Skip to content

Commit 26d3f36

Browse files
AnjuJose011AnjuJose011
authored
Merge pull request #1482 from TechnologyEnhancedLearning/TD-6335-Updated-Mycacount
TD-6335-Users are exploiting the certificate generation system on elfh and Learning Hub by changing account names to reproduce certificates under multiple identities.
2 parents 70590f2 + 7598f39 commit 26d3f36

File tree

3 files changed

+48
-50
lines changed

3 files changed

+48
-50
lines changed

LearningHub.Nhs.WebUI/Models/UserProfile/MyAccountPersonalDetailsViewModel.cs

Lines changed: 0 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -26,15 +26,13 @@ public class MyAccountPersonalDetailsViewModel
2626
/// <summary>
2727
/// Gets or sets the FirstName.
2828
/// </summary>
29-
[Required(ErrorMessage = "Enter a first name")]
3029
[StringLength(50, MinimumLength = 1, ErrorMessage = "First name must be less than 50 characters.")]
3130
[DisplayName("First name")]
3231
public string FirstName { get; set; }
3332

3433
/// <summary>
3534
/// Gets or sets the LastName.
3635
/// </summary>
37-
[Required(ErrorMessage = "Enter a last name")]
3836
[StringLength(50, MinimumLength = 1, ErrorMessage = "Last name must be less than 50 characters.")]
3937
[DisplayName("Last name")]
4038
public string LastName { get; set; }

LearningHub.Nhs.WebUI/Services/UserService.cs

Lines changed: 0 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1943,8 +1943,6 @@ public async Task UpdateMyAccountPersonalDetailsAsync(int userId, MyAccountPerso
19431943
PersonalDetailsViewModel personalDetailsViewModel = new PersonalDetailsViewModel
19441944
{
19451945
UserId = userId,
1946-
FirstName = model.FirstName.Trim(),
1947-
LastName = model.LastName.Trim(),
19481946
PreferredName = model.PreferredName?.Trim(),
19491947
SecondaryEmailAddress = model.SecondaryEmailAddress,
19501948
};

LearningHub.Nhs.WebUI/Views/MyAccount/ChangePersonalDetails.cshtml

Lines changed: 48 additions & 46 deletions
Original file line numberDiff line numberDiff line change
@@ -1,23 +1,25 @@
11
@model LearningHub.Nhs.WebUI.Models.UserProfile.MyAccountPersonalDetailsViewModel
22

33
@{
4-
ViewData["DisableValidation"] = true;
5-
ViewData["Title"] = "My Account - Change first name";
6-
var errorHasOccurred = !ViewData.ModelState.IsValid;
4+
ViewData["DisableValidation"] = true;
5+
ViewData["Title"] = "My Account - Change first name";
6+
var errorHasOccurred = !ViewData.ModelState.IsValid;
77
}
88
<div class="bg-white">
9-
<div class="nhsuk-width-container app-width-container">
10-
<vc:back-link asp-controller="MyAccount" asp-action="Index" link-text="Go back to my account" />
9+
<div class="nhsuk-width-container app-width-container">
10+
<vc:back-link asp-controller="MyAccount" asp-action="Index" link-text="Go back to my account" />
1111
<form asp-controller="MyAccount" asp-action="UpdatePersonalDetails" method="post">
12-
<div class="nhsuk-grid-row">
12+
<div class="nhsuk-grid-row">
1313
<div class="nhsuk-grid-column-full nhsuk-u-padding-bottom-5">
14-
@if (errorHasOccurred)
15-
{
16-
<vc:error-summary order-of-property-names="@(new[] { nameof(Model.FirstName) })" />
17-
}
18-
<div>
14+
@if (errorHasOccurred)
15+
{
16+
<vc:error-summary order-of-property-names="@(new[] { nameof(Model.FirstName) })" />
17+
}
18+
<div>
1919
<h1 class="nhsuk-heading-xl">Update personal details</h1>
20-
<vc:text-input asp-for="FirstName"
20+
</div>
21+
@* TD-6335-Temporliy disabling updte names *@
22+
@* <vc:text-input asp-for="FirstName"
2123
label="First name"
2224
populate-with-current-value="true"
2325
type="text"
@@ -27,7 +29,7 @@
2729
css-class="nhsuk-u-width-one-half"
2830
required="true"
2931
required-client-side-error-message="Enter a first name" />
30-
</div>
32+
3133
3234
<div>
3335
<vc:text-input asp-for="LastName"
@@ -41,30 +43,30 @@
4143
required="true"
4244
required-client-side-error-message="Enter a last name" />
4345
</div>
46+
*@
47+
<div>
48+
<vc:text-input asp-for="PreferredName"
49+
label="Preferred name"
50+
populate-with-current-value="true"
51+
type="text"
52+
spell-check="false"
53+
hint-text=""
54+
autocomplete="nickname"
55+
css-class="nhsuk-u-width-one-half"
56+
required="false" />
57+
</div>
4458

45-
<div>
46-
<vc:text-input asp-for="PreferredName"
47-
label="Preferred name"
48-
populate-with-current-value="true"
49-
type="text"
50-
spell-check="false"
51-
hint-text=""
52-
autocomplete="nickname"
53-
css-class="nhsuk-u-width-one-half"
54-
required="false" />
55-
</div>
56-
57-
<div>
58-
<vc:text-input asp-for="PrimaryEmailAddress"
59-
label="Work email"
60-
populate-with-current-value="true"
61-
type="text"
62-
spell-check="false"
63-
hint-text=""
64-
autocomplete="email"
65-
css-class="nhsuk-u-width-one-half"
66-
required="true" />
67-
</div>
59+
<div>
60+
<vc:text-input asp-for="PrimaryEmailAddress"
61+
label="Work email"
62+
populate-with-current-value="true"
63+
type="text"
64+
spell-check="false"
65+
hint-text=""
66+
autocomplete="email"
67+
css-class="nhsuk-u-width-one-half"
68+
required="true" />
69+
</div>
6870

6971
<div>
7072
<vc:text-input asp-for="SecondaryEmailAddress"
@@ -77,14 +79,14 @@
7779
css-class="nhsuk-u-width-one-half"
7880
required="false" />
7981
</div>
80-
81-
<div class="nhsuk-u-padding-bottom-5">
82-
<button class="nhsuk-button" data-module="nhsuk-button" type="submit">
83-
Save changes
84-
</button>
85-
</div>
86-
</div>
87-
</div>
88-
</form>
89-
</div>
82+
83+
<div class="nhsuk-u-padding-bottom-5">
84+
<button class="nhsuk-button" data-module="nhsuk-button" type="submit">
85+
Save changes
86+
</button>
87+
</div>
88+
</div>
89+
</div>
90+
</form>
91+
</div>
9092
</div>

0 commit comments

Comments
 (0)