Bug 423612 - Allow editing extern_id for users from the admin interface

Bugzilla/Auth.pm

@@ -134,6 +134,12 @@ sub user_can_create_account {
            && $getter->user_can_create_account;
 }
 
+sub extern_id_used {
+    my ($self) = @_;
+    return $self->{_info_getter}->extern_id_used
+           ||  $self->{_verifier}->extern_id_used;
+}
+
 sub can_change_email {
     return $_[0]->user_can_create_account;
 }
@@ -397,6 +403,10 @@ Params:      None
 Returns:     C<true> if users are allowed to create new Bugzilla accounts,
              C<false> otherwise.
 
+=item C<extern_id_used>
+  
+Description: Whether or not current login system uses extern_id.
+
 =item C<can_change_email>
 
 Description: Whether or not the current login system allows users to

Bugzilla/Auth/Login.pm

@@ -28,6 +28,7 @@ use constant requires_persistence  => 1;
 use constant requires_verification => 1;
 use constant user_can_create_account => 0;
 use constant is_automatic => 0;
+use constant extern_id_used => 0; 
 
 sub new {
     my ($class) = @_;
@@ -131,4 +132,12 @@ just passes us an environment variable on most page requests, and does not
 ask the user for authentication information directly in Bugzilla.) Defaults
 to C<false>.
 
+=item C<extern_id_used>
+
+Whether or not this login method uses the extern_id field. If
+used, users with editusers permission will be be allowed to
+edit the extern_id for all users.
+
+The default value is C<0>.
+
 =back

Bugzilla/Auth/Login/Env.pm

@@ -32,6 +32,7 @@ use constant can_login  => 0;
 use constant requires_persistence  => 0;
 use constant requires_verification => 0;
 use constant is_automatic => 1;
+use constant extern_id_used => 1;
 
 sub get_login_info {
     my ($self) = @_;

Bugzilla/Auth/Login/Stack.pm

@@ -28,6 +28,7 @@ use fields qw(
 );
 use Hash::Util qw(lock_keys);
 use Bugzilla::Hook;
+use List::MoreUtils qw(any);
 
 sub new {
     my $class = shift;
@@ -97,4 +98,9 @@ sub user_can_create_account {
     return 0;
 }
 
+sub extern_id_used {
+    my ($self) = @_;
+    return any { $_->extern_id_used } @{ $self->{_stack} };
+}
+
 1;

Bugzilla/Auth/Verify.pm

@@ -25,6 +25,7 @@ use Bugzilla::User;
 use Bugzilla::Util;
 
 use constant user_can_create_account => 1;
+use constant extern_id_used => 0;
 
 sub new {
     my ($class, $login_type) = @_;
@@ -232,4 +233,12 @@ C<false>.
 Whether or not users can manually create accounts in this type of
 account source. Defaults to C<true>.
 
+=item C<extern_id_used>
+
+Whether or not this verifier method uses the extern_id field. If
+used, users with editusers permission will be be allowed to
+edit the extern_id for all users.
+
+The default value is C<false>.
+
 =back

Bugzilla/Auth/Verify/Stack.pm

@@ -86,4 +86,9 @@ sub user_can_create_account {
     return 0;
 }
 
+sub extern_id_used {
+    my ($self) = @_;
+    return any { $_->extern_id_used } @{ $self->{_stack} };
+}
+
 1;

Bugzilla/Template.pm

@@ -955,6 +955,7 @@ sub create {
                 }
                 return \@optional;
             },
+            'default_authorizer' => new Bugzilla::Auth(),
         },
     };
 

Bugzilla/User.pm

@@ -97,6 +97,7 @@ use constant DB_COLUMNS => (
     'profiles.mybugslink AS showmybugslink',
     'profiles.disabledtext',
     'profiles.disable_mail',
+    'profiles.extern_id',
 );
 use constant NAME_FIELD => 'login_name';
 use constant ID_FIELD   => 'userid';
@@ -108,6 +109,7 @@ use constant VALIDATORS => {
     disabledtext  => \&_check_disabledtext,
     login_name    => \&check_login_name_for_creation,
     realname      => \&_check_realname,
+    extern_id     => \&_check_extern_id,
 };
 
 sub UPDATE_COLUMNS {
@@ -117,6 +119,7 @@ sub UPDATE_COLUMNS {
         disabledtext
         login_name
         realname
+        extern_id
     );
     push(@cols, 'cryptpassword') if exists $self->{cryptpassword};
     return @cols;
@@ -135,6 +138,12 @@ sub new {
     bless ($user, $class);
     return $user unless $param;
 
