[interchange-cvs] interchange - jon modified lib/Vend/UserDB.pm
interchange-cvs at icdevgroup.org
interchange-cvs at icdevgroup.org
Thu Apr 7 22:46:41 EDT 2005
User: jon
Date: 2005-04-08 02:46:41 GMT
Modified: lib/Vend UserDB.pm
Log:
Re-order writing of foreign and password fields.
When you create a new account, it calls $udb->set_field first for
password, then it calls it again for the indirect login "foreign"
column if the indirect login was specified. The problem with this:
it creates a race condition in which a record momentarily exists with
a blank value in that foreign column, which is treated by Interchange
as if it has a unique constraint upon it (which it well may if it's
a foreign key constraint).
Therefore, this reverses the order in which these things happen, so
the password is populated second. If indirect_login isn't specified,
then there's no practical difference.
Really, there's a larger problem in how this is set up, because this
approach doesn't permit you to have NOT NULL constraints on columns in
the user table. This should probably be re-written so it can populate
the entire record at once instead of in several steps leaving some fields
empty at first.
Patch from Ethan Rowe <ethan at endpoint.com>.
Revision Changes Path
2.35 +9 -9 interchange/lib/Vend/UserDB.pm
rev 2.35, prev_rev 2.34
Index: UserDB.pm
===================================================================
RCS file: /var/cvs/interchange/lib/Vend/UserDB.pm,v
retrieving revision 2.34
retrieving revision 2.35
diff -u -u -r2.34 -r2.35
--- UserDB.pm 5 Mar 2005 19:01:54 -0000 2.34
+++ UserDB.pm 8 Apr 2005 02:46:41 -0000 2.35
@@ -1,6 +1,6 @@
# Vend::UserDB - Interchange user database functions
#
-# $Id: UserDB.pm,v 2.34 2005/03/05 19:01:54 mheins Exp $
+# $Id: UserDB.pm,v 2.35 2005/04/08 02:46:41 jon Exp $
#
# Copyright (C) 2002-2003 Interchange Development Group
# Copyright (C) 1996-2002 Red Hat, Inc.
@@ -17,7 +17,7 @@
package Vend::UserDB;
-$VERSION = substr(q$Revision: 2.34 $, 10);
+$VERSION = substr(q$Revision: 2.35 $, 10);
use vars qw!
$VERSION
@@ -1511,13 +1511,6 @@
die errmsg("Username already exists.") . "\n";
}
- my $pass = $udb->set_field(
- $self->{USERNAME},
- $self->{LOCATION}{PASSWORD},
- $pw,
- );
- die errmsg("Database access error.") . "\n" unless defined $pass;
-
if($foreign) {
$udb->set_field(
$self->{USERNAME},
@@ -1526,6 +1519,13 @@
)
or die errmsg("Database access error.");
}
+
+ my $pass = $udb->set_field(
+ $self->{USERNAME},
+ $self->{LOCATION}{PASSWORD},
+ $pw,
+ );
+ die errmsg("Database access error.") . "\n" unless defined $pass;
if($options{no_login}) {
$Vend::Session->{auto_created_user} = $self->{USERNAME};
More information about the interchange-cvs
mailing list