Already existing users are created successfully again

[jasson99]

Description:

When we send a user creation request with already existing usernames then we get the successful user creation response.

How To Reproduce:

1. Create a user new-user

   curl -s -k -X POST https://localhost:9200/ocs/v1.php/cloud/users -H "OCS-APIREQUEST=true" -d username=new-user -d userid=new-user -d email=new-user@owncloud.org -d password=1234 -u admin:admin | xmllint --format -
   <?xml version="1.0" encoding="UTF-8"?>
   <ocs>
   <meta>
   <status>ok</status>
   <statuscode>100</statuscode>
   <message>OK</message>
   </meta>
   <data>
   <enabled>true</enabled>
   <id>new-user</id>
   <username>new-user</username>
   <displayname/>
   <email>new-user@owncloud.org</email>
   <uidnumber>0</uidnumber>
   <gidnumber>0</gidnumber>
   </data>
   </ocs>

2. Check existing users:

   
   curl -s -k -u admin:admin -X GET https://localhost:9200/ocs/v1.php/cloud/users | xmllint --format -
   <?xml version="1.0" encoding="UTF-8"?>
   <ocs>
   <meta>
   <status>ok</status>
   <statuscode>100</statuscode>
   <message>OK</message>
   </meta>
   <data>
   <users>
     <element>4c510ada-c86b-4815-8820-42cdf82c3d51</element>
     <element>820ba2a1-3f54-4538-80a4-2d73007e30bf</element>
     <element>932b4540-8d16-481e-8ef4-588e4b6b151c</element>
     <element>bc596f3c-c955-4328-80a0-60d018b4ad57</element>
     <element>f7fbf8c8-139b-4376-b307-cf0a8c2d0d9c</element>
     <element>new-user</element>
   </users>
   </data>
   </ocs>

3. Create user `new-user` again as:

curl -s -k -X POST https://localhost:9200/ocs/v1.php/cloud/users -H "OCS-APIREQUEST=true" -d username=new-user -d userid=new-user -d email=new-user@owncloud.org -d password=1234 -u admin:admin | xmllint --format - <?xml version="1.0" encoding="UTF-8"?>

ok 100 OK true new-user new-user new-user@owncloud.org 0 0

4. And again check for the existing users:

curl -s -k -u admin:admin -X GET https://localhost:9200/ocs/v1.php/cloud/users | xmllint --format - <?xml version="1.0" encoding="UTF-8"?>

ok 100 OK 4c510ada-c86b-4815-8820-42cdf82c3d51 820ba2a1-3f54-4538-80a4-2d73007e30bf 932b4540-8d16-481e-8ef4-588e4b6b151c bc596f3c-c955-4328-80a0-60d018b4ad57 f7fbf8c8-139b-4376-b307-cf0a8c2d0d9c new-user

[phil-davis]

What happens if the 2nd user create request has different parameters (for example different email address or password). Does the user still have the first values, or the second values?

[jasson99]

Now, when I create user new-user again as above, but with different email address and password as:

 curl -s -k -X POST https://localhost:9200/ocs/v1.php/cloud/users -H "OCS-APIREQUEST=true" -d username=new-user -d userid=new-user -d email=new-user1234@owncloud.org -d password=123456 -u admin:admin | xmllint --format -
<?xml version="1.0" encoding="UTF-8"?>
<ocs>
  <meta>
    <status>ok</status>
    <statuscode>100</statuscode>
    <message>OK</message>
  </meta>
  <data>
    <enabled>true</enabled>
    <id>new-user</id>
    <username>new-user</username>
    <displayname/>
    <email>new-user1234@owncloud.org</email>
    <uidnumber>0</uidnumber>
    <gidnumber>0</gidnumber>
  </data>
</ocs>

And check the details about user new-user as :

curl -s -k -u admin:admin -X GET https://localhost:9200/ocs/v1.php/cloud/users/new-user | xmllint --format -
<?xml version="1.0" encoding="UTF-8"?>
<ocs>
  <meta>
    <status>ok</status>
    <statuscode>100</statuscode>
    <message>OK</message>
  </meta>
  <data>
    <enabled>true</enabled>
    <id>new-user</id>
    <username>new-user</username>
    <displayname/>
    <email>new-user1234@owncloud.org</email>
    <quota>
      <free>2840756224000</free>
      <used>5059416668</used>
      <total>2845815640668</total>
      <relative>0.18</relative>
      <definition>default</definition>
    </quota>
    <uidnumber>0</uidnumber>
    <gidnumber>0</gidnumber>
  </data>
</ocs>

[phil-davis]

OK - it updates the email-address. Whereas in oC10 it will fail (there is a different way to update user attributes) "someone" can decide what behavior the OCIS Provisioning API should have.