[#GLIFFY-906] Non-unique account name results in error - Gliffy

Details

Type: Bug
Status: Tested
Priority: Major
Resolution: Fixed
Affects Version/s: Quasar - Iteration 3 (Gliffy Online API Release, GPFC 1.5)
Fix Version/s: Quasar - Iteration 3 (Gliffy Online API Release, GPFC 1.5)
Component/s: None
Security Level: Anyone may view

Description:
Hide
Steps to reproduce:

Sign up for a premium account twice using the same account name, but different admin email addresses.

Expected result:

The second time signing up should error out noting non-unique account name

Actual result:

The second sign-up appears to succeed, but the database shows no new premium org account. Instead, we see a single personal account created on behalf of the user.
Show
Steps to reproduce:

Sign up for a premium account twice using the same account name, but different admin email addresses.

Expected result:

The second time signing up should error out noting non-unique account name

Actual result:

The second sign-up appears to succeed, but the database shows no new premium org account. Instead, we see a single personal account created on behalf of the user.

Activity

Ascending order - Click to sort in descending order

Hide

Permalink

David Copeland added a comment - 29/Sep/08 3:28 PM

This occurs due to this code:

Account org = accountDAO.getAccountByName(orgName);
if (org != null && !org.getStatus().equals(ACCOUNT_STATUS_TRIAL)) 
    return createError(pbean,"Organization name " + orgName + " already exists.");

Basically, you can create a duplicate org name if that name is only being used in a trial account.

This is a problem, as I had assumed that org names had to be unique.

The easiest solution is to get rid of the trial status check.

Show

David Copeland added a comment - 29/Sep/08 3:28 PM This occurs due to this code:

Account org = accountDAO.getAccountByName(orgName);
if (org != null && !org.getStatus().equals(ACCOUNT_STATUS_TRIAL)) 
    return createError(pbean,"Organization name " + orgName + " already exists.");

Basically, you can create a duplicate org name if that name is only being used in a trial account. This is a problem, as I had assumed that org names had to be unique. The easiest solution is to get rid of the trial status check.

Hide

Permalink

David Copeland added a comment - 29/Sep/08 3:29 PM

(Also, there are no duplicate org names in production right now, so adding this business rule would not seem to affect things)

Show

David Copeland added a comment - 29/Sep/08 3:29 PM (Also, there are no duplicate org names in production right now, so adding this business rule would not seem to affect things)

Hide

Permalink

Chris Kohlhardt added a comment - 29/Sep/08 3:42 PM

It's probably bad that the org name is used both for the API and for display purposes in the UI. arg.

Does that mean that a user would have to change their org name if they signed up for trial and then switched to premium later?

It seems to me that it would be simpler for the user, and for us if:

Unique org name is required when signing up for Basic OR Premium accounts, Trial or not

Show

Chris Kohlhardt added a comment - 29/Sep/08 3:42 PM It's probably bad that the org name is used both for the API and for display purposes in the UI. arg. Does that mean that a user would have to change their org name if they signed up for trial and then switched to premium later? It seems to me that it would be simpler for the user, and for us if:

Unique org name is required when signing up for Basic OR Premium accounts, Trial or not

Hide

Permalink

David Copeland added a comment - 29/Sep/08 3:51 PM

Current, if the account name looks like an email address, it finds the user with that address and grants them access to a single-user premium account, if they have one, or the first basic account they created.

Couple that with the requirement that an premium account must have a unique account name, and this should address it for future singups.

Show

David Copeland added a comment - 29/Sep/08 3:51 PM Current, if the account name looks like an email address, it finds the user with that address and grants them access to a single-user premium account, if they have one, or the first basic account they created. Couple that with the requirement that an premium account must have a unique account name, and this should address it for future singups.

Hide

Permalink

David Copeland added a comment - 30/Sep/08 10:08 AM

Removed check for trial accounts; all org names must be unique.

http://crucible.gliffy.com/fisheye/changelog/Gliffy/?cs=9605

Show

David Copeland added a comment - 30/Sep/08 10:08 AM Removed check for trial accounts; all org names must be unique. http://crucible.gliffy.com/fisheye/changelog/Gliffy/?cs=9605

People

Assignee:

David Copeland

Reporter:

Chris Kohlhardt
Votes:

0

Watchers:

0

Dates

Created:

29/Sep/08 1:26 PM

Updated:

26/Jun/09 11:52 AM

Resolved:

30/Sep/08 10:08 AM