← Back to team overview

yahoo-eng-team team mailing list archive

[Bug 1850249] [NEW] create a user use first password change but uneffectted

 

Public bug reported:

i set change_password_upon_first_use config true,but when i validate a user after i first create,it can auth success instead of raise PasswordExpired
i notice that the code to set password expire is before set resource_options to user,surely it can not get the new user's options, is this a bug?

            user_ref = model.User.from_dict(user)
            if self._change_password_required(user_ref):
                user_ref.password_ref.expires_at = datetime.datetime.utcnow()
            user_ref.created_at = datetime.datetime.utcnow()
            session.add(user_ref)
            # Set resource options passed on creation
            resource_options.resource_options_ref_to_mapper(
                user_ref, model.UserOption)
            return base.filter_user(user_ref.to_dict())

** Affects: keystone
     Importance: Undecided
         Status: New

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Identity (keystone).
https://bugs.launchpad.net/bugs/1850249

Title:
  create a user use first password change but uneffectted

Status in OpenStack Identity (keystone):
  New

Bug description:
  i set change_password_upon_first_use config true,but when i validate a user after i first create,it can auth success instead of raise PasswordExpired
  i notice that the code to set password expire is before set resource_options to user,surely it can not get the new user's options, is this a bug?

              user_ref = model.User.from_dict(user)
              if self._change_password_required(user_ref):
                  user_ref.password_ref.expires_at = datetime.datetime.utcnow()
              user_ref.created_at = datetime.datetime.utcnow()
              session.add(user_ref)
              # Set resource options passed on creation
              resource_options.resource_options_ref_to_mapper(
                  user_ref, model.UserOption)
              return base.filter_user(user_ref.to_dict())

To manage notifications about this bug go to:
https://bugs.launchpad.net/keystone/+bug/1850249/+subscriptions


Follow ups