[Bug 23473] New: Allow passwords to be imported/overwritten using the patron import tool
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=23473 Bug ID: 23473 Summary: Allow passwords to be imported/overwritten using the patron import tool Change sponsored?: --- Product: Koha Version: master Hardware: All OS: All Status: NEW Severity: enhancement Priority: P5 - low Component: Command-line Utilities Assignee: koha-bugs@lists.koha-community.org Reporter: wizzyrea@gmail.com QA Contact: testopia@bugs.koha-community.org CC: robin@catalyst.net.nz Scenario: A library would like to import/overwrite all patrons with their passwords from another centralised system. Currently they cannot do this and overwrite the passwords, because Koha assumes that the passwords are coming in already hashed and thus should not be overwritten. It would be good to optionally allow the UI patron import tool and command line importer to overwrite user passwords. Personal note: I want to make it clear that I am personally aware of the user experience ramifications of unexpectedly changing a password on a user - it's not a nice thing to do to users. I know that there could be situations where the user has changed the password, or requested such a change, and then that user's explicit choice gets overwritten by this process. This bug is only meant to allow functionality that libraries are currently, or have in the past, done. This feature should 100% be optional, by tickbox in the UI and flag on the command line importer. -- You are receiving this mail because: You are watching all bug changes. You are the assignee for the bug.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=23473 Nick Clemens <nick@bywatersolutions.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |Needs Signoff Patch complexity|--- |Trivial patch -- You are receiving this mail because: You are the assignee for the bug. You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=23473 --- Comment #1 from Nick Clemens <nick@bywatersolutions.com> --- Created attachment 92352 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=92352&action=edit Bug 23473: Allow overwrite of passwords during import To test: 1 - Have some patrons in your system 2 - Export some of their info via reports SELECT cardnumber, userid, surname, firstname, password, branchcode, categorycode 3 - Edit the file from above, changing all the password lines 4 - Import the file with overwrite 5 - Confirm passwords have not changed (run the report again and confirm the hashes are the same) 6 - Apply patch 7 - Restart all the things 8 - Check the new box on import screen to overwrite passwrods 9 - Import file again 10 - Confirm passwords have changed 11 - Signin using new password to verify the hash is the password as supplied 12 - Repeat via commandline import supplying --overwrite_passwords option 13 - Verify works as expected 14 - Prove -v t/db_dependent/Koha/Patrons/Import.t -- You are receiving this mail because: You are the assignee for the bug. You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=23473 Nick Clemens <nick@bywatersolutions.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Assignee|koha-bugs@lists.koha-commun |nick@bywatersolutions.com |ity.org | CC| |nick@bywatersolutions.com -- You are receiving this mail because: You are watching all bug changes. You are the assignee for the bug.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=23473 Liz Rea <wizzyrea@gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|Needs Signoff |Signed Off -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=23473 Liz Rea <wizzyrea@gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #92352|0 |1 is obsolete| | --- Comment #2 from Liz Rea <wizzyrea@gmail.com> --- Created attachment 93073 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=93073&action=edit Bug 23473: Allow overwrite of passwords during import To test: 1 - Have some patrons in your system 2 - Export some of their info via reports SELECT cardnumber, userid, surname, firstname, password, branchcode, categorycode 3 - Edit the file from above, changing all the password lines 4 - Import the file with overwrite 5 - Confirm passwords have not changed (run the report again and confirm the hashes are the same) 6 - Apply patch 7 - Restart all the things 8 - Check the new box on import screen to overwrite passwrods 9 - Import file again 10 - Confirm passwords have changed 11 - Signin using new password to verify the hash is the password as supplied 12 - Repeat via commandline import supplying --overwrite_passwords option 13 - Verify works as expected 14 - Prove -v t/db_dependent/Koha/Patrons/Import.t