Commit b76809da authored by Jérome Perrin's avatar Jérome Perrin

base/credential: fix password type ( use str )

parent 540a14cf
......@@ -228,13 +228,13 @@ class TestAuthenticationPolicy(ERP5TypeTestCase):
self.tic()
# password change date should be saved as well hashed old password value
old_password = login.getPassword().decode()
old_password = login.getPassword()
self.assertSameSet([old_password], [x.getPassword() for x in self._getPasswordEventList(login)])
# .. test one more time to check history of password is saved in a list
login.setPassword('123456789')
self.tic()
old_password1 = login.getPassword().decode()
old_password1 = login.getPassword()
# password change date should be saved as well hashed old password value
self.assertSameSet([old_password1, old_password], [x.getPassword() for x in self._getPasswordEventList(login)])
......@@ -242,29 +242,29 @@ class TestAuthenticationPolicy(ERP5TypeTestCase):
# other methods (_setPassword)...
login._setPassword('123456789-1')
self.tic()
old_password2 = login.getPassword().decode()
old_password2 = login.getPassword()
self.assertSameSet([old_password2, old_password1, old_password], \
[x.getPassword() for x in self._getPasswordEventList(login)])
# other methods (_forceSetPassword)...
login._forceSetPassword('123456789-2')
self.tic()
old_password3 = login.getPassword().decode()
old_password3 = login.getPassword()
self.assertSameSet([old_password3, old_password2, old_password1, old_password], \
[x.getPassword() for x in self._getPasswordEventList(login)])
# other methods (setEncodedPassword)...
login.setEncodedPassword(b'123456789-3')
login.setEncodedPassword('123456789-3')
self.tic()
old_password4 = login.getPassword().decode()
old_password4 = login.getPassword()
self.assertSameSet([old_password4, old_password3, old_password2, old_password1, old_password], \
[x.getPassword() for x in self._getPasswordEventList(login)])
# other methods (edit)...
login.edit(password = '123456789-4')
login.edit(password='123456789-4')
self.tic()
old_password5 = login.getPassword().decode()
old_password5 = login.getPassword()
self.assertSameSet([old_password5, old_password4, old_password3, old_password2, old_password1, old_password], \
[x.getPassword() for x in self._getPasswordEventList(login)])
......
......@@ -36,10 +36,12 @@ from Acquisition import aq_base
from Products.ERP5Type import Permissions
from erp5.component.interface.IEncryptedPassword import IEncryptedPassword
from Products.ERP5Type.Globals import PersistentMapping
from Products.ERP5Type.Utils import bytes2str
from Products.CMFCore.utils import _checkPermission
from Products.CMFCore.exceptions import AccessControl_Unauthorized
from six import string_types as basestring
@zope.interface.implementer(IEncryptedPassword,)
class EncryptedPasswordMixin(object):
"""Encrypted Password Mixin
......@@ -82,8 +84,6 @@ class EncryptedPasswordMixin(object):
value,
format='default', # pylint: disable=redefined-builtin
):
if value is not None and not isinstance(value, bytes):
value = value.encode()
password = getattr(aq_base(self), 'password', None)
if password is None or isinstance(password, basestring):
password = self.password = PersistentMapping()
......@@ -105,7 +105,7 @@ class EncryptedPasswordMixin(object):
# workflows on this method.
self.password = PersistentMapping()
if value:
self._setEncodedPassword(pw_encrypt(value))
self._setEncodedPassword(bytes2str(pw_encrypt(value)))
def _setPassword(self, value):
self.checkPasswordValueAcceptable(value)
......
......@@ -35,7 +35,7 @@ for portal_type in related_portal_type:
context.CredentialRequest_updateLocalRolesOnSecurityGroups()
if password is not None:
if password.startswith(b'{SSHA}'):
if password.startswith('{SSHA}'):
#password is encoded, set it to None to script witch send the password to user
password = None
# Send notification in activities
......
# type: () -> bytes
# type: () -> str
if context.getId() == 'test_ERP5_Logo_Encrypted_PDF':
return 'secret'
return context.skinSuper('erp5_dms_ui_test', 'PDF_getContentPassword')(REQUEST=REQUEST)
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment