load($role) {
* @return
* Status constant indicating if role was created or updated.
* Failure to write the user role record will return FALSE. Otherwise.
- * SAVED_NEW or SAVED_UPDATED is returned depending on the operation
+ * SAVED_NEW or SAVED_UPDATED is returned depending on the operation
* performed.
*/
function user_role_save($role) {
@@ -2257,7 +2257,7 @@ function user_role_save($role) {
$status = drupal_write_record('role', $role);
module_invoke_all('user_role_insert', $role);
}
-
+
return $status;
}
@@ -2280,10 +2280,10 @@ function user_role_delete($role) {
db_delete('users_roles')
->condition('rid', $role->rid)
->execute();
-
+
// Clear the user access cache.
user_access(NULL, NULL, TRUE);
-
+
module_invoke_all('user_role_delete', $role);
}
@@ -2295,7 +2295,7 @@ function user_role_delete($role) {
* @param $permissions
* An array of permissions strings.
* @param $merge
- * A boolean indicating whether to add permissions or to merge
+ * A boolean indicating whether to add permissions or to merge
* with all existing permissions.
*/
function user_role_set_permissions($role, array $permissions = array(), $merge = FALSE) {
@@ -2971,57 +2971,42 @@ function user_register_submit($form, &$form_state) {
watchdog('user', 'New user: %name (%email).', array('%name' => $name, '%email' => $mail), WATCHDOG_NOTICE, l(t('edit'), 'user/' . $account->uid . '/edit'));
- // The first user may login immediately, and receives a customized welcome e-mail.
- if ($account->uid == 1) {
- drupal_set_message(t('Welcome to Drupal. You are now logged in as user #1, which gives you full control over your website.'));
- if (variable_get('user_email_verification', TRUE)) {
- drupal_set_message(t('</p><p> Your password is <strong>%pass</strong>. You may change your password below.</p>', array('%pass' => $pass)));
- }
-
- $form_state['values'] += $merge_data;
- user_authenticate(array_merge($form_state));
-
- $form_state['redirect'] = 'user/1/edit';
+ // Add plain text password into user account to generate mail tokens.
+ $account->password = $pass;
+ if ($admin && !$notify) {
+ drupal_set_message(t('Created a new user account for <a href="@url">%name</a>. No e-mail has been sent.', array('@url' => url("user/$account->uid"), '%name' => $account->name)));
+ }
+ elseif (!variable_get('user_email_verification', TRUE) && $account->status && !$admin) {
+ // No e-mail verification is required, create new user account, and login
+ // user immediately.
+ _user_mail_notify('register_no_approval_required', $account);
+ $form_state['uid'] = $account->uid;
+ user_login_submit(array(), $form_state);
+ drupal_set_message(t('Registration successful. You are now logged in.'));
+ $form_state['redirect'] = '';
return;
}
- else {
- // Add plain text password into user account to generate mail tokens.
- $account->password = $pass;
- if ($admin && !$notify) {
- drupal_set_message(t('Created a new user account for <a href="@url">%name</a>. No e-mail has been sent.', array('@url' => url("user/$account->uid"), '%name' => $account->name)));
- }
- elseif (!variable_get('user_email_verification', TRUE) && $account->status && !$admin) {
- // No e-mail verification is required, create new user account, and login
- // user immediately.
- _user_mail_notify('register_no_approval_required', $account);
- if (user_authenticate(array_merge($form_state['values'], $merge_data))) {
- drupal_set_message(t('Registration successful. You are now logged in.'));
- }
- $form_state['redirect'] = '';
- return;
- }
- elseif ($account->status || $notify) {
- // Create new user account, no administrator approval required.
- $op = $notify ? 'register_admin_created' : 'register_no_approval_required';
- _user_mail_notify($op, $account);
- if ($notify) {
- drupal_set_message(t('Password and further instructions have been e-mailed to the new user <a href="@url">%name</a>.', array('@url' => url("user/$account->uid"), '%name' => $account->name)));
- }
- else {
- drupal_set_message(t('Your password and further instructions have been sent to your e-mail address.'));
- $form_state['redirect'] = '';
- return;
- }
+ elseif ($account->status || $notify) {
+ // Create new user account, no administrator approval required.