Signed-off-by: Ron Marion <ron.marion@goddard.edu> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=23473 Liz Rea <wizzyrea@gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #93073|0 |1 is obsolete| | --- Comment #3 from Liz Rea <wizzyrea@gmail.com> --- Created attachment 93074 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=93074&action=edit Bug 23473: Allow overwrite of passwords during import To test: 1 - Have some patrons in your system 2 - Export some of their info via reports SELECT cardnumber, userid, surname, firstname, password, branchcode, categorycode 3 - Edit the file from above, changing all the password lines 4 - Import the file with overwrite 5 - Confirm passwords have not changed (run the report again and confirm the hashes are the same) 6 - Apply patch 7 - Restart all the things 8 - Check the new box on import screen to overwrite passwrods 9 - Import file again 10 - Confirm passwords have changed 11 - Signin using new password to verify the hash is the password as supplied 12 - Repeat via commandline import supplying --overwrite_passwords option 13 - Verify works as expected 14 - Prove -v t/db_dependent/Koha/Patrons/Import.t Sponsored-by: ByWater Solutions Signed-off-by: Ron Marion <ron.marion@goddard.edu> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=23473 Katrin Fischer <katrin.fischer@bsz-bw.de> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |katrin.fischer@bsz-bw.de Status|Signed Off |Failed QA --- Comment #4 from Katrin Fischer <katrin.fischer@bsz-bw.de> --- I am sorry, tests are not looking good on this one for me: Processing additional checks OK! kohadev-koha@kohadevbox:/home/vagrant/kohaclone$ prove t/db_dependent/Koha/Patrons/Import.t t/db_dependent/Koha/Patrons/Import.t .. 9/158 Argument "" isn't numeric in numeric eq (==) at /usr/share/perl5/DBIx/Class/Row.pm line 1018, <$handle_3a> line 2. Argument "" isn't numeric in numeric eq (==) at /usr/share/perl5/DBIx/Class/Row.pm line 1018, <$handle_3a> line 2. Argument "" isn't numeric in numeric eq (==) at /usr/share/perl5/DBIx/Class/Row.pm line 1018, <$handle_3a> line 2. Argument "" isn't numeric in numeric eq (==) at /usr/share/perl5/DBIx/Class/Row.pm line 1018. Argument "" isn't numeric in numeric eq (==) at /usr/share/perl5/DBIx/Class/Row.pm line 1018. Argument "" isn't numeric in numeric eq (==) at /usr/share/perl5/DBIx/Class/Row.pm line 1018. Argument "" isn't numeric in numeric eq (==) at /usr/share/perl5/DBIx/Class/Row.pm line 1018, <$handle_2> line 2. Argument "" isn't numeric in numeric eq (==) at /usr/share/perl5/DBIx/Class/Row.pm line 1018, <$handle_2> line 2. Argument "" isn't numeric in numeric eq (==) at /usr/share/perl5/DBIx/Class/Row.pm line 1018, <$handle_2> line 2. Argument "" isn't numeric in numeric eq (==) at /usr/share/perl5/DBIx/Class/Row.pm line 1018. Argument "" isn't numeric in numeric eq (==) at /usr/share/perl5/DBIx/Class/Row.pm line 1018. Argument "" isn't numeric in numeric eq (==) at /usr/share/perl5/DBIx/Class/Row.pm line 1018. # Looks like you planned 4 tests but ran 2. # Failed test 'test_import_with_password_overwrite' # at t/db_dependent/Koha/Patrons/Import.t line 468. [Password is too weak]# Looks like your test exited with 255 just after 151. t/db_dependent/Koha/Patrons/Import.t .. Dubious, test returned 255 (wstat 65280, 0xff00) Failed 8/158 subtests Test Summary Report ------------------- t/db_dependent/Koha/Patrons/Import.t (Wstat: 65280 Tests: 151 Failed: 1) Failed test: 151 Non-zero exit status: 255 Parse errors: Bad plan. You planned 158 tests but ran 151. -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=23473 Nick Clemens <nick@bywatersolutions.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|Failed QA |Signed Off -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=23473 --- Comment #5 from Nick Clemens <nick@bywatersolutions.com> --- Created attachment 93594 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=93594&action=edit Bug 23473: (follow-up) Make passwords 'secure' for tests -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=23473 Katrin Fischer <katrin.fischer@bsz-bw.de> changed: What |Removed |Added ---------------------------------------------------------------------------- Component|Command-line Utilities |Tools -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=23473 Katrin Fischer <katrin.fischer@bsz-bw.de> changed: What |Removed |Added ---------------------------------------------------------------------------- QA Contact|testopia@bugs.koha-communit |katrin.fischer@bsz-bw.de |y.org | -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=23473 Katrin Fischer <katrin.fischer@bsz-bw.de> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|Signed Off |Failed QA --- Comment #6 from Katrin Fischer <katrin.fischer@bsz-bw.de> --- No matter if the checkbox is checked or not, the password is overwritten. -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=23473 Nick Clemens <nick@bywatersolutions.