Description of problem: login name could be changed to whitespace, then I could not change it back. Version-Release number of selected component (if applicable): 0.14.1 beaker-devel env How reproducible: always Steps to Reproduce: 1. Admin->Accounts->clicking my account name. 2. change my login name to one whitespace. 3. save changes. Actual results: my account login name was changed to whitespace, then I can't change it back. Expected results: it's better to avoid changing login name due to our accounts are actually controlled by kerbros. Additional info:
display name also could be changed to whitespace.
I think it's fine that you can change your username, even though it was populated through LDAP. Beaker supports accounts outside of LDAP/Kerberos even when it's being used (not to mention sites which don't use LDAP/Kerberos at all). I'm not sure about allowing whitespace in usernames. It would be invalid in many authentication mechanisms, but not necessarily in *every* one, so I don't think Beaker should necessarily forbid it unless there is a good reason. But yes, changing it to *only* whitespace characters is a problem because when it's rendered in HTML on the accounts page you can no longer click it. So we definitely need a stricter validator for the username. (In reply to wangjing from comment #1) > display name also could be changed to whitespace. I don't think Beaker should enforce any restrictions on display names, so I'm fine with this as it is.
(In reply to Dan Callaghan from comment #3) > (In reply to wangjing from comment #1) > > display name also could be changed to whitespace. > > I don't think Beaker should enforce any restrictions on display names, so > I'm fine with this as it is. on webUI, user display name appears at some places, such as submission delegates list on prefs page, so it's better to restrict displayname not to be *only* whitespace characters either(same way as login name), or else the blank display may be confused. if need, I could file this issue as an RFE.
I'm pretty sure we do Python "if" checks against display name to decide whether or not to fall back to showing the username instead, so +1 on banning whitespace-only display names in addition to whitespace-only usernames.
On Gerrit: http://gerrit.beaker-project.org/3060
(In reply to luliu from comment #8) > Suggestion:Beaker should supports accounts on both LDAP and local user > db,for example, if I change my username to a name which is not a Kerberos > name,Beaker should check the account via local db Beaker does allow that currently. The problem here is that there is now a Beaker account "a" with your e-mail address, and so when you log in using your LDAP account "luliu" Beaker fails to create a new account for you because the e-mail address is duplicate. It's really a separate, existing issue so I have filed bug 1095010 for it.
(In reply to Dan Callaghan from comment #9) > The problem here is that there is now a Beaker account "a" with your e-mail > address, and so when you log in using your LDAP account "luliu" Beaker fails > to create a new account for you because the e-mail address is duplicate. > > It's really a separate, existing issue so I have filed bug 1095010 for it. If you work around this by changing the e-mail address of "a" to something different, then you will be able to log in. This bug is just about preventing usernames and display names that only contain whitespace, so I think it should be VERIFIED.
(In reply to Dan Callaghan from comment #10) > (In reply to Dan Callaghan from comment #9) > > The problem here is that there is now a Beaker account "a" with your e-mail > > address, and so when you log in using your LDAP account "luliu" Beaker fails > > to create a new account for you because the e-mail address is duplicate. > > > > It's really a separate, existing issue so I have filed bug 1095010 for it. > > If you work around this by changing the e-mail address of "a" to something > different, then you will be able to log in. > Yes, I have helped to change "a"'s email to something different, and the original account can login now. > This bug is just about preventing usernames and display names that only > contain whitespace, so I think it should be VERIFIED. Change it to verified.
This bug fix has been applied to the release-0.16 branch, however we have elected not to do another maintenance release of the 0.16.x series. This fix will be included in 0.17.0 instead.
Beaker 0.17.0 has been released.