[Koha-bugs] [Bug 34731] New: C4::Letters::SendQueuedMessages can be triggered with an undef message_id
bugzilla-daemon at bugs.koha-community.org
bugzilla-daemon at bugs.koha-community.org
Wed Sep 6 21:51:40 CEST 2023
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=34731
Bug ID: 34731
Summary: C4::Letters::SendQueuedMessages can be triggered with
an undef message_id
Change sponsored?: ---
Product: Koha
Version: master
Hardware: All
OS: All
Status: NEW
Severity: critical
Priority: P5 - low
Component: Architecture, internals, and plumbing
Assignee: koha-bugs at lists.koha-community.org
Reporter: kyle at bywatersolutions.com
QA Contact: testopia at bugs.koha-community.org
I've discovered that sometimes C4::Letters::EnqueueLetter will return undef
instead of a valid message id. In Koha::Patron::set_password we call
C4::Letters::EnqueueLetter and assume a message_id exists which we pass to
C4::Letters::SendQueuedMessages. Because message_id is undef, we then *process
all pending messages*. This is very very bad considering libraries often have
very specific time frames they wish to send message ( especially sms and phone
). In addition, this bypasses the before_send_messages hook.
I have not been able to recreate on demand yet, but I think it is either random
or caused by calls to the /api/v1/patrons/<patron_id>/password rest api
endpoint.
--
You are receiving this mail because:
You are the assignee for the bug.
You are watching all bug changes.
More information about the Koha-bugs
mailing list