fix [SF#611787]: ensure unique email addresses

enhance userauditor to make sure the email address is unique in the
tracker.

add a unittest for it.

Author: Justus Pendleton

templates/classic/detectors/userauditor.py

@@ -18,17 +18,24 @@
 # OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
 # SOFTWARE.
 #
-#$Id: userauditor.py,v 1.6 2007-08-31 17:45:16 jpend Exp $
+#$Id: userauditor.py,v 1.7 2007-09-06 16:52:19 jpend Exp $
 
 def audit_user_fields(db, cl, nodeid, newvalues):
     ''' Make sure user properties are valid.
 
         - email address has no spaces in it
+        - email address is unique
         - roles specified exist
         - timezone is valid
     '''
-    if newvalues.has_key('address') and ' ' in newvalues['address']:
-        raise ValueError, 'Email address must not contain spaces'
+    if newvalues.has_key('address'):
+        address = newvalues['address']
+        if address:
+            if ' ' in address:
+                raise ValueError, 'Email address must not contain spaces'
+            user = db.user.stringFind(address=address)
+            if len(user):
+                raise ValueError, 'Email address already in use'
 
     for rolename in [r.lower().strip() for r in newvalues.get('roles', '').split(',')]:
             if rolename and not db.security.role.has_key(rolename):

templates/minimal/detectors/userauditor.py

@@ -18,17 +18,23 @@
 # OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
 # SOFTWARE.
 #
-#$Id: userauditor.py,v 1.5 2007-08-31 17:45:17 jpend Exp $
+#$Id: userauditor.py,v 1.6 2007-09-06 16:52:20 jpend Exp $
 
 def audit_user_fields(db, cl, nodeid, newvalues):
     ''' Make sure user properties are valid.
 
         - email address has no spaces in it
+        - email address is unique
         - roles specified exist
         - timezone is valid
     '''
-    if newvalues.has_key('address') and ' ' in newvalues['address']:
-        raise ValueError, 'Email address must not contain spaces'
+    if newvalues.has_key('address'):
+        address = newvalues['address']
+        if ' ' in address:
+            raise ValueError, 'Email address must not contain spaces'
+        user = db.user.stringFind(address=address)
+        if len(user):
+            raise ValueError, 'Email address already in use'
 
     for rolename in [r.lower().strip() for r in newvalues.get('roles', '').split(',')]:
             if rolename and not db.security.role.has_key(rolename):

test/test_userauditor.py

@@ -1,4 +1,4 @@
-# $Id: test_userauditor.py,v 1.2 2007-08-31 17:45:17 jpend Exp $
+# $Id: test_userauditor.py,v 1.3 2007-09-06 16:52:20 jpend Exp $
 
 import os, unittest, shutil
 from db_test_base import setupTracker
@@ -61,6 +61,12 @@ def testBadEmailAddresses(self):
         userid = self.db.user.lookup('kyle')
         self.assertRaises(ValueError, self.db.user.set, userid, address='kyle @ example.com')
 
+    def testUniqueEmailAddresses(self):
+        self.db.user.create(username='kenny', address='[email protected]')
+        self.assertRaises(ValueError, self.db.user.create, username='test_user01', address='[email protected]')
+        uid = self.db.user.create(username='eric', address='[email protected]')
+        self.assertRaises(ValueError, self.db.user.set, uid, address='[email protected]')
+
     def testBadRoles(self):
         userid = self.db.user.lookup('kyle')
         self.assertRaises(ValueError, self.db.user.set, userid, roles='BadRole')