auth::validate_account

auth::validate_account_info (private)

 auth::validate_account_info [ -update ] -authority_id authority_id \
    -username username -user_array user_array \
    -message_array message_array

Defined in packages/acs-authentication/tcl/authentication-procs.tcl

Validates user info and returns errors, if any.

Switches:

-update (optional, boolean): Set this flag if you're updating an existing record, meaning we shouldn't check for duplicates.
-authority_id (required)
-username (required)
-user_array (required): Name of an array in the caller's namespace which contains the registration elements.
-message_array (required): Name of an array where you want the validation errors stored, keyed by element name.

Partial Call Graph (max 5 caller/called nodes):

Testcases:

No testcase defined.

Source code:

    upvar 1 $user_array user
    upvar 1 $message_array element_messages

    set required_elms {}
    if { !$update_p } {
        lappend required_elms first_names last_name email
    }

    foreach elm $required_elms {
        if { ![info exists user($elm)] || $user($elm) eq "" } {
            set element_messages($elm) "Required"
        }
    }

    if { [info exists user(email)] } {
        set user(email) [string trim $user(email)]
    }

    if { [info exists user(username)] } {
        set user(username) [string trim $user(username)]
    }

    if { $update_p } {
        set user(user_id) [acs_user::get_by_username  -authority_id $authority_id  -username $username]

        if { $user(user_id) eq "" } {
            set this_authority [auth::authority::get_element -authority_id $authority_id -element pretty_name]
            set element_messages(username) [_ acs-subsite.Username_not_found_for_authority]
        }
    } else {
        set user(username) $username
        set user(authority_id) $authority_id
    }

    # TODO: When doing RBM's parameter, make sure that we still require both first_names and last_names, or none of them
    if { [info exists user(first_names)] && $user(first_names) ne ""
         && [string first "<" $user(first_names)] != -1
     } {
        set element_messages(first_names) [_ acs-subsite.lt_You_cant_have_a_lt_in]
    }

    if { [info exists user(last_name)] && $user(last_name) ne ""
         && [string first "<" $user(last_name)] != -1
     } {
        set element_messages(last_name) [_ acs-subsite.lt_You_cant_have_a_lt_in_1]
    }

    if { [info exists user(email)] && $user(email) ne "" } {
        if { ![util_email_valid_p $user(email)] } {
            set element_messages(email) [_ acs-subsite.Not_valid_email_addr]
        } else {
            set user(email) [string tolower $user(email)]
        }
    }

    if { [info exists user(url)] } {
        if { $user(url) eq "" || $user(url) eq "http://" } {
            # The user left the default hint for the url
            set user(url) {}
        } elseif { ![util_url_valid_p $user(url)] } {
            set valid_url_example "http://openacs.org/"
            set element_messages(url) [_ acs-subsite.lt_Your_URL_doesnt_have_]
        }
    }

    if { [info exists user(screen_name)]
         && $user(screen_name) ne "none"
     } {
        set screen_name_user_id [acs_user::get_user_id_by_screen_name -screen_name $user(screen_name)]
        if { $screen_name_user_id ne ""
             && (!$update_p || $screen_name_user_id != $user(user_id))
         } {
            set element_messages(screen_name) [_ acs-subsite.screen_name_already_taken]

            # We could do the same logic as below with 'stealing' the
            # screen_name of an old, banned user.
        }
    }

    if { [info exists user(email)] && $user(email) ne "" } {
        # Check that email is unique
        set email $user(email)
        set email_party_id [party::get_by_email -email $user(email)]

        if { $email_party_id ne "" && (!$update_p || $email_party_id != $user(user_id)) } {
            # We found a user with this email, and either we're not updating,
            # or it's not the same user_id as the one we're updating

            if { [acs_object_type $email_party_id] ne "user" } {
                set element_messages(email) [_ acs-subsite.Have_group_mail]
            } else {
                set email_member_state [acs_user::get_user_info  -user_id $email_party_id  -element member_state]
                switch $email_member_state {
                    banned {
                        set element_messages(email) [_ acs-subsite.lt_This_user_is_deleted]
                    }
                    default {
                        set element_messages(email) [_ acs-subsite.Have_user_mail]
                    }
                }
            }
        }
    }

    # They're trying to set the username
    if { [info exists user(username)] && $user(username) ne "" } {
        # Check that username is unique
        set username_user_id [acs_user::get_by_username -authority_id $authority_id -username $user(username)]

        if { $username_user_id ne ""
             && (!$update_p || $username_user_id != $user(user_id)) } {
            # We already have a user with this username, and either
            # we're not updating, or it's not the same user_id as the
            # one we're updating

            set username_member_state [acs_user::get_user_info  -user_id $username_user_id  -element member_state]
            switch $username_member_state {
                banned {
                    set element_messages(username) [_ acs-subsite.lt_This_user_is_deleted]
                }
                default {
                    set element_messages(username) [_ acs-subsite.Have_user_name]
                }
            }
        }
    }

Generic XQL file:

packages/acs-authentication/tcl/authentication-procs.xql

PostgreSQL XQL file:

packages/acs-authentication/tcl/authentication-procs-postgresql.xql

Oracle XQL file:

packages/acs-authentication/tcl/authentication-procs-oracle.xql

[ hide source ] | [ make this the default ]