I've got a module which, when passed a new loginname by a visitor,
authenticates itself as an admin user, creates a new account for the
user, and e-mails a new password to that user. It's been working well
for a year or more through several previous versions. It works
perfectly with 2.4.104. (I just re-verified it again.)
However, under 2.6.2 what this module appears to be doing is, rather
than creating a new user, it's renaming the admin user to the name
submitted by the visitor, and changing the admin user's password to the
newly generated one (and of course, e-mailing that to the visitor, who
now becomes admin!)
My module's logic is simple; pseudocoded (minor details removed for
clarity) it is roughly as follows:
wikiSession = WikiSession.guestSession(wiki);
try {
if(wiki.getAuthenticationManager().login(wikiSession,
admin_name, admin_pass) == true) {
UserManager manager = wiki.getUserManager();
UserProfile profile =
manager.getUserDatabase().newProfile();
profile.setLoginName( lname );
profile.setEmail( email );
profile.setFullname( fname );
profile.setPassword( pwd );
profile.setWikiName( wname );
manager.setUserProfile(wikiSession,profile);
manager.getUserDatabase().save(profile);
manager.getUserDatabase().commit();
}
} catch (Exception e) {
System.out.println("Error in login - "+e.getMessage());
} finally {
wikiSession.invalidate();
}
Now, I realize this isn't the way that UserManager is normally used.
But I don't frankly see any logical reason you shouldn't be able to do
it this way.
My suspicion is that the new feature recently added - to rename users -
is causing some different internal behavior. I did a little initial
poking around UserManager.setUserProfile(), I notice that there has
indeed been a rename function inserted into this method. (I also notice
that the call to getUserDatabase().commit is missing in 2.6.2.
I hope that someone who understands the logic of this process can give
me a hand in understanding the changes.
