base/credential: fix password type ( use str )

68af0729 · Jérome Perrin · 0db50518 · 68af0729 · 68af0729 · 68af0729
Commit 68af0729 authored May 20, 2024 by Jérome Perrin
4 changed files
--- a/bt5/erp5_authentication_policy/TestTemplateItem/portal_components/test.erp5.testAuthenticationPolicy.py
+++ b/bt5/erp5_authentication_policy/TestTemplateItem/portal_components/test.erp5.testAuthenticationPolicy.py
@@ -228,13 +228,13 @@ class TestAuthenticationPolicy(ERP5TypeTestCase):
    self.tic()

    # password change date should be saved as well hashed old password value
-    old_password = login.getPassword().decode()
+    old_password = login.getPassword()
    self.assertSameSet([old_password], [x.getPassword() for x in self._getPasswordEventList(login)])

    # .. test one more time to check history of password is saved in a list
    login.setPassword('123456789')
    self.tic()
-    old_password1 = login.getPassword().decode()
+    old_password1 = login.getPassword()

    # password change date should be saved as well hashed old password value
    self.assertSameSet([old_password1, old_password], [x.getPassword() for x in self._getPasswordEventList(login)])
@@ -242,29 +242,29 @@ class TestAuthenticationPolicy(ERP5TypeTestCase):
    # other methods (_setPassword)...
    login._setPassword('123456789-1')
    self.tic()
-    old_password2 = login.getPassword().decode()
+    old_password2 = login.getPassword()
    self.assertSameSet([old_password2, old_password1, old_password], \
                     [x.getPassword() for x in self._getPasswordEventList(login)])

    # other methods (_forceSetPassword)...
    login._forceSetPassword('123456789-2')
    self.tic()
-    old_password3 = login.getPassword().decode()
+    old_password3 = login.getPassword()
    self.assertSameSet([old_password3, old_password2, old_password1, old_password], \
                     [x.getPassword() for x in self._getPasswordEventList(login)])


    # other methods (setEncodedPassword)...
-    login.setEncodedPassword(b'123456789-3')
+    login.setEncodedPassword('123456789-3')
    self.tic()
-    old_password4 = login.getPassword().decode()
+    old_password4 = login.getPassword()
    self.assertSameSet([old_password4, old_password3, old_password2, old_password1, old_password], \
                     [x.getPassword() for x in self._getPasswordEventList(login)])

    # other methods (edit)...
-    login.edit(password = '123456789-4')
+    login.edit(password='123456789-4')
    self.tic()
-    old_password5 = login.getPassword().decode()
+    old_password5 = login.getPassword()
    self.assertSameSet([old_password5, old_password4, old_password3, old_password2, old_password1, old_password], \
                     [x.getPassword() for x in self._getPasswordEventList(login)])


--- a/bt5/erp5_base/MixinTemplateItem/portal_components/mixin.erp5.EncryptedPasswordMixin.py
+++ b/bt5/erp5_base/MixinTemplateItem/portal_components/mixin.erp5.EncryptedPasswordMixin.py
@@ -36,10 +36,12 @@ from Acquisition import aq_base
 from Products.ERP5Type import Permissions
 from erp5.component.interface.IEncryptedPassword import IEncryptedPassword
 from Products.ERP5Type.Globals import PersistentMapping
+from Products.ERP5Type.Utils import bytes2str
 from Products.CMFCore.utils import _checkPermission
 from Products.CMFCore.exceptions import AccessControl_Unauthorized
 from six import string_types as basestring

+
 @zope.interface.implementer(IEncryptedPassword,)
 class EncryptedPasswordMixin(object):
  """Encrypted Password Mixin
@@ -82,8 +84,6 @@ class EncryptedPasswordMixin(object):
      value,
      format='default',  # pylint: disable=redefined-builtin
  ):
-    if value is not None and not isinstance(value, bytes):
-      value = value.encode()
    password = getattr(aq_base(self), 'password', None)
    if password is None or isinstance(password, basestring):
      password = self.password = PersistentMapping()
@@ -105,7 +105,7 @@ class EncryptedPasswordMixin(object):
    # workflows on this method.
    self.password = PersistentMapping()
    if value:
-      self._setEncodedPassword(pw_encrypt(value))
+      self._setEncodedPassword(bytes2str(pw_encrypt(value)))

  def _setPassword(self, value):
    self.checkPasswordValueAcceptable(value)

--- a/bt5/erp5_credential/SkinTemplateItem/portal_skins/erp5_credential/CredentialRequest_createPersonAndAssignment.py
+++ b/bt5/erp5_credential/SkinTemplateItem/portal_skins/erp5_credential/CredentialRequest_createPersonAndAssignment.py
@@ -35,7 +35,7 @@ for portal_type in related_portal_type:
 context.CredentialRequest_updateLocalRolesOnSecurityGroups()

 if password is not None:
-  if password.startswith(b'{SSHA}'):
+  if password.startswith('{SSHA}'):
    #password is encoded, set it to None to script witch send the password to user
    password = None
 # Send notification in activities

--- a/bt5/erp5_dms_ui_test/SkinTemplateItem/portal_skins/erp5_dms_ui_test/PDF_getContentPassword.py
+++ b/bt5/erp5_dms_ui_test/SkinTemplateItem/portal_skins/erp5_dms_ui_test/PDF_getContentPassword.py
-# type: () -> bytes
+# type: () -> str
 if context.getId() == 'test_ERP5_Logo_Encrypted_PDF':
  return 'secret'
 return context.skinSuper('erp5_dms_ui_test', 'PDF_getContentPassword')(REQUEST=REQUEST)