Unable to make a purchase/login with unverified Persona account

VERIFIED FIXED in 2013-01-10

Status

Marketplace
Payments/Refunds
P1
blocker
VERIFIED FIXED
5 years ago
4 years ago

People

(Reporter: krupa, Assigned: cvan)

Tracking

2013-01-10
Points:
---
Bug Flags:
mkt-blocker +

Details

(Whiteboard: u=patron p=2)

(Reporter)

Description

5 years ago
steps to reproduce:
1. Launch your marketplace-dev on your unagi phone
2. Log in using an unverified email 
3. Search for 'Private yacht' and navigate to its details page
4. Click on the purchase button


expected behavior:
User is allowed to purchase

observed behavior:
We show "Please use a verified persona account" notification and abort the purchase.

Updated

5 years ago
Duplicate of this bug: 828117
Apparently this reproduces with a general persona login as well.
Summary: Unable to make a purchase with unverified Persona account → Unable to make a purchase/login with unverified Persona account
I'm assigning to cvan because of bug 794634.  Kumar can help if I'm off base.
Assignee: nobody → cvan
Priority: -- → P1
Whiteboard: u=patron p=2
Target Milestone: --- → 2013-01-17
(Reporter)

Comment 4

5 years ago
This is blocking QA from testing payments. So marking it as a blocker.

cc'ing JR for some insights into what might be causing this.
Severity: major → blocker
(Reporter)

Comment 5

5 years ago
For reference:  https://github.com/mozilla/zamboni/commit/b65fad4f6d0f9f7d76fb2c89ec7d7dfef5070963#L2R341
(Assignee)

Comment 6

5 years ago
(In reply to krupa raj 82[:krupa] from comment #5)
> For reference: 
> https://github.com/mozilla/zamboni/commit/
> b65fad4f6d0f9f7d76fb2c89ec7d7dfef5070963#L2R341

Assertion is failing. https://github.com/mozilla/zamboni/commit/b65fad4f6#L2R323 is more helpful.

Updated

5 years ago
blocking-basecamp: --- → ?

Comment 7

5 years ago
I think this is blocking-basecamp+, even if the fix doesn't end up being in-product, given the impact to testing. Let's get this fixed today, regardless. Only a few more days of testing left.
(In reply to Alex Keybl [:akeybl] from comment #7)
> I think this is blocking-basecamp+, even if the fix doesn't end up being
> in-product, given the impact to testing. Let's get this fixed today,
> regardless. Only a few more days of testing left.

This won't block unless this impacts the on device implementation. We can fix off device issues separately from basecamp.

It's a marketplace v1.0 blocker though.
blocking-basecamp: ? → ---
Flags: mkt-blocker+
(Assignee)

Comment 9

5 years ago
https://github.com/mozilla/zamboni/commit/68c315a
Status: NEW → RESOLVED
Last Resolved: 5 years ago
Resolution: --- → FIXED
Target Milestone: 2013-01-17 → 2013-01-10
Very late r+ on cvan's fix. 

Sorry, the thread was far down my email list. 

We may want to ping the Persona folks about this state to make sure that we're not introducing a potential exploit. I understand that there's a different issuer, and that we're forcing it, but we may want to make sure that we secure against someone using an arbitrary issuer to spoof the connect. 

Then again, I tend to be overly paranoid.

Comment 11

4 years ago
Verified as fixed : I was able to buy using a completely new email account.
Status: RESOLVED → VERIFIED
You need to log in before you can comment on or make changes to this bug.