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|Failed QA |Signed Off -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=23473 --- Comment #7 from Nick Clemens <nick@bywatersolutions.com> --- Created attachment 94822 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=94822&action=edit Bug 23473: (follow-up) check if overwrite_passwords is set -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=23473 Martin Renvoize <martin.renvoize@ptfs-europe.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Keywords| |rel_19_11_candidate CC| |martin.renvoize@ptfs-europe | |.com -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=23473 Marcel de Rooy <m.de.rooy@rijksmuseum.nl> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |m.de.rooy@rijksmuseum.nl --- Comment #8 from Marcel de Rooy <m.de.rooy@rijksmuseum.nl> --- diff --git a/Koha/Patron.pm b/Koha/Patron.pm index 8e501fcfb1..787713524e 100644 --- a/Koha/Patron.pm +++ b/Koha/Patron.pm @@ -250,7 +250,6 @@ sub store { # Make a copy of the plain text password for later use $self->plain_text_password( $self->password ); - Please remove that one from your patch. No need to. -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=23473 --- Comment #9 from Marcel de Rooy <m.de.rooy@rijksmuseum.nl> --- + if ($overwrite_passwords){ + $patron->set_password({ password => $borrower{password} }); + } set_password may throw several exceptions, we should do some checking here -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=23473 Marcel de Rooy <m.de.rooy@rijksmuseum.nl> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|Signed Off |Failed QA -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=23473 --- Comment #10 from Martin Renvoize <martin.renvoize@ptfs-europe.com> --- *** Bug 23733 has been marked as a duplicate of this bug. *** -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=23473 Martin Renvoize <martin.renvoize@ptfs-europe.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Severity|enhancement |major -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=23473 --- Comment #11 from Martin Renvoize <martin.renvoize@ptfs-europe.com> --- Escalating to Major as this appears to be a regression rather than an enhancement as highlighted by bug 23733. -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=23473 --- Comment #12 from Katrin Fischer <katrin.fischer@bsz-bw.de> --- (In reply to Martin Renvoize from comment #11)
Escalating to Major as this appears to be a regression rather than an enhancement as highlighted by bug 23733.
I just restested bug 23733 and all seems well - should we downgrade again? -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=23473 Nick Clemens <nick@bywatersolutions.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|Failed QA |Signed Off -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=23473 Nick Clemens <nick@bywatersolutions.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #93074|0 |1 is obsolete| | Attachment #93594|0 |1 is obsolete| | Attachment #94822|0 |1 is obsolete| | --- Comment #13 from Nick Clemens <nick@bywatersolutions.com> --- Created attachment 95049 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=95049&action=edit Bug 23473: Allow overwrite of passwords during import To test: 1 - Have some patrons in your system 2 - Export some of their info via reports SELECT cardnumber, userid, surname, firstname, password, branchcode, categorycode 3 - Edit the file from above, changing all the password lines 4 - Import the file with overwrite 5 - Confirm passwords have not changed (run the report again and confirm the hashes are the same) 6 - Apply patch 7 - Restart all the things 8 - Check the new box on import screen to overwrite passwrods 9 - Import file again 10 - Confirm passwords have changed 11 - Signin using new password to verify the hash is the password as supplied 12 - Repeat via commandline import supplying --overwrite_passwords option 13 - Verify works as expected 14 - Prove -v t/db_dependent/Koha/Patrons/Import.t Sponsored-by: ByWater Solutions Signed-off-by: Ron Marion <ron.marion@goddard.edu> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=23473 --- Comment #14 from Nick Clemens <nick@bywatersolutions.com> --- Created attachment 95050 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=95050&action=edit