Status: Gathering Interest (View Workflow)
Fix Version/s: None
Environment:- Using the standalone version
- CentOS 6.0 final
- java version "1.6.0_14"
Java(TM) SE Runtime Environment (build 1.6.0_14-b08)
Java HotSpot(TM) 64-Bit Server VM (build 14.0-b16, mixed mode)
When using the Crowd Rest API to update a user one can send an xml message like this to activate a user:
This update will succeed leaving the user in an invalid state:
- The email address is empty
- The first name is empty
- The last name now contains the username
I suggest the following fixes:
- Make sure you can never leave a user in an invalid state. In this case I would expect another status_code
- Not providing a field should not result in emptying it when updating.