Moodle

auth/db fails to undelete users, as the username field has been munged.

Details

  • Type: Sub-task Sub-task
  • Status: Open Open
  • Priority: Major Major
  • Resolution: Unresolved
  • Affects Version/s: 1.9
  • Fix Version/s: DEV backlog
  • Component/s: Authentication
  • Labels:
  • Affected Branches:
    MOODLE_19_STABLE

Description

When the code in auth/db/auth.php looks for users to revive, it seems to be looking for users in mdl_user who have a matching username to the external list, as well as deleted=1.
It finds none, since the username has been reset to email.timestamp and hence doesn't match.

I've made a patch to fix this, but I'm not sure how ideal it is.

This is a big problem at the moment for a Moodle integration I'm working on.

Issue Links

This issue is duplicated by:
MDL-13162 auth/db should reset email when undeleting users Minor Closed
This issue has a non-specific relationship to:
MDL-13563 Hiding but not deleting users who are suspended in LDAP Major Open
This issue has been marked as being related by:
MDL-30718 Method sync_users() @ "/auth/db/auth.php" does not register mdl_user->timecreated property. Minor Closed

Activity

Ascending order - Click to sort in descending order
Hide
Permalink
Luke Hudson added a comment -

Patch to provide a fix for the undeletion bug.

Show
Luke Hudson added a comment - Patch to provide a fix for the undeletion bug.
Hide
Permalink
Martin Dougiamas added a comment -

This should be pretty straightforward.

Show
Martin Dougiamas added a comment - This should be pretty straightforward.
Hide
Permalink
Petr Škoda (skodak) added a comment -

I do not think it is that simple
1/ we should do the same in ldap
2/ we need to check the original auth type when undeleting
3/ deletingm undeleting, suspending and unsuspending should have each special function in core - we should not touch db directly

working on solution

Show
Petr Škoda (skodak) added a comment - I do not think it is that simple 1/ we should do the same in ldap 2/ we need to check the original auth type when undeleting 3/ deletingm undeleting, suspending and unsuspending should have each special function in core - we should not touch db directly working on solution
Hide
Permalink
Martin Dougiamas added a comment -

Hey, Petr, do you have any code for this one? it's the last major bug for 1.9

Show
Martin Dougiamas added a comment - Hey, Petr, do you have any code for this one? it's the last major bug for 1.9
Hide
Permalink
Petr Škoda (skodak) added a comment -

I started this but did not finish it yet, I am not able to finish this in less than a week, sorry.
It needs changes in auth API and testing with all auth modules.

My +1 to do this properly in 1.9.1

Show
Petr Škoda (skodak) added a comment - I started this but did not finish it yet, I am not able to finish this in less than a week, sorry. It needs changes in auth API and testing with all auth modules. My +1 to do this properly in 1.9.1
Hide
Permalink
Petr Škoda (skodak) added a comment -

Proposing removal of the current "undelete" implementation and replacing it with "suspend/revive" - see MDL-13563

The major problem with undelete is that there might be several candidates for undelete with the same original username, conflicting email, etc. - it is definitely not safe to undelete user automatically.
I think there should be only manual undelete option in UI.

Show
Petr Škoda (skodak) added a comment - Proposing removal of the current "undelete" implementation and replacing it with "suspend/revive" - see MDL-13563 The major problem with undelete is that there might be several candidates for undelete with the same original username, conflicting email, etc. - it is definitely not safe to undelete user automatically. I think there should be only manual undelete option in UI.
Hide
Permalink
Luke Hudson added a comment -

We do need some ability to undelete a user automatically, however, as several of the clients I've worked with require this as part of the integration with their SMS.... Just my 2c – see http://xe.com/ucc for conversion into local currency

Cheers – Luke

Show
Luke Hudson added a comment - We do need some ability to undelete a user automatically, however, as several of the clients I've worked with require this as part of the integration with their SMS.... Just my 2c – see http://xe.com/ucc for conversion into local currency Cheers – Luke
Hide
Permalink
Howard Miller added a comment -

Vote +1 for this being sorted in LDAP. When users are deleted they are effectively blocked with the only solution being a database hack. Not good

Show
Howard Miller added a comment - Vote +1 for this being sorted in LDAP. When users are deleted they are effectively blocked with the only solution being a database hack. Not good
Hide
Permalink
Petr Škoda (skodak) added a comment -

The automatic undelete is not safe, it can go wrong in several different ways

Retargeting for 2.0 - we need to implement proper suspending of users, user account purging, etc.

Show
Petr Škoda (skodak) added a comment - The automatic undelete is not safe, it can go wrong in several different ways Retargeting for 2.0 - we need to implement proper suspending of users, user account purging, etc.

People

Vote (2)
Watch (9)

Dates

  • Created:
    Updated:
Atlassian JIRA (v4.4.5#665-sha1:422aead) | Report a problem
Powered by a free Atlassian JIRA open source license for Moodle. Try JIRA - bug tracking software for your team.