+ $op = $notify ? 'register_admin_created' : 'register_no_approval_required';
+ _user_mail_notify($op, $account);
+ if ($notify) {
+ drupal_set_message(t('Password and further instructions have been e-mailed to the new user <a href="@url">%name</a>.', array('@url' => url("user/$account->uid"), '%name' => $account->name)));
}
else {
- // Create new user account, administrator approval required.
- _user_mail_notify('register_pending_approval', $account);
- drupal_set_message(t('Thank you for applying for an account. Your account is currently pending approval by the site administrator.<br />In the meantime, a welcome message with further instructions has been sent to your e-mail address.'));
+ drupal_set_message(t('Your password and further instructions have been sent to your e-mail address.'));
$form_state['redirect'] = '';
return;
-
}
}
+ else {
+ // Create new user account, administrator approval required.
+ _user_mail_notify('register_pending_approval', $account);
+ drupal_set_message(t('Thank you for applying for an account. Your account is currently pending approval by the site administrator.<br />In the meantime, a welcome message with further instructions has been sent to your e-mail address.'));
+ $form_state['redirect'] = '';
+ return;
+
+ }
}
/**
diff --git a/modules/user/user.test b/modules/user/user.test
index 9be01f80ec2d..7cba7c065d9a 100644
--- a/modules/user/user.test
+++ b/modules/user/user.test
@@ -5,109 +5,130 @@ class UserRegistrationTestCase extends DrupalWebTestCase {
public static function getInfo() {
return array(
'name' => 'User registration',
- 'description' => 'Registers a user, fails login, resets password, successfully logs in with the one time password, fails password change, changes password, logs out, successfully logs in with the new password, visits profile page.',
+ 'description' => 'Test registration of user under different configurations.',
'group' => 'User'
);
}
-
- /**
- * Registers a user, fails login, resets password, successfully logs in with the one time password,
- * changes password, logs out, successfully logs in with the new password, visits profile page.
- *
- * Assumes that the profile module is disabled.
- */
- function testUserRegistration() {
- // Set user registration to "Visitors can create accounts and no administrator approval is required."
+
+ function testRegistrationWithEmailVerification() {
+ // Require e-mail verification.
+ variable_set('user_email_verification', TRUE);
+
+ // Set registration to administrator only.
+ variable_set('user_register', 0);
+ $this->drupalGet('user/register');
+ $this->assertResponse(403, t('Registration page is inaccessible when only administrators can create accounts.'));
+
+ // Allow registration by site visitors without administrator approval.
variable_set('user_register', 1);
-
- // Enable user-configurable time zones, and set the default time zone to Brussels time.
- variable_set('configurable_timezones', 1);
- variable_set('date_default_timezone', 'Europe/Brussels');
-
$edit = array();
$edit['name'] = $name = $this->randomName();
$edit['mail'] = $mail = $edit['name'] . '@example.com';
$this->drupalPost('user/register', $edit, t('Create new account'));
$this->assertText(t('Your password and further instructions have been sent to your e-mail address.'), t('User registered successfully.'));
-
- // Check database for created user.
- $users = user_load_multiple(array(), array('name' => $name, 'mail' => $mail));
- $user = reset($users);
- $this->assertTrue($user, t('User found in database.'));
- $this->assertTrue($user->uid > 0, t('User has valid user id.'));
-
- // Check user fields.
- $this->assertEqual($user->name, $name, t('Username matches.'));
- $this->assertEqual($user->mail, $mail, t('E-mail address matches.'));
- $this->assertEqual($user->theme, '', t('Correct theme field.'));
- $this->assertEqual($user->signature, '', t('Correct signature field.'));
- $this->assertTrue(($user->created > REQUEST_TIME - 20 ), t('Correct creation time.'));
- $this->assertEqual($user->status, variable_get('user_register', 1) == 1 ? 1 : 0, t('Correct status field.'));
- $this->assertEqual($user->timezone, variable_get('date_default_timezone'), t('Correct time zone field.'));
- $this->assertEqual($user->language, '', t('Correct language field.'));
- $this->assertEqual($user->picture, '', t('Correct picture field.'));
- $this->assertEqual($user->init, $mail, t('Correct init field.'));
-
- // Attempt to login with incorrect password.