Bug 23473: (follow-up) Make passwords 'secure' for tests -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=23473 --- Comment #15 from Nick Clemens <nick@bywatersolutions.com> --- Created attachment 95051 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=95051&action=edit Bug 23473: (follow-up) check if overwrite_passwords is set -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=23473 --- Comment #16 from Nick Clemens <nick@bywatersolutions.com> --- Created attachment 95052 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=95052&action=edit Bug 23473: (follow-up) Catch and show password exceptions -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=23473 Martin Renvoize <martin.renvoize@ptfs-europe.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Severity|major |enhancement -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=23473 Jonathan Druart <jonathan.druart@bugs.koha-community.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|Signed Off |Failed QA CC| |jonathan.druart@bugs.koha-c | |ommunity.org --- Comment #17 from Jonathan Druart <jonathan.druart@bugs.koha-community.org> --- 1. If empty, should not we not update the password? I get a "too_weak" error. 2. You forgot to adjust the CLI script. -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=23473 Martin Renvoize <martin.renvoize@ptfs-europe.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Keywords|rel_19_11_candidate |rel_20_05_target -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=23473 Nick Clemens <nick@bywatersolutions.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|Failed QA |Signed Off -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=23473 Nick Clemens <nick@bywatersolutions.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #95049|0 |1 is obsolete| | Attachment #95050|0 |1 is obsolete| | Attachment #95051|0 |1 is obsolete| | Attachment #95052|0 |1 is obsolete| | --- Comment #18 from Nick Clemens <nick@bywatersolutions.com> --- Created attachment 96998 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=96998&action=edit Bug 23473: Allow overwrite of passwords during import To test: 1 - Have some patrons in your system 2 - Export some of their info via reports SELECT cardnumber, userid, surname, firstname, password, branchcode, categorycode 3 - Edit the file from above, changing all the password lines 4 - Import the file with overwrite 5 - Confirm passwords have not changed (run the report again and confirm the hashes are the same) 6 - Apply patch 7 - Restart all the things 8 - Check the new box on import screen to overwrite passwrods 9 - Import file again 10 - Confirm passwords have changed 11 - Signin using new password to verify the hash is the password as supplied 12 - Repeat via commandline import supplying --overwrite_passwords option 13 - Verify works as expected 14 - Prove -v t/db_dependent/Koha/Patrons/Import.t Sponsored-by: ByWater Solutions Signed-off-by: Ron Marion <ron.marion@goddard.edu> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=23473 --- Comment #19 from Nick Clemens <nick@bywatersolutions.com> --- Created attachment 96999 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=96999&action=edit Bug 23473: (follow-up) Make passwords 'secure' for tests -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=23473 --- Comment #20 from Nick Clemens <nick@bywatersolutions.com> --- Created attachment 97000 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=97000&action=edit Bug 23473: (follow-up) check if overwrite_passwords is set -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=23473 --- Comment #21 from Nick Clemens <nick@bywatersolutions.com> --- Created attachment 97001 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=97001&action=edit Bug 23473: (follow-up) Catch and show password exceptions -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=23473 --- Comment #22 from Nick Clemens <nick@bywatersolutions.com> --- Created attachment 97002 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=97002&action=edit Bug 23473: Don't allow setting blank passwords via import -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=23473 --- Comment #23 from Nick Clemens <nick@bywatersolutions.com> --- Created attachment 97003 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=97003&action=edit Bug 23473: Don't allow staff password changes for imports -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=23473 --- Comment #24 from Nick Clemens <nick@bywatersolutions.com> --- (In reply to Jonathan Druart from comment #17)
1. If empty, should not we not update the password?
I get a "too_weak" error.
