Ubuntu Single Sign On Client

User may register without validating the email address

Bug #667899 reported by Natalia Bidart
10
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Ubuntu Single Sign On Client
Status tracked in Trunk
Stable-1-0
Fix Released
High
Natalia Bidart
Trunk
Fix Released
Medium
Natalia Bidart
ubuntu-sso-client (Ubuntu)
Fix Released
Medium
Natalia Bidart
Maverick
Fix Released
Medium
Natalia Bidart
Natty
Fix Released
Medium
Natalia Bidart

Bug Description

If the user cancels the registration process before validating the email, the registration in the SSO server was completed but the preferred email was not set, so our SSO server can't process the ping request.

We need to check if the user has a validated email address before logging him in.

TEST CASE:

To test, run in this branch the following:

* killall ubuntu-sso-login; DEBUG=True PYTHONPATH=. ./bin/ubuntu-sso-login

* In d-feet, execute the method 'register' in the com.ubuntu.sso bus name, object path /credentials, interface name ApplicationCredentials.
Parameters must be something like:

'Ubuntu Two', '', '', 0

* Once you get the SSO GUI, register a non existent user and do not enter the validation code. Just close the window when the validation code is requested.

* Open the SSO GUI again using d-feet and try to register the same user, you'll get a "Email already registered" error.

* Click on "I already have an account..." to login, and try to login with the former user and pass.

Behavior expected:

 - The login process doesn't succeed but instead the email verification screen appears.

See original description

Related branches

lp:~nataliabidart/ubuntu-sso-client/handle-user-not-validated
Alejandro J. Cura (community): Approve
Roman Yepishev (community): Approve (fieldtest)
Diff: 447 lines (+181/-24)
6 files modified
ubuntu_sso/account.py (+21/-0)
ubuntu_sso/gui.py (+17/-2)
ubuntu_sso/main.py (+31/-18)
ubuntu_sso/tests/test_account.py (+37/-0)
ubuntu_sso/tests/test_gui.py (+37/-1)
ubuntu_sso/tests/test_main.py (+38/-3)
lp:~nataliabidart/ubuntu-sso-client/handle-user-not-validated-stable
Alejandro J. Cura (community): Approve
Roman Yepishev (community): Approve (fieldtest)
Diff: 449 lines (+173/-34)
4 files modified
ubuntu_sso/gui.py (+19/-6)
ubuntu_sso/main.py (+57/-24)
ubuntu_sso/tests/test_gui.py (+26/-1)
ubuntu_sso/tests/test_main.py (+71/-3)
lp:ubuntu/maverick-updates/ubuntu-sso-client
Natalia Bidart (nataliabidart)
Changed in ubuntu-sso-client:
status: New → Triaged
importance: Undecided → Medium
assignee: nobody → Naty Bidart (nataliabidart)
tags: added: desktop+ u1-natty
Natalia Bidart (nataliabidart)
Changed in ubuntu-sso-client (Ubuntu):
status: New → Triaged
importance: Undecided → Medium
assignee: nobody → Naty Bidart (nataliabidart)
Natalia Bidart (nataliabidart)
tags: added: u1-maverick-sru
Natalia Bidart (nataliabidart)
description: updated
description: updated
Natalia Bidart (nataliabidart)
description: updated
Brian Murray (brian-murray)
Changed in ubuntu-sso-client (Ubuntu Maverick):
status: New → Triaged
importance: Undecided → Medium
Natalia Bidart (nataliabidart)
Changed in ubuntu-sso-client (Ubuntu Maverick):
assignee: nobody → Naty Bidart (nataliabidart)
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package ubuntu-sso-client - 1.1.2-0ubuntu1

---------------
ubuntu-sso-client (1.1.2-0ubuntu1) natty; urgency=low

  * New upstream release:

    [ Natalia B. Bidart <email address hidden> ]
      * The success page is not shown until the backend notifies that the ping
      finished successfully (LP: #667893).
      * Added a new DBus signal UserNotValidated to indicate when a user is
      registered but not validated (LP: #667899).
      * Added new workflow so email validation is requested if necessary.
 -- Natalia Bidart (nessita) <email address hidden> Thu, 04 Nov 2010 11:00:45 -0300

Changed in ubuntu-sso-client (Ubuntu Natty):
status: Triaged → Fix Released
Revision history for this message
Martin Pitt (pitti) wrote : Please test proposed package

Accepted ubuntu-sso-client into maverick-proposed, the package will build now and be available in a few hours. Please test and give feedback here. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you in advance!

Changed in ubuntu-sso-client (Ubuntu Maverick):
status: Triaged → Fix Committed
tags: added: verification-needed
Revision history for this message
Natalia Bidart (nataliabidart) wrote :

Tested on a clean virtual machine with -proposed enabled. New version works as expected:

User is not logged in into SSO if the account doesn't have a validated email, the user is prompted for the verification code.

Martin Pitt (pitti)
tags: added: verification-done
removed: verification-needed
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package ubuntu-sso-client - 1.0.7-0ubuntu1

---------------
ubuntu-sso-client (1.0.7-0ubuntu1) maverick-proposed; urgency=low

  * New upstream release (1.0.6, 1.0.7):

    [ Natalia B. Bidart <email address hidden> ]
      * Added a new DBus signal UserNotValidated to indicate when a user is
      registered but not validated (LP: #667899).
      * Added new workflow so email validation is requested if necessary.
      * The verify email page should be always built, not only on registration.

    [ Alejandro J. Cura <email address hidden> ]
      * Store credentials on the keyring *only* from the main thread (LP:
      #656545).

  * New upstream release (1.0.5):

    [ Natalia B. Bidart <email address hidden> ]

      * Credentials are removed if the pinging to the server fails or any
      other exception occurs (LP: #660516).
 -- Natalia Bidart (nessita) <email address hidden> Thu, 04 Nov 2010 09:21:00 -0300

Changed in ubuntu-sso-client (Ubuntu Maverick):
status: Fix Committed → Fix Released
Ubuntu Foundations Team Bug Bot (crichton)
tags: added: testcase
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.