This project is read-only.

Error in Microsoft.AspNet.Identity.Samples 2.0.0-Beta 2

May 29, 2014 at 1:43 AM
Edited May 29, 2014 at 1:43 AM
There's an error in this sample.

If you enter UsersAdmin Index page and select edit link of any user the Edit View is presented.

Now, in the Email field try to enter an invalid email that will bypass View validation e.g.: Admin@Admin.com1 and hit Save.

HttpPost Edit method is called with invalid ModelState.

Method tries to AddModelError and return to View but in the meantime the Roles property of model gets nulled somehow which in turn couses crash back in the View and Yellow Screen of Death appears.

Happy coding,
Jarosław Zwierz
May 30, 2014 at 6:17 PM
I was unable to enter an invalid email address and submit. The client validation always handles the invalid email address. Is there another way to repro this ?
May 31, 2014 at 2:25 AM

Yes, my mistake, it was in the project based on Identity sample (tested that at 4 am) not the original one.

Somehow I’m able to overcome the e-mail validation by adding number to the end.

If you’re curious than you can grab my project here:

UID: [email removed]

PWD: Admin@123456

Steps: UsersAdmin=>Index=>Edit=>add “1” at the end of Email=>click Save


Jun 3, 2014 at 8:23 PM
But, since username and email are the same in the model then the error occurs if you'll edit any user email to the email that’s already taken.
The Edit HttpPost method in UsersAdminController requires changes.
The model is not recreated correctly when (!result.Succeeded).
The View receives null Model.RolesList and program crashes in line 29 of Edit.scshtml View.

Steps to reproduce error in original sample.
  1. Login as admin
  2. Go to UsersAdmin
  3. Add new user
  4. Edit newly added user trying to change its e-mail to yours
Jaroslaw Zwierz
Jun 10, 2014 at 6:58 PM
The username and email are the same in the samples. I believe we have a tracking item to separate them in the future releases
Sep 1, 2014 at 2:42 PM
Edited Sep 1, 2014 at 2:46 PM
(I removed my comment because I proved it incorrect!)