Empty email addresses must not be canonicalized

Email addresses are optional.  Very bad things happen if we treat all users who have no email address as the same user.

Example:
1. [`$RT::Config::ValidateUserEmailAddresses`](https://github.com/bestpractical/rt/blob/rt-4.4.0/etc/RT_Config.pm.in#L456) is enabled (as per default)
2. There exists user "A" whose EmailAddress is empty.
3. There exists user "B" whose EmailAddress is `'b@example.org'`.
4. User A is merged into User B.

Suppose [`RT::Interface::Web::AttemptExternalAuth()`](https://github.com/bestpractical/rt/blob/rt-4.4.0/lib/RT/Interface/Web.pm#L733) calls

```
$UserObj->Create(Name => ..., Gecos => ...);
```

The call will fail, since the call gets canonicalized to

```
$UserObj->Create(
    Name => ..., Gecos => ...,
    EmailAddress => 'b@example.org'
);
```

and `RT::User::ValidateUserEmailAddress()` will reject it with an [`"Email address in use"`](https://github.com/bestpractical/rt/blob/rt-4.4.0/lib/RT/User.pm#L578) error.


Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Empty email addresses must not be canonicalized #2

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Empty email addresses must not be canonicalized #2

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions