Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-52610

\core_user_external::create_users not look at $CFG->allowaccountssameemail

    XMLWordPrintable

    Details

    • Testing Instructions:
      Hide
      1. Set debugging mode on
      2. Set allowaccountssameemail config setting to false
      3. Enable web services
      4. Create a user with email you@whatever.com through create_users web service function
      5. The user SHOULD be created and you should get no errors no warnings
      6. Try to create another user with the same email through create_users web service function
      7. You SHOULD NOT be able to create it as the email address would be duplicated
      8. Set allowaccountssameemail config setting to true
      9. Try to create another user with the same email through create_users web service function
      10. You SHOULD be able to create it now
      Show
      Set debugging mode on Set allowaccountssameemail config setting to false Enable web services Create a user with email you@whatever.com through create_users web service function The user SHOULD be created and you should get no errors no warnings Try to create another user with the same email through create_users web service function You SHOULD NOT be able to create it as the email address would be duplicated Set allowaccountssameemail config setting to true Try to create another user with the same email through create_users web service function You SHOULD be able to create it now
    • Affected Branches:
      MOODLE_30_STABLE
    • Fixed Branches:
      MOODLE_29_STABLE, MOODLE_30_STABLE
    • Pull from Repository:
    • Pull Master Branch:
      MDL-52610_master

      Description

      In admin panel there is setting allowaccountssameemail:
      If enabled, more than one user account can share the same email address. This may result in security or privacy issues, for example with the password change confirmation email.

      But \core_user_external::create_users not use it.
      See moodle/user/externallib.php:197

      } else if ($DB->record_exists('user', array('email' => $user['email'], 'mnethostid' => $user['mnethostid']))) {

      it must be:

      } else if (empty($CFG->allowaccountssameemail) && $DB->record_exists('user', array('email' => $user['email'], 'mnethostid' => $user['mnethostid']))) {

        Attachments

          Activity

            People

            • Votes:
              0 Vote for this issue
              Watchers:
              5 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved:
                Fix Release Date:
                14/Mar/16