openerp-community-reviewer team mailing list archive
-
openerp-community-reviewer team
-
Mailing list archive
-
Message #05054
[Merge] lp:~camptocamp/ocb-addons/improve_auth_crypt-nbi into lp:ocb-addons
Nicolas Bessi - Camptocamp has proposed merging lp:~camptocamp/ocb-addons/improve_auth_crypt-nbi into lp:ocb-addons.
Commit message:
[IMP] Add an init function on res.users to encrypt all passwords when installing module and avoid plain password for deactivated users.
Requested reviews:
Nicolas Bessi - Camptocamp (nbessi-c2c)
Stefan Rijnhart (Therp) (stefan-therp)
Alexandre Fayolle - camptocamp (alexandre-fayolle-c2c): code review, no test
Related bugs:
Bug #1280152 in OpenERP Addons: "[7.0]Auth crypt encrypts passwords lazily and deactivated users will never have password encrypted"
https://bugs.launchpad.net/openobject-addons/+bug/1280152
For more details, see:
https://code.launchpad.net/~camptocamp/ocb-addons/improve_auth_crypt-nbi/+merge/206364
(Improve module auth_crypt use sha256 by default to encrypt password. The modification keeps retro compatibility.) REMOVED as OpenERP will not merge this part
Add an init function on res.users to encrypt all passwords when installing module and avoid plain password for deactivated users.
--
https://code.launchpad.net/~camptocamp/ocb-addons/improve_auth_crypt-nbi/+merge/206364
Your team OpenERP Community Backports Team is subscribed to branch lp:ocb-addons.
=== modified file 'auth_crypt/auth_crypt.py'
--- auth_crypt/auth_crypt.py 2013-08-12 10:29:50 +0000
+++ auth_crypt/auth_crypt.py 2014-03-18 09:42:44 +0000
@@ -117,6 +117,18 @@
class res_users(osv.osv):
_inherit = "res.users"
+ def init(self, cr):
+ """Encrypt all passwords at module installation"""
+ cr.execute("SELECT id, password FROM res_users WHERE password != ''",)
+ to_encrypt = cr.fetchall()
+ if to_encrypt:
+ for user in to_encrypt:
+ salt = gen_salt()
+ stored_password_crypt = md5crypt(user[1], salt)
+ cr.execute("UPDATE res_users SET password='', password_crypt=%s WHERE id=%s",
+ (stored_password_crypt, user[0]))
+ return True
+
def set_pw(self, cr, uid, id, name, value, args, context):
if value:
encrypted = md5crypt(value, gen_salt())
References