Details

    • Type: Bug Bug
    • Status: Closed
    • Priority: Major Major
    • Resolution: Fixed
    • Affects Version/s: 2.2, 2.3.1, 2.4
    • Fix Version/s: 2.2.5, 2.3.2
    • Component/s: Authentication
    • Labels:
    • Rank:
      43777

      Description

      Recently a couple of admins at moodle.cz reported that their guest user got deleted after upgrade. Here are links to the relevant discussions in Czech:

      I have a suspicion there might be a bug in the recent 2.2 and 2.3 code causing this. Surely it is difficult to reproduce but we might prevent guest and admin users being deleted via delete_user() and the thrown exception might help to diagnose the problem (credits to Skodak for this idea).

        Issue Links

          Activity

          Hide
          Petr Škoda added a comment -

          Thanks for the report, I have added delete_user() parameter validation which detects different types of problems including deleting of guest account. In the end I have decided to throw exception only for non-user record parameter and return false + print debugging message if user does not exist, is guest account or is one of local admins.

          Show
          Petr Škoda added a comment - Thanks for the report, I have added delete_user() parameter validation which detects different types of problems including deleting of guest account. In the end I have decided to throw exception only for non-user record parameter and return false + print debugging message if user does not exist, is guest account or is one of local admins.
          Hide
          Eloy Lafuente (stronk7) added a comment -

          Integrated (22, 23 & master), thanks!

          Show
          Eloy Lafuente (stronk7) added a comment - Integrated (22, 23 & master), thanks!
          Hide
          Eloy Lafuente (stronk7) added a comment -

          phpunit ran ok

          Show
          Eloy Lafuente (stronk7) added a comment - phpunit ran ok
          Hide
          Eloy Lafuente (stronk7) added a comment -

          Many thanks for the hard work.

          These changes have been spread upstream and are already available in the git and cvs repositories.

          Ciao

          Show
          Eloy Lafuente (stronk7) added a comment - Many thanks for the hard work. These changes have been spread upstream and are already available in the git and cvs repositories. Ciao
          Hide
          Roberto Pinna added a comment -

          I think I understand why guest user was deleted.

          In /lib/cronlib.php (line 92-107) there is a check for incomplete users that try to delete users without firstname, lastname or email field valued.
          If admin enabled this check, guest user was deleted, before Petr patch. Now an exception is throw.

          The real problem is how guest user record is set. Firstname is "Guest user" but no lastname is set. We can do as for admin user with "Guest" as firstname and "user" as lastname.

          Ciao

          Show
          Roberto Pinna added a comment - I think I understand why guest user was deleted. In /lib/cronlib.php (line 92-107) there is a check for incomplete users that try to delete users without firstname, lastname or email field valued. If admin enabled this check, guest user was deleted, before Petr patch. Now an exception is throw. The real problem is how guest user record is set. Firstname is "Guest user" but no lastname is set. We can do as for admin user with "Guest" as firstname and "user" as lastname. Ciao
          Hide
          Petr Škoda added a comment -

          Thanks Roberto! I have created a new issue MDL-40558 and submitted a patch for integration.

          Show
          Petr Škoda added a comment - Thanks Roberto! I have created a new issue MDL-40558 and submitted a patch for integration.

            People

            • Votes:
              1 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: