setPassword have to do explicit security checks, because edit cannot check...

setPassword have to do explicit security checks, because edit cannot check that the new value is different from the current one. (because getPassword returns an encrypted password which is different than what the user inputs) git-svn-id: https://svn.erp5.org/repos/public/erp5/trunk@17531 20353a03-c40f-0410-a6d1-a30d3c3de9de

setPassword have to do explicit security checks, because edit cannot check...
setPassword have to do explicit security checks, because edit cannot check that the new value is different from the current one. (because getPassword returns an encrypted password which is different than what the user inputs) git-svn-id: https://svn.erp5.org/repos/public/erp5/trunk@17531 20353a03-c40f-0410-a6d1-a30d3c3de9de
7d0882ef · Jérome Perrin · 6301f5f4 · 7d0882ef · 7d0882ef
Commit 7d0882ef authored Nov 12, 2007 by Jérome Perrin
Hide whitespace changes
Inline Side-by-side

Showing with 27 additions and 3 deletions

product/ERP5/Document/Person.py product/ERP5/Document/Person.py +6 -2

product/ERP5/tests/testPerson.py product/ERP5/tests/testPerson.py +21 -1

No files found.
--- a/product/ERP5/Document/Person.py
+++ b/product/ERP5/Document/Person.py
@@ -29,6 +29,8 @@

 from AccessControl import ClassSecurityInfo
 from Products.CMFCore.utils import getToolByName
+from Products.CMFCore.utils import _checkPermission
+from Products.CMFCore.exceptions import AccessControl_Unauthorized

 #from Products.ERP5.Core.Node import Node

@@ -202,12 +204,14 @@ class Person(XMLObject):
        return pw_validate(self.getPassword(), value)
      return False
    
-    security.declareProtected(Permissions.SetOwnPassword, 'setPassword')
+    security.declarePublic('setPassword')
    def setPassword(self, value) :
      """
        Set the password, only if the password is not empty.
      """
-      if value is not None :
+      if value is not None:
+        if not _checkPermission(Permissions.SetOwnPassword, self):
+          raise AccessControl_Unauthorized('setPassword')
        self._setPassword(pw_encrypt(value))
        self.reindexObject()
    

--- a/product/ERP5/tests/testPerson.py
+++ b/product/ERP5/tests/testPerson.py
@@ -27,8 +27,12 @@
 ##############################################################################

 import unittest
-from Products.ERP5Type.tests.ERP5TypeTestCase import ERP5TypeTestCase
+
 from AccessControl.SecurityManagement import newSecurityManager
+from AccessControl import Unauthorized
+
+from Products.ERP5Type.tests.ERP5TypeTestCase import ERP5TypeTestCase
+from Products.ERP5Type import Permissions


 class TestPerson(ERP5TypeTestCase):
@@ -130,6 +134,22 @@ class TestPerson(ERP5TypeTestCase):
    self.assertEquals('first last', p.getTitleOrId())
    self.assertEquals('first last', p.title_or_id())
    
+  def testSetPasswordSecurity(self):
+    p = self._makeOne('person')
+    p.manage_permission(Permissions.SetOwnPassword, [], 0)
+    self.assertRaises(Unauthorized, p.setPassword, 'secret')
+    self.assertRaises(Unauthorized, p.edit, password='secret')
+
+    # setPassword(None) has no effect, because in the user interface we always
+    # show an empty field for password. Note that it also does not require any
+    # specific permission.
+    p.setPassword(None)
+    self.assertFalse(p.getPassword())
+
+    p.manage_permission(Permissions.SetOwnPassword, ['Anonymous'], 0)
+    p.setPassword('secret')
+    self.assertTrue(p.getPassword())
+

 def test_suite():
  suite = unittest.TestSuite()