+    if (ref($param) eq 'HASH') {
+        if (defined $param->{extern_id}) {
+            $param = { condition => 'extern_id = ?' , values => [$param->{extern_id}] };
+            $_[0] = $param;
+        }
+    }
     return $class->SUPER::new(@_);
 }
 
@@ -180,6 +189,22 @@ sub update {
 sub _check_disable_mail { return $_[1] ? 1 : 0; }
 sub _check_disabledtext { return trim($_[1]) || ''; }
 
+# Check whether the extern_id is unique.
+sub _check_extern_id {
+    my ($invocant, $extern_id) = @_;
+    $extern_id = trim($extern_id);
+    return undef unless defined($extern_id) && $extern_id ne "";
+    if (!ref($invocant) || $invocant->extern_id ne $extern_id) {
+        my $existing_login = $invocant->new({ extern_id => $extern_id });
+        if ($existing_login) {
+            ThrowUserError( 'extern_id_exists',
+                            { extern_id => $extern_id,
+                              existing_login_name => $existing_login->login });
+        }
+    }
+    return $extern_id;
+}
+
 # This is public since createaccount.cgi needs to use it before issuing
 # a token for account creation.
 sub check_login_name_for_creation {
@@ -219,6 +244,7 @@ sub _check_realname { return trim($_[1]) || ''; }
 
 sub set_disabledtext { $_[0]->set('disabledtext', $_[1]); }
 sub set_disable_mail { $_[0]->set('disable_mail', $_[1]); }
+sub set_extern_id    { $_[0]->set('extern_id', $_[1]); }
 
 sub set_login {
     my ($self, $login) = @_;
@@ -243,6 +269,7 @@ sub set_password { $_[0]->set('cryptpassword', $_[1]); }
 # Accessors for user attributes
 sub name  { $_[0]->{realname};   }
 sub login { $_[0]->{login_name}; }
+sub extern_id { $_[0]->{extern_id}; }
 sub email { $_[0]->login . Bugzilla->params->{'emailsuffix'}; }
 sub disabledtext { $_[0]->{'disabledtext'}; }
 sub is_disabled { $_[0]->disabledtext ? 1 : 0; }

editusers.cgi

@@ -213,7 +213,9 @@ if ($action eq 'search') {
         cryptpassword => $password,
         realname      => scalar $cgi->param('name'),
         disabledtext  => scalar $cgi->param('disabledtext'),
-        disable_mail  => scalar $cgi->param('disable_mail')});
+        disable_mail  => scalar $cgi->param('disable_mail'),
+        extern_id     => scalar $cgi->param('extern_id'),
+        });
 
     userDataToVars($new_user->id);
 
@@ -256,6 +258,8 @@ if ($action eq 'search') {
             if $cgi->param('password');
         $otherUser->set_disabledtext($cgi->param('disabledtext'));
         $otherUser->set_disable_mail($cgi->param('disable_mail'));
+        $otherUser->set_extern_id($cgi->param('extern_id'))
+            if defined($cgi->param('extern_id'));
         $changes = $otherUser->update();
     }
 

template/en/default/admin/users/userdata.html.tmpl

@@ -38,6 +38,19 @@
     [% END %]
   </td>
 </tr>
+[% IF default_authorizer.extern_id_used %]
+  <tr>
+    <th><label for="extern_id">External Login ID:</label></th>
+    <td>
+      [% IF editusers %]
+        <input size="64" maxlength="64" name="extern_id"
+               id="extern_id" value="[% otheruser.extern_id FILTER html %]">
+      [% ELSE %]
+        [% otheruser.extern_id FILTER html %]
+      [% END %]
+    </td>
+  </tr>
+[% END %]
 <tr>
   <th><label for="name">Real name:</label></th>
   <td>

template/en/default/global/messages.html.tmpl

@@ -60,6 +60,8 @@
               A new password has been set.
             [% ELSIF field == 'disabledtext' %]
               The disable text has been modified.
+            [% ELSIF field == 'extern_id' %]
+              The user's External Login ID has been modified.
             [% ELSIF field == 'disable_mail' %]
               [% IF otheruser.email_disabled %]
                 [% terms.Bug %]mail has been disabled.

template/en/default/global/user-error.html.tmpl

@@ -1696,6 +1696,14 @@
     [% title = "Illegal User ID" %]
     User ID '[% userid FILTER html %]' is not valid integer.
 
+  [% ELSIF error == "extern_id_exists" %]
+    [% title = "Account Already Exists" %]
+    There is already an account
+    [% IF existing_login_name %]
+      ([% existing_login_name FILTER html %])
+    [% END %]
+    with the External Login ID "[% extern_id FILTER html %]".
+
   [% ELSE %]
 
     [%# Try to find hooked error messages %]