Details
-
Bug
-
Resolution: Won't Fix
-
Low
-
None
-
HCS 1.4.3
-
None
-
Severity 3 - Minor
Description
Summary
Each time a case change is made to an LDAP email, the user is un-confirmed in HipChat Server. The comparison of the email address doesn't seem to be case insensitive, thus the unwanted behavior since email addresses should be case insensitive.
Steps to Reproduce
- Bring up an HCS instance and connect it to an LDAP server
- Choose an existing user in your LDAP that's confirmed in HipChat Server already and change one or two characters from lower to upper case or vice versa
- Synchronise HipChat Server to LDAP
- Login as the user in question and notice the confirmation header "Your email address has not been confirmed. Please confirm your email address to enable all HipChat features. Resend confirmation email."
- If the user in question has an actual email address, an email will also be received
Expected Results
Ideally, case changes in email addresses should not un-confirm the user. As a matter of fact, we are checking the email case during login.
Actual Results
A change in the email case sets the confirmed column in the users table of the hipchat database back to 0 and the user has to confirm his account again. This can be quite confusing especially for users who didn't make the LDAP change themselves and don't understand why they're being asked to re-confirm their email address. Additionally, when the user is unconfirmed, the metadata column is still showing the old confirmation time. For example: {"confirmation_unix_time": 1473846489}
Workaround
Set confirmed to 1 manually via a SQL query for all un-confirmed users. You can use the command below to do so:
DBPASS=$(awk '/"pass"/ {gsub(/[",]/,"");print $2}' /hipchat/config/site.json) && mysql -uroot -p$DBPASS hipchat -e "UPDATE users SET confirmed=1 WHERE is_deleted=0 AND is_guest=0;"