View Issue Details
|ID||Project||Category||View Status||Date Submitted||Last Update|
|0024720||mantisbt||ldap||public||2018-09-01 18:24||2023-02-22 19:21|
|Target Version||2.25.6||Fixed in Version||2.25.6|
|Summary||0024720: Editing user with use_ldap_email = ON empties email address|
I'm using LDAP in MantisBT and use_ldap_email = ON
When i, as administrator, edit a user and save the changes, the email address field is emptied.
Please make it so that a users data that is connected to LDAP is not lost on edits to a user
|Steps To Reproduce|
In a situation where LDAP is enabled and use_ldap_email = ON
|Tags||No tags attached.|
I can't reproduce this.
When use_ldap_email = ON, manage_user_update.php queries the ldap server for the user's e-mail, and updates the DB accordingly.
Just tested this with the latest master from git
image-2.png (20,492 bytes)
image-2.png (20,492 bytes)
After some more testing I've found two situations under which the email address is emptied
Not sure whether that was the case in the past or if situation has improved and it's only the above cases that are left
Right, I get it now... I didn't think of testing the scenario of a missing LDAP user of failed connection.
Behavior is confirmed as described, and the same applies to Real Name ($g_use_ldap_realname) as well.
I agree that we should definitely not clear the information in case of a connection error, but the same in the case of a user no longer existing in LDAP is debatable.
It would be quite trivial to not update the email or realname if the corresponding ldap_xxx function returns an empty string.
That being said, I'm wondering if that should not be considered an error preventing the update operation... @SL-Gundam What do you think ?
Note that these API functions do not make a difference between the user not found case vs the connection failed one, so a slightly different approach would be needed, if such distinction were needed.
People leave the company. This would result in the account being deleted from LDAP.
Personally i would go for the "Good solution" since a not working LDAP connection should already cause enough problems during login.
MantisBT: master 010f60cf
|Do not empty email, realname when updating with LDAP
When using LDAP with $g_use_ldap_email = ON or $g_use_ldap_realname = ON
and updating a user's record from manage_user_edit_page.php, the email
or realname fields were set to blank if the LDAP connection failed or
the user was not found in the directory.
This fixes the problem by keeping the old field value when the
ldap_email() or ldap_realname_from_username() functions return false.
|mod - manage_user_update.php||Diff File|