[user] admins are exempt from the email requirement, fixes #996

2024-01-07 17:33:30 +00:00 · 2024-01-07 17:33:30 +00:00 · 94ee6e4bc3
commit 94ee6e4bc3
parent 051d6242ed
2 changed files with 27 additions and 1 deletions
--- a/ext/user/main.php
+++ b/ext/user/main.php
@ -462,7 +462,9 @@ class UserPage extends Extension
            throw new UserCreationException("Passwords don't match");
        }
        if(
-            $user->can(Permissions::CREATE_OTHER_USER) ||
+            // Users who can create other users (ie, admins) are exempt
+            // from the email requirement
+            !$user->can(Permissions::CREATE_OTHER_USER) &&
            ($config->get_bool("user_email_required") && empty($event->email))
        ) {
            throw new UserCreationException("Email address is required");
--- a/ext/user/test.php
+++ b/ext/user/test.php
@ -53,4 +53,28 @@ class UserPageTest extends ShimmiePHPUnitTestCase
        $this->get_page('user_admin/classes');
        $this->assert_text("admin");
    }
+
+    public function testCreateOther()
+    {
+        global $page;
+
+        $this->assertException(UserCreationException::class, function () {
+            $this->log_out();
+            $this->post_page('user_admin/create_other', [
+                'name' => 'testnew',
+                'pass1' => 'testnew',
+                'email' => '',
+            ]);
+        });
+        $this->assertNull(User::by_name('testnew'), "Anon can't create others");
+
+        $this->log_in_as_admin();
+        $this->post_page('user_admin/create_other', [
+            'name' => 'testnew',
+            'pass1' => 'testnew',
+            'email' => '',
+        ]);
+        $this->assertEquals(302, $page->code);
+        $this->assertNotNull(User::by_name('testnew'), "Admin can create others");
+    }
 }