Okay, cannot blank passwords now
2. You forgot to adjust the CLI script.
I don't think I did: Bug 23473: Allow overwrite of passwords during import a/misc/import_patrons.pl (+3 lines) -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=23473 Jonathan Druart <jonathan.druart@bugs.koha-community.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|Signed Off |Failed QA --- Comment #25 from Jonathan Druart <jonathan.druart@bugs.koha-community.org> --- FAIL Koha/Patrons/Import.pm FAIL forbidden patterns forbidden pattern: tab char (line 297) forbidden pattern: tab char (line 298) forbidden pattern: tab char (line 299) forbidden pattern: tab char (line 300) forbidden pattern: tab char (line 301) forbidden pattern: tab char (line 302) forbidden pattern: tab char (line 303) forbidden pattern: tab char (line 304) forbidden pattern: tab char (line 305) forbidden pattern: tab char (line 306) forbidden pattern: tab char (line 307) forbidden pattern: tab char (line 308) forbidden pattern: tab char (line 309) forbidden pattern: tab char (line 310) forbidden pattern: tab char (line 311) forbidden pattern: tab char (line 312) FAIL koha-tmpl/intranet-tmpl/prog/en/modules/tools/import_borrowers.tt FAIL filters missing_filter at line 120 ( Password is too short for patron with borrowernumber [% e.borrowernumber | html %]. Minimum length is [% e.min_length %], length is [% e.length %]) missing_filter at line 120 ( Password is too short for patron with borrowernumber [% e.borrowernumber | html %]. Minimum length is [% e.min_length %], length is [% e.length %]) OK misc/import_patrons.pl FAIL t/db_dependent/Koha/Patrons/Import.t FAIL forbidden patterns forbidden pattern: Data::Dumper::Dumper (line 494) -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=23473 Nick Clemens <nick@bywatersolutions.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|Failed QA |Signed Off -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=23473 --- Comment #26 from Nick Clemens <nick@bywatersolutions.com> --- Created attachment 98382 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=98382&action=edit Bug 23473: (follow-up) Fix QA complaints (tabs, filters, Dumper) -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=23473 Marcel de Rooy <m.de.rooy@rijksmuseum.nl> changed: What |Removed |Added ---------------------------------------------------------------------------- QA Contact|katrin.fischer@bsz-bw.de |m.de.rooy@rijksmuseum.nl Patch complexity|Trivial patch |Small patch --- Comment #27 from Marcel de Rooy <m.de.rooy@rijksmuseum.nl> --- t/db_dependent/Koha/Patrons/Import.t .. 2/159 Argument "" isn't numeric in numeric eq (==) at /usr/share/perl5/DBIx/Class/Row.pm line 1018, <$handle_3> line 2. -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=23473 Marcel de Rooy <m.de.rooy@rijksmuseum.nl> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|Signed Off |BLOCKED -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=23473 Marcel de Rooy <m.de.rooy@rijksmuseum.nl> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|BLOCKED |Passed QA -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=23473 Marcel de Rooy <m.de.rooy@rijksmuseum.nl> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #96998|0 |1 is obsolete| | --- Comment #28 from Marcel de Rooy <m.de.rooy@rijksmuseum.nl> --- Created attachment 101981 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=101981&action=edit Bug 23473: Allow overwrite of passwords during import To test: 1 - Have some patrons in your system 2 - Export some of their info via reports SELECT cardnumber, userid, surname, firstname, password, branchcode, categorycode 3 - Edit the file from above, changing all the password lines 4 - Import the file with overwrite 5 - Confirm passwords have not changed (run the report again and confirm the hashes are the same) 6 - Apply patch 7 - Restart all the things 8 - Check the new box on import screen to overwrite passwrods 9 - Import file again 10 - Confirm passwords have changed 11 - Signin using new password to verify the hash is the password as supplied 12 - Repeat via commandline import supplying --overwrite_passwords option 13 - Verify works as expected 14 - Prove -v t/db_dependent/Koha/Patrons/Import.t Sponsored-by: ByWater Solutions Signed-off-by: Ron Marion <ron.marion@goddard.edu> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=23473 Marcel de Rooy <m.de.rooy@rijksmuseum.nl> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #96999|0 |1 is obsolete| | --- Comment #29 from Marcel de Rooy <m.de.rooy@rijksmuseum.nl> --- Created attachment 101982 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=101982&action=edit Bug 23473: (follow-up) Make passwords 'secure' for tests -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=23473 Marcel de Rooy <m.de.rooy@rijksmuseum.nl> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #97000|0 |1 is obsolete| | --- Comment #30 from Marcel de Rooy <m.de.rooy@rijksmuseum.nl> --- Created attachment 101983 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=101983&action=edit Bug 23473: (follow-up) check if overwrite_passwords is set -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=23473 Marcel de Rooy <m.de.rooy@rijksmuseum.nl> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #97001|0 |1 is obsolete| | --- Comment #31 from Marcel de Rooy <m.de.rooy@rijksmuseum.nl> --- Created attachment 101984 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