Invalid token used in user email notification

With an update hook to fix existing configs.

That is a +1 RTBC from me on manually testing #2.

Yeah, this went wrong when we changed [user:name] to [user:account-name]

Surprising that we do not have any failing tests, we need to add one that triggers that mail and looks for the corect mail subject.

I am working on that test.

+++ b/core/modules/user/src/Tests/UserAdminTest.php
@@ -101,11 +102,16 @@ function testUserAdmin() {
       // targeted with the blocking action.
       'query' => array('order' => 'name', 'sort' => 'asc')
     ));
+    $site_name = $this->config('system.site')->get('name');
+    $this->assertMailString("body", "Your account on $site_name has been blocked.", 1, "Blocked message found in the mail sent to user C.");
     $user_storage->resetCache(array($user_c->id()));

Nitpick: We usually use single quote unless we have to. Using it for the test string is fine or we could also use string concatenation.

Otherwise, tests looks fine.

Tagging novice for updating that, you can of course also do that yourself if you have time. Then it should be RTBC.

Here is updated patch.

+++ b/core/modules/user/src/Tests/UserAdminTest.php
@@ -101,11 +102,16 @@ function testUserAdmin() {
+    $site_name = $this->config('system.site')->get('name');
+    $this->assertMailString('body', 'Your account on $site_name has been blocked.', 1, 'Blocked message found in the mail sent to user C.');

Yes, now the test will fail because you also replaced them for the second argument. So $site_name is no longer replaced. You either need to keep " there or do something like ' . $site_name . '

Here is updated patch.

Not quite, sorry. Coding style rules say that there must be a space on both sides of the . for string concatenation, just like I wrote it above.

oh, using windows so not able to run coder :(

I think this is good to go based on #8 and #14 fixing it.

Testbot is having a bad day.

What we're missing is test coverage for the update function, I fear we'll need that too. Maybe there's an existing one to extend, pretty crazy to have a whole new update function just for that.

Marked #2654676: Incorrect token name blocking changes of account settings as a duplicate of this - been bitten by this a few times now (although it's easy to fix yourself of course).

+++ b/core/modules/user/src/Tests/UserAdminTest.php
@@ -101,11 +102,16 @@ function testUserAdmin() {
+    $this->assertMailString('body', 'Your account on ' . $site_name . ' has been blocked.', 1, 'Blocked message found in the mail sent to user C.');

wouldn't it be better to user format_string() here ?

And yeah, we probably need an update path test, although the update function is pretty straightforward if you tell me.

Here's an upgrade path test as well. The annoying part here is that bare standard contains the right token already. Went for a different file to delete and then re-insert the configuration with the bad token.
Interdiff also serves as test only patch.

Ha right, that interdiff patch can't apply, sorry about that :)

Looks good to me, nice work!

+++ b/core/modules/user/user.install
@@ -85,3 +85,25 @@ function user_install() {
+function user_update_8001() {

Everything else looks fine, except shouldn't this be user_update_8100? Or alternative the defgroup should mention 8.0.x rather than 8.1.x.

I changed it to 8100 since I think you'll only commit this to 8.1.x since it has an upgrade path which isn't really critical right ?

Yeah the upgrade path looks extremely non-worrying, but also bug isn't severe enough to warrant an update in 8.0.x.

Committed/pushed to 8.1.x, thanks!

which directory should I put this patch file in?

Core patches are made with respect to the Drupal root directory, so put it there. See https://www.drupal.org/patch/apply

@prdsp But all that is needed is to edit the token in the user email form as you can see in the patch file.

I got it to run using cygwin on windows with the patch file from #32 placed in drupal root directory

But I had to use -p1 instead of -p0 when patching

Here is the command i used

patch -p1 < invalid_token_used_in-2587275-32.patch

As a note to anyone else patching with cygwin be sure to right click and run as administrator

also update.php needs to be run after patching for the fix to show

thanks for the patch and the help!

the same error in drupal 8.0.3

I can not save changes on the page /admin/config/people/accounts with invalid [site:account-name] token.
but the page is not used anywhere [site:account-name] token.

Thus is already fixed and will appear in a future release. I don't think it made it in 8.0.3. Fix the token manually as described in the issue summary.

It will be fixed in 8.1.0.