1070730 – User email validation doesn't exactly match specification

Red Hat Satellite engineering is moving the tracking of its product development work on Satellite to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "Satellite project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs will be migrated starting at the end of May. If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "Satellite project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/SAT-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.

Bug 1070730 - User email validation doesn't exactly match specification

Summary: User email validation doesn't exactly match specification

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Red Hat Satellite
Classification:	Red Hat
Component:	Users & Roles
Sub Component:
Version:	Nightly
Hardware:	Unspecified
OS:	Unspecified
Priority:	low
Severity:	low
Target Milestone:	Unspecified
Assignee:	Christine Fouant
QA Contact:	Tazim Kolhar
Docs Contact:
URL:	http://projects.theforeman.org/issues...
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2014-02-27 13:02 UTC by Ales Dujicek
Modified:	2017-02-23 21:18 UTC (History)
CC List:	4 users (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2015-08-12 05:08:00 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Foreman Issue Tracker	5811	0	None	None	None	2016-04-22 16:37:45 UTC
Red Hat Product Errata	RHSA-2015:1592	0	normal	SHIPPED_LIVE	Important: Red Hat Satellite 6.1.1 on RHEL 6	2015-08-12 09:04:35 UTC

Description Ales Dujicek 2014-02-27 13:02:16 UTC

Description of problem:

hammer accepts invalid email addresses when creating users:

for example:
# hammer user create --auth-source-id 1 --password testing --login user1 --mail "specialchars():;@example.com"
User created

# hammer user create --auth-source-id 1 --password testing --login user2 --mail 's p a c e s'
User created

# hammer user create --auth-source-id 1 --password testing --login user3 --mail 'dots..'
User created

# hammer user list
ID  | LOGIN | NAME       | EMAIL 
163 | user1 |            | specialchars():;@example.com
165 | user2 |            | spaces          
166 | user3 |            | dots..          


and it also accepts empty string as email address:
# hammer user create --login user4 --mail '' --auth-source-id 1 --password pass
User created


and does not accept (unusual) valid addresses (see http://en.wikipedia.org/wiki/Email_address#Valid_email_addresses):
e.g.:
# hammer user create --login user5 --mail '"very.unusual.@.unusual.com"@example.com' --auth-source-id 1 --password pass
Could not create the user:
  Email address is invalid



Version-Release number of selected component (if applicable):
foreman-postgresql-1.5.0-0.develop.201402250936git8cf1033.el6.noarch
foreman-release-1.5.0-0.develop.201402250936git8cf1033.el6.noarch
dell-pem710-01.rhts.eng.bos.redhat.com-foreman-proxy-1.0-1.noarch
foreman-proxy-1.5.0-0.develop.201402201704gita25e7b9.el6.noarch
dell-pem710-01.rhts.eng.bos.redhat.com-foreman-client-1.0-1.noarch
rubygem-foreman_api-0.1.11-1.el6.noarch
foreman-1.5.0-0.develop.201402250936git8cf1033.el6.noarch
rubygem-hammer_cli_foreman-0.0.18-1.el6.noarch
foreman-selinux-1.5.0-0.develop.201401221845git5f25c33.el6.noarch
rubygem-hammer_cli-0.0.18-1.el6.noarch
rubygem-hammer_cli_katello-0.0.3-1.el6.noarch


How reproducible:
always

Comment 2 Bryan Kearney 2014-03-28 20:37:31 UTC

Spaces are removed by foreman by default. That explains the first two issues. The current code does not catch .. as an invalid email.

Comment 4 Dominic Cleal 2014-05-20 12:25:48 UTC

Permitting user creation with no e-mail address is expected behaviour, as it forces the user to set one on first login.