+ $new_user = reset(user_load_multiple(array(), array('name' => $name, 'mail' => $mail)));
+ $this->assertTrue($new_user->status, t('New account is active after registration.'));
+
+ // Allow registration by site visitors, but require administrator approval.
+ variable_set('user_register', 2);
$edit = array();
- $edit['name'] = $name;
- $edit['pass'] = 'foo';
- $this->drupalPost('user', $edit, t('Log in'));
- $this->assertText(t('Sorry, unrecognized username or password. Have you forgotten your password?'), t('Invalid login attempt failed.'));
-
- // Login using password reset page.
- $url = user_pass_reset_url($user);
- $this->drupalGet($url);
- $this->assertText(t('This login can be used only once.'), t('Login can be used only once.'));
-
- $this->drupalPost(NULL, NULL, t('Log in'));
- $this->assertText(t('You have just used your one-time login link. It is no longer necessary to use this link to login. Please change your password.'), t('This link is no longer valid.'));
-
- // Check password type validation
+ $edit['name'] = $name = $this->randomName();
+ $edit['mail'] = $mail = $edit['name'] . '@example.com';
+ $this->drupalPost('user/register', $edit, t('Create new account'));
+ $new_user = reset(user_load_multiple(array(), array('name' => $name, 'mail' => $mail)));
+ $this->assertFalse($new_user->status, t('New account is blocked until approved by an administrator.'));
+ }
+
+ function testRegistrationWithoutEmailVerification() {
+ // Don't require e-mail verification.
+ variable_set('user_email_verification', FALSE);
+
+ // Allow registration by site visitors without administrator approval.
+ variable_set('user_register', 1);
$edit = array();
+ $edit['name'] = $name = $this->randomName();
+ $edit['mail'] = $mail = $edit['name'] . '@example.com';
+
+ // Try entering a mismatching password.
$edit['pass[pass1]'] = '99999.0';
$edit['pass[pass2]'] = '99999';
- $this->drupalPost(NULL, $edit, t('Save'));
+ $this->drupalPost('user/register', $edit, t('Create new account'));
$this->assertText(t('The specified passwords do not match.'), t('Type mismatched passwords display an error message.'));
- $this->assertNoText(t('The changes have been saved.'), t('Save user password with mismatched type in password confirm.'));
- // Change user password.
- $new_pass = user_password();
- $edit = array();
- $edit['pass[pass1]'] = $new_pass;
+ // Enter a correct password.
+ $edit['pass[pass1]'] = $new_pass = $this->randomName();
$edit['pass[pass2]'] = $new_pass;
- $this->drupalPost(NULL, $edit, t('Save'));
- $this->assertText(t('The changes have been saved.'), t('Password changed to @password', array('@password' => $new_pass)));
-
- // Make sure password changes are present in database.
- require_once DRUPAL_ROOT . '/' . variable_get('password_inc', 'includes/password.inc');
-
- $user = user_load($user->uid, TRUE);
- $this->assertTrue(user_check_password($new_pass, $user), t('Correct password in database.'));
-
- // Logout of user account.
- $this->clickLink(t('Log out'));
- $this->assertNoText($user->name, t('Logged out.'));
-
- // Login user.
+ $this->drupalPost('user/register', $edit, t('Create new account'));
+ $new_user = reset(user_load_multiple(array(), array('name' => $name, 'mail' => $mail)));
+ $this->assertText(t('Registration successful. You are now logged in.'), t('Users are logged in after registering.'));
+ $this->drupalLogout();
+
+ // Allow registration by site visitors, but require administrator approval.
