user_save regenerates the session even when current user != edited user. [#169937]

After http://drupal.org/node/165358, we still regenerate the session when changing the password of another user. Granted, changing a password for another user doesn't occur that much.

Comment	File	Size	Author
#5	user.module-169937-5_D6.patch	657 bytes	Darren Oh
#5
#2	user.module.patch	676 bytes	drumm
#2
	sess_regen_current_user.patch	925 bytes	Heine

Support from Acquia helps fund testing for Drupal Acquia logo

Comments

Comment #1

Heine CreditAttribution: Heine commented 9 October 2007 at 16:07

Status:

Active

» Needs review

Comment #2

drumm

he/him

NY, US

CreditAttribution: drumm commented 3 December 2008 at 18:26

Version:	5.x-dev	» 7.x-dev
Status:	Needs review	» Reviewed & tested by the community

File	Size
user.module.patch	676 bytes

Still applies to 5.x and even 6.x, but needs to be committed to HEAD and backported. Attached is the 6.x version. It is a straightforward update and looks good, so marking RTBC.

Comment #3

alexanderpas CreditAttribution: alexanderpas commented 15 December 2008 at 02:11

Priority:

Normal

» Critical

this bug affects all tests that'll try so do something as the root user admin.
this (example) test gives WSOD due to this bug.

class UserRootAdminLoginTestCase extends DrupalWebTestCase {
  function getInfo() {
    return array(
      'name' => t('Login as root admin'),
      'description' => t('Tries to login as root admin.'),
      'group' => t('User')
    );
  }

  /**
   * Try logging in as root administrator
   */
  function testRootAdminLogin() {
    // generate a password for the user
    $password = user_password();
    $root_admin = user_save(user_load(1), array('pass' => $password));

    // Add the raw password so that we can log in as this user.
    $root_admin->pass_raw = $password;

    // login as the root administrator
    $this->drupalLogin($root_admin);
  }
}