1) Anonymous users lack the "purchase signups for other users" permission.
2) Anonymous user starts checkout process and enters abc@example.com as her email address
3) Anonymous user realizes (or is prompted) that she has a user account on the site
4) Anonymous user logs in with her existing account, associated with email address (def@example.com) and resumes uc_signup checkout workflow
5) Now authenticated user sees abc@example.com as the attendee being signed up but this does not correspond to her email address. Submitting the "next" button causes a validation error, This email address corresponds to an existing account..."

CommentFileSizeAuthor
#2 uc_signup_edge_bug_limit-830834.patch1.9 KBezra-g
#1 uc_signup_edge_bug_limit-830834.patch1.88 KBezra-g
uc_signup_edge_bug_limit.patch1 KBezra-g

Comments

ezra-g’s picture

ezra-g commented
StatusFileSize
new uc_signup_edge_bug_limit-830834.patch1.88 KB

We need to be sure to set the right email address in the $_SESSION, not just the form.

ezra-g’s picture

ezra-g commented
StatusFileSize
new uc_signup_edge_bug_limit-830834.patch1.9 KB

This patch should actually apply.

ezra-g’s picture

ezra-g commented
Status: Needs review » Fixed

This is committed.

http://drupalcode.org/project/uc_signup.git/commit/69e5fa2

ezra-g’s picture

ezra-g commented
Status: Fixed » Needs work 
-        if (user_is_logged_in() && (!uc_signup_user_is_signed_up($account->mail, $event['nid']) || !$allow_multiple)) {
+        if (user_is_logged_in() && !uc_signup_user_is_signed_up($account->mail, $event['nid'])) {

Somehow this got removed between patches.