Comment 5 Dominic Cleal 2014-05-20 12:26:18 UTC

Created redmine issue http://projects.theforeman.org/issues/5811 from this bug

Comment 7 Christine Fouant 2014-09-17 17:48:53 UTC

Okay, I've worked out a regular expression that would handle all of wiki's current definition of valid email addresses. However, I don't know that we want to accept all of these forms: specifically, the "quoted string form" which allows for special characters like spaces, backslash, etc. Essentially, we would have to get rid of the normalize_mail method if we want to do the quoted string form. It makes the validation extremely messy, and think it's such an unusual format that it is highly unlikely it would be encountered anyhow. 

I also think ignoring the direct IP address as input for the domain of the email address is wise. However, I'd like some feedback before moving forward on the code input.

Comment 8 Dominic Cleal 2014-09-18 07:13:39 UTC

This is the wrong place to request feedback - ask in the upstream community, either in a pull request or on the -dev mailing list or IRC channel.

Comment 9 Bryan Kearney 2014-09-25 16:01:34 UTC

Moving to POST since upstream bug http://projects.theforeman.org/issues/5811 has been closed
-------------
Christine Fouant
Applied in changeset commit:bd6b42715d2052c99f285dac9b919c27b36453a4.

Comment 10 Tazim Kolhar 2014-10-10 10:27:24 UTC

VERIFIED

*** This bug is verified in upstream.  This fix should eventually land in future downstream builds ***

# rpm -qa | grep foreman
foreman-gce-1.7.0-0.develop.201410081938git1cf31c6.el7.noarch
ruby193-rubygem-foreman_discovery-1.4.0-0.1.rc4.el7.noarch
hp-bl420cgen8-01.rhts.eng.bos.redhat.com-foreman-proxy-1.0-1.noarch
foreman-compute-1.7.0-0.develop.201410081938git1cf31c6.el7.noarch
ruby193-rubygem-foreman_hooks-0.3.7-2.el7.noarch
rubygem-hammer_cli_foreman_tasks-0.0.3-2.201409091410git163c264.git.0.988ca80.el7.noarch
foreman-release-1.7.0-0.develop.201410071158git54141ab.el7.noarch
foreman-proxy-1.7.0-0.develop.201410081229git52f0bac.el7.noarch
hp-bl420cgen8-01.rhts.eng.bos.redhat.com-foreman-client-1.0-1.noarch
foreman-ovirt-1.7.0-0.develop.201410081938git1cf31c6.el7.noarch
ruby193-rubygem-foreman-tasks-0.6.9-1.el7.noarch
foreman-selinux-1.7.0-0.develop.201409301113git2f345de.el7.noarch
foreman-postgresql-1.7.0-0.develop.201410081938git1cf31c6.el7.noarch
foreman-vmware-1.7.0-0.develop.201410081938git1cf31c6.el7.noarch
ruby193-rubygem-foreman_bootdisk-4.0.0-1.el7.noarch
foreman-1.7.0-0.develop.201410081938git1cf31c6.el7.noarch
foreman-libvirt-1.7.0-0.develop.201410081938git1cf31c6.el7.noarch
rubygem-hammer_cli_foreman-0.1.3-1.201409191432gitc38f9c8.el7.noarch

# hammer user create --auth-source-id 1 --password testing --login user1 --mail "specialchars():;@example.com"
[Foreman] username: admin
[Foreman] password for admin: 
Could not create the user:
  Email address is invalid

# hammer user create --auth-source-id 1 --password testing --login user1 --mail 'a c e s'
[Foreman] username: admin
[Foreman] password for admin: 
Could not create the user:
  Email address is invalid


hammer user create --auth-source-id 1 --password testing --login user1 --mail 'dots..'
[Foreman] username: admin
[Foreman] password for admin: 
Could not create the user:
  Email address is invalid

Comment 11 Bryan Kearney 2015-08-11 13:31:09 UTC

This bug is slated to be released with Satellite 6.1.

Comment 12 errata-xmlrpc 2015-08-12 05:08:00 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2015:1592

Note You need to log in before you can comment on or make changes to this bug.