From f6148ab777b2231cb047f54677d8d716954b062a Mon Sep 17 00:00:00 2001 From: Kyle M Hall Date: Mon, 31 Oct 2016 11:15:02 +0000 Subject: [PATCH] Bug 17494: Prevent duplicate tokens from getting stored Signed-off-by: Jonathan Druart Signed-off-by: Tomas Cohen Arazi Signed-off-by: Kyle M Hall --- Koha/Exceptions/Patron/Modification.pm | 12 ++++++++++++ Koha/Patron/Modification.pm | 19 +++++++++++++++++++ opac/opac-memberentry.pl | 3 +++ t/db_dependent/Koha_borrower_modifications.t | 20 ++++++++++++++++++-- 4 files changed, 52 insertions(+), 2 deletions(-) create mode 100644 Koha/Exceptions/Patron/Modification.pm diff --git a/Koha/Exceptions/Patron/Modification.pm b/Koha/Exceptions/Patron/Modification.pm new file mode 100644 index 0000000000..1068fbb549 --- /dev/null +++ b/Koha/Exceptions/Patron/Modification.pm @@ -0,0 +1,12 @@ +package Koha::Exceptions::Patron::Modification; + +use Modern::Perl; + +use Exception::Class ( + 'Koha::Exceptions::Koha::Patron::Modification::DuplicateVerificationToken' => { + isa => 'Koha::Exceptions::Object', + description => "The verification token given already exists", + }, +); + +1; diff --git a/Koha/Patron/Modification.pm b/Koha/Patron/Modification.pm index 54071723a6..63f124fdae 100644 --- a/Koha/Patron/Modification.pm +++ b/Koha/Patron/Modification.pm @@ -23,6 +23,9 @@ use Carp; use Koha::Database; +use Koha::Patron::Modifications; +use Koha::Exceptions::Patron::Modification; + use base qw(Koha::Object); =head1 NAME @@ -33,6 +36,22 @@ Koha::Patron::Modification - Class represents a request to modify or create a pa =cut +=head2 store + +=cut + +sub store { + my ($self) = @_; + + if ( $self->verification_token ) { + if ( Koha::Patron::Modifications->search( { verification_token => $self->verification_token } )->count() ) { + Koha::Exceptions::Koha::Patron::Modification::DuplicateVerificationToken->throw; + } + } + + return $self->SUPER::store(); +} + =head2 approve $m->approve(); diff --git a/opac/opac-memberentry.pl b/opac/opac-memberentry.pl index 6bdd66a32e..e03d50314e 100755 --- a/opac/opac-memberentry.pl +++ b/opac/opac-memberentry.pl @@ -139,6 +139,9 @@ if ( $action eq 'create' ) { $template->param( 'email' => $borrower{'email'} ); my $verification_token = md5_hex( time().{}.rand().{}.$$ ); + while ( Koha::Patron::Modifications->search( { verification_token => $verification_token } )->count() ) { + $verification_token = md5_hex( time().{}.rand().{}.$$ ); + } $borrower{password} = random_string(".........."); $borrower{verification_token} = $verification_token; diff --git a/t/db_dependent/Koha_borrower_modifications.t b/t/db_dependent/Koha_borrower_modifications.t index fb244953cb..80eb6e2d32 100755 --- a/t/db_dependent/Koha_borrower_modifications.t +++ b/t/db_dependent/Koha_borrower_modifications.t @@ -1,10 +1,12 @@ #!/usr/bin/perl use Modern::Perl; -use Test::More tests => 8; +use Test::More tests => 9; +use Try::Tiny; -use C4::Context; use t::lib::TestBuilder; + +use C4::Context; use C4::Members; BEGIN { @@ -27,6 +29,20 @@ Koha::Patron::Modification->new( } )->store(); +## Ensure duplicate verification tokens cannot be added to the database +try { + Koha::Patron::Modification->new( + { + verification_token => '1234567890', + surname => 'Hall', + firstname => 'Daria' + } + )->store(); +} catch { + ok( $_->isa('Koha::Exceptions::Koha::Patron::Modification::DuplicateVerificationToken'), + 'Attempting to add a duplicate verification token to the database should raise a Koha::Exceptions::Koha::Patron::Modification::DuplicateVerificationToken exception' ); +}; + ## Get the new pending modification my $borrower = Koha::Patron::Modifications->find( { verification_token => '1234567890' } ); -- 2.39.5