Incomplete user records are created if LDAP user has different username than existing mailman user
Used versions
We're currently using
- postorius @ 1.3.6
- hyperkitty @ 1.3.5
- mailman @ 3.3.5
- mailman-web @ 0.0.5
- django-auth-ldap @ 3.0.0
- django-mailman3 @ 1.3.7
Also, we implemented LDAP integration as suggested in #132.
Description
When a user exists in auth_user
before setting up LDAP and the user has a different username in auth_user
than in LDAP (but the same email address), the login doesn't work (which is expected), but incomplete user records are created.
Steps to reproduce
- Create a user with name
foobar
and email addressfoobar@example.com
in mailman. - Create a user with name
foobar2
and email addressfoobar@example.com
in e.g. OpenLDAP. - Configure LDAP authentication for mailman with the OpenLDAP as described in #132.
- Attempt to log in with
foobar@example.com
and credentials in LDAP.
The login fails with an "Interval server error" because the unique-key constraint in account_emailaddress
is violated (because mailman tries to register a second user with email foobar@example.com
).
The problem is that now foobar
and foobar2
exist in auth_user
with the same email, but the latter doesn't have a record in account_emailaddress
. Also, it's impossible to log in as foobar2
, so removing the user has to happen manually in the database.