You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This PR updates 7 user-creation endpoints (/v1/users, /v1/users/bcrypt, /v1/users/md5, /v1/users/argon2, /v1/users/sha, /v1/users/phpass, /v1/users/scrypt) to accept null for the name parameter, consistent with the internal createUser() handler which already normalises null to ''.
The /v1/users/scrypt-modified endpoint (line 566 in app/controllers/api/users.php) was not updated and still uses new Text(128), which rejects null. The new e2e test loops over all 8 endpoints including scrypt-modified, so that test case will fail with a 400 validation error.
Confidence Score: 4/5
Not safe to merge until the scrypt-modified endpoint param is updated to match the rest.
One P1 defect: the /v1/users/scrypt-modified endpoint was skipped in the param change, causing the bundled e2e test to fail for that case and leaving the fix incomplete.
app/controllers/api/users.php line 566 — scrypt-modified name param needs new Nullable(new Text(128)).
Important Files Changed
Filename
Overview
app/controllers/api/users.php
Updates 7 of 8 user-creation endpoints to accept null name via Nullable(Text(128)); /v1/users/scrypt-modified (line 566) was not updated and still rejects null.
Adds testCreateUserWithNullName covering all 8 endpoints including scrypt-modified; the scrypt-modified case will fail until the corresponding endpoint param is fixed.
The /v1/users/scrypt-modified endpoint on this line still uses new Text(128), which rejects null. All other endpoints were updated to new Nullable(new Text(128)), but this one was skipped. The new e2e test includes /users/scrypt-modified in its loop and will fail for that entry — sending null for name will produce a 400 validation error instead of 201.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
What does this PR do?
Allows
name: nullfor the admin user creation endpoints so optional names behave consistently with the internalcreateUser()handling.This updates:
POST /v1/usersPOST /v1/users/bcryptPOST /v1/users/md5POST /v1/users/argon2POST /v1/users/shaPOST /v1/users/phpassPOST /v1/users/scryptIt also adds an e2e test covering null-name creation across the affected endpoints.
Related issue: #8785