+ variable_set('user_register', 2);
$edit = array();
- $edit['name'] = $user->name;
- $edit['pass'] = $new_pass;
- $this->drupalPost('user', $edit, t('Log in'));
- $this->assertText(t('Log out'), t('Logged in.'));
+ $edit['name'] = $name = $this->randomName();
+ $edit['mail'] = $mail = $edit['name'] . '@example.com';
+ $edit['pass[pass1]'] = $pass = $this->randomName();
+ $edit['pass[pass2]'] = $pass;
+ $this->drupalPost('user/register', $edit, t('Create new account'));
+ $this->assertText(t('Thank you for applying for an account. Your account is currently pending approval by the site administrator.'), t('Users are notified of pending approval'));
+
+ // Try to login before administrator approval.
+ $auth = array(
+ 'name' => $name,
+ 'pass' => $pass,
+ );
+ $this->drupalPost('user/login', $auth, t('Log in'));
+ $this->assertText(t('The username @name has not been activated or is blocked.', array('@name' => $name)), t('User cannot login yet.'));
- $this->assertText($user->name, t('[logged in] Username found.'));
- $this->assertNoText(t('Sorry. Unrecognized username or password.'), t('[logged in] No message for unrecognized username or password.'));
- $this->assertNoText(t('User login'), t('[logged in] No user login form present.'));
+ // Activate the new account.
+ $new_user = reset(user_load_multiple(array(), array('name' => $name, 'mail' => $mail)));
+ $admin_user = $this->drupalCreateUser(array('administer users'));
+ $this->drupalLogin($admin_user);
+ $edit = array(
+ 'status' => 1,
+ );
+ $this->drupalPost('user/' . $new_user->uid . '/edit', $edit, t('Save'));
+ $this->drupalLogout();
+
+ // Login after administrator approval.
+ $this->drupalPost('user/login', $auth, t('Log in'));
+ $this->assertText(t('Member for'), t('User can log in after administrator approval.'));
+ }
- $this->drupalGet('user');
- $this->assertText($user->name, t('[user auth] Not login page.'));
- $this->assertText(t('View'), t('[user auth] Found view tab on the profile page.'));
- $this->assertText(t('Edit'), t('[user auth] Found edit tab on the profile page.'));
+ function testRegistrationDefaultValues() {
+ // Allow registration by site visitors without administrator approval.
+ variable_set('user_register', 1);
+
+ // Don't require e-mail verification.
+ variable_set('user_email_verification', FALSE);
+
+ // Set the default timezone to Brussels.
+ variable_set('configurable_timezones', 1);
+ variable_set('date_default_timezone', 'Europe/Brussels');
+
+ $edit = array();
+ $edit['name'] = $name = $this->randomName();
+ $edit['mail'] = $mail = $edit['name'] . '@example.com';
+ $edit['pass[pass1]'] = $new_pass = $this->randomName();
+ $edit['pass[pass2]'] = $new_pass;
+ $this->drupalPost('user/register', $edit, t('Create new account'));
+
+ // Check user fields.
+ $new_user = reset(user_load_multiple(array(), array('name' => $name, 'mail' => $mail)));
+ $this->assertEqual($new_user->name, $name, t('Username matches.'));
+ $this->assertEqual($new_user->mail, $mail, t('E-mail address matches.'));
+ $this->assertEqual($new_user->theme, '', t('Correct theme field.'));
+ $this->assertEqual($new_user->signature, '', t('Correct signature field.'));
+ $this->assertTrue(($new_user->created > REQUEST_TIME - 20 ), t('Correct creation time.'));
+ $this->assertEqual($new_user->status, variable_get('user_register', 1) == 1 ? 1 : 0, t('Correct status field.'));
+ $this->assertEqual($new_user->timezone, variable_get('date_default_timezone'), t('Correct time zone field.'));
+ $this->assertEqual($new_user->language, '', t('Correct language field.'));
+ $this->assertEqual($new_user->picture, '', t('Correct picture field.'));
+ $this->assertEqual($new_user->init, $mail, t('Correct init field.'));
}
}
-
class UserValidationTestCase extends DrupalWebTestCase {
public static function getInfo() {
return array(
--
GitLab