Error when displaying the messages of requirements on password updating

SinergiaCRM commented 3 years ago

Issue

With the following settings enabled in password management:

Password should contain uppercase characters
Password should contain lowercase characters
Password should contain numbers

When creating or updating a user's password, if the above requirements are not met, the CRM tries to show notifications to the user but a javascript error occurs.

Expected Behavior

The CRM should have displayed the messages of:

Password should contain uppercase characters.
Password should contain numbers.

Actual Behavior

The following javascript error occurs:

Failed to launch 'location:%20index.php?action=EditView&module=Users&record=XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX' because the scheme does not have a registered handler.

Possible Fix

In the file: modules/Users/User.php, remove the string "Location: " from the method SugarApplication::redirect (Lines 687, 715 and 719)

Steps to Reproduce

Activate the following parameters in password management
- Password should contain uppercase characters
- Password should contain lowercase characters
- Password should contain numbers
Create or edit a user.
Enter a password that does not meet the requirements of point 1.
Check javascript error in browser console.

Context

Detected while trying to modify the password of a non-administrator user from an administrator user

Your Environment

SuiteCRM Version used: Version 7.11.15 - Sugar Version 6.5.25 (Build 344)
Browser name and version: Google chrome Versión 88.0.4324.150 (Build oficial) (64 bits)
Environment name and version: MySQL, PHP 7.3
Operating System and version: Ubuntu 20.04.1 LTS

tahirmolkar commented 2 years ago

In \modules\Users\User.php file on line number 687,715&719 remove the "Location" eg from this return SugarApplication::redirect('Location: index.php?action=Error&module=Users'); to this return SugarApplication::redirect(' index.php?action=Error&module=Users');

ghost commented 2 years ago

We have followed the steps described above in https://github.com/salesagility/SuiteCRM/issues/9033#issuecomment-988672879 Errors are now getting displayed, but

CreateView page gets reloaded and all the info User had added gets lost.
User still gets created regardless of password restrictions (6 characters, Must have Lower and Uppercase characters).

SinergiaCRM commented 2 years ago

Hi, we have resolved that the user is not created by moving the code that performs the validations (link) before the call to save method (link)

We think that this change can also be added to the solution.

salesagility / SuiteCRM