[Koha-bugs] [Bug 30649] Vendor EDI account passwords should be encrypted in the database

Tue Nov 29 15:30:54 CET 2022

https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=30649

Kyle M Hall <kyle at bywatersolutions.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
 Attachment #144323|0                           |1
        is obsolete|                            |

--- Comment #30 from Kyle M Hall <kyle at bywatersolutions.com> ---
Created attachment 144324
  -->
https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=144324&action=edit
Bug 30649: Vendor EDI account passwords should be encrypted in the database

We are storing edi vendor acccount passwords in clear text in the
database. Now that Koha has the Koha::Encryption module, we should
use that to encrypt passwords for all existing and new EDI accounts.

Test Plan:
1) Apply this patch
2) Create one or more EDI vendor accounts
3) Run a report to view the account passwords, note they are in clear
   text
4) Run updatedatabase.pl
5) Re-run the report, account passwords should be encrypted now
6) Edit a vendor EDI account, note you can still view and update the
   password for an account

Signed-off-by: David Nind <david at davidnind.com>
Signed-off-by: Martin Renvoize <martin.renvoize at ptfs-europe.com>

-- 
You are receiving this mail because:
You are watching all bug changes.