[JIRA] Commenté: (OFBIZ-534) getPartyFromEmail does dangerous matching

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

[JIRA] Commenté: (OFBIZ-534) getPartyFromEmail does dangerous matching

JIRA jira@ofbiz.org
     [ http://jira.undersunconsulting.com/browse/OFBIZ-534?page=comments#action_14147 ]
     
Jacques Le Roux commented on OFBIZ-534:
---------------------------------------

I took your 2 remarks in account and commited in 443465.

Finally I kept the name of getPartiesFromEmail for the ancient behaviour and named Ean's matchPartiesByEmail suggestion getPartyFromExactEmail.

Is that OK for you ?

> getPartyFromEmail does dangerous matching
> -----------------------------------------
>
>          Key: OFBIZ-534
>          URL: http://jira.undersunconsulting.com/browse/OFBIZ-534
>      Project: [OFBiz] Open For Business
>         Type: Bug
>   Components: party
>     Versions: SVN
>  Environment: Linux, PostgreSQL
>     Reporter: Ean Schuessler
>     Assignee: Jacques Le Roux
>      Fix For: SVN

>
> Original Estimate: 10 minutes
>         Remaining: 10 minutes
>
> getPartyByEmail does a '%EMAIL_ADDRESS%' match when you search for an email. This means that you can get back [hidden email] when you search for [hidden email]. I can't really see the point of the current implementation and it can have dangerous and suprising side effects if you are going to mail personal information. I'd suggest doing a direct but case-insensitive match. The case insensitivity is a good feature.

--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
   http://jira.undersunconsulting.com/secure/Administrators.jspa
-
For more information on JIRA, see:
   http://www.atlassian.com/software/jira