openerp-dev-web team mailing list archive
-
openerp-dev-web team
-
Mailing list archive
-
Message #06192
[Merge] lp:~openerp-dev/openobject-addons/6.0-bug-774082-xrg into lp:openobject-addons/6.0
xrg has proposed merging lp:~openerp-dev/openobject-addons/6.0-bug-774082-xrg into lp:openobject-addons/6.0.
Requested reviews:
OpenERP Core Team (openerp)
Related bugs:
Bug #774082 in OpenERP Addons: "base_crypt: fix exception, respect res.users active flag"
https://bugs.launchpad.net/openobject-addons/+bug/774082
For more details, see:
https://code.launchpad.net/~openerp-dev/openobject-addons/6.0-bug-774082-xrg/+merge/59585
--
https://code.launchpad.net/~openerp-dev/openobject-addons/6.0-bug-774082-xrg/+merge/59585
Your team OpenERP R&D Team is subscribed to branch lp:~openerp-dev/openobject-addons/6.0-bug-774082-xrg.
=== modified file 'base_crypt/crypt.py'
--- base_crypt/crypt.py 2011-04-28 15:51:11 +0000
+++ base_crypt/crypt.py 2011-04-30 13:01:15 +0000
@@ -41,6 +41,7 @@
from osv import fields,osv
import pooler
from tools.translate import _
+from service import security
magic_md5 = '$1$'
@@ -184,7 +185,7 @@
cr.close()
def _login(self, cr, db, login, password):
- cr.execute( 'SELECT password, id FROM res_users WHERE login=%s',
+ cr.execute( 'SELECT password, id FROM res_users WHERE login=%s AND active',
(login.encode('utf-8'),))
if cr.rowcount:
@@ -249,7 +250,7 @@
raise security.ExceptionNoTb('AccessDenied')
else:
salt = self._salt_cache[db][uid]
- cr.execute('SELECT COUNT(*) FROM res_users WHERE id=%s AND password=%s',
+ cr.execute('SELECT COUNT(*) FROM res_users WHERE id=%s AND password=%s AND active',
(int(uid), encrypt_md5(passwd, salt)))
res = cr.fetchone()[0]
finally:
Follow ups
