Item6542: User registration fails to save email in user topic

$TWiki::cfg{PasswordManager} = 'none';

$TWiki::cfg{Register}{AllowLoginName} = 1;

Authentication is configured in apache and uses Kerberos.

When a member of TWikiAdminGroup registers a user this apparently succeeds but displays

an oops (see also bug 6541). The oops comes from a subtle caching bug in TWiki and is

triggered when TWiki::UI::Register::complete() stores the email address

using $users->setEmails().

What happens is that at some point in the call tree of complete() the function

TWiki::Users::getWikiName() is called with the wiki name of the user

as cUID. This is wrong of course, it should be called with the login. This call

uses the code at the end of getWikiName() which computes $cUID and

$wikiname to be the same and caches that fact.

When TWiki::Users::TWikiUserMapping::mapper_setEmails()

wants to store the email as the user it will fail because access control checks will use the

cached user entry and fails to look up the correct login for the wiki name.

There are several ways to fix this and I leave it to the wise to decide which is best in the long run:

• Do not cache the data generated by the fallback code path in getWikiName().
• Fixing setEmails() that it saves the information as TWikiRegistrationAgent and not as the user.
• Flushing the cached user credentials at the end of TWiki::expandVariablesOnTopicCreation().

$this->{users}->{cUID2WikiName} = {};

$this->{users}->{cUID2Login} = {};

before the final return. This is ugly but I got rid of the oops.

Oh, and please remove that note in expandVariablesOnTopicCreation() about the user change

being safe because it obviously isn't in something as comples as TWiki.

-- TWiki:Main/StefanWalter - 2010-08-17