[Erp5-report] r26886 - in /erp5/trunk/products/ERP5: Document/ Tool/ tests/
nobody at svn.erp5.org
nobody at svn.erp5.org
Fri May 8 06:05:00 CEST 2009
Author: yusei
Date: Fri May 8 06:05:00 2009
New Revision: 26886
URL: http://svn.erp5.org?rev=26886&view=rev
Log:
Rename _setPasswordByForce to __setPasswordByForce and edit method cannot call it.
Modified:
erp5/trunk/products/ERP5/Document/Person.py
erp5/trunk/products/ERP5/Tool/PasswordTool.py
erp5/trunk/products/ERP5/tests/testPerson.py
Modified: erp5/trunk/products/ERP5/Document/Person.py
URL: http://svn.erp5.org/erp5/trunk/products/ERP5/Document/Person.py?rev=26886&r1=26885&r2=26886&view=diff
==============================================================================
--- erp5/trunk/products/ERP5/Document/Person.py [utf8] (original)
+++ erp5/trunk/products/ERP5/Document/Person.py [utf8] Fri May 8 06:05:00 2009
@@ -207,7 +207,7 @@
# public method(They are callable from user directly or through edit method)
# _setPasswordByForce is needed to reset password without security check
# by Password Tool.
- def _setPasswordByForce(self, value):
+ def __setPasswordByForce(self, value):
self.password = PersistentMapping()
self._setEncodedPassword(pw_encrypt(value))
@@ -215,7 +215,7 @@
if not _checkPermission(Permissions.SetOwnPassword, self):
raise AccessControl_Unauthorized('setPassword')
else:
- self._setPasswordByForce(value)
+ self.__setPasswordByForce(value)
security.declarePublic('setPassword')
def setPassword(self, value) :
Modified: erp5/trunk/products/ERP5/Tool/PasswordTool.py
URL: http://svn.erp5.org/erp5/trunk/products/ERP5/Tool/PasswordTool.py?rev=26886&r1=26885&r2=26886&view=diff
==============================================================================
--- erp5/trunk/products/ERP5/Tool/PasswordTool.py [utf8] (original)
+++ erp5/trunk/products/ERP5/Tool/PasswordTool.py [utf8] Fri May 8 06:05:00 2009
@@ -200,7 +200,11 @@
self.password_request_dict.pop(password_key)
persons = self.acl_users.erp5_users.getUserByLogin(user_login)
person = persons[0]
- person._setPasswordByForce(password)
+ # Calling private method starts with __ from outside is normally BAD,
+ # but if we leave the method as a normal method starts with _ and follow
+ # our naming convention, then the method can be callable through edit
+ # method without appropriate permission check and then security breaks.
+ person._Person__setPasswordByForce(password)
person.reindexObject()
if REQUEST is not None:
msg = translateString("Password changed.")
Modified: erp5/trunk/products/ERP5/tests/testPerson.py
URL: http://svn.erp5.org/erp5/trunk/products/ERP5/tests/testPerson.py?rev=26886&r1=26885&r2=26886&view=diff
==============================================================================
--- erp5/trunk/products/ERP5/tests/testPerson.py [utf8] (original)
+++ erp5/trunk/products/ERP5/tests/testPerson.py [utf8] Fri May 8 06:05:00 2009
@@ -145,6 +145,10 @@
# specific permission.
p.setPassword(None)
self.assertFalse(p.getPassword())
+ # Make sure that edit method cannot call __setPasswordByForce and nothing
+ # changes.
+ p.edit(password_by_force='waaa')
+ self.assertFalse(p.getPassword())
p.manage_permission(Permissions.SetOwnPassword, ['Anonymous'], 0)
p.setPassword('secret')
More information about the Erp5-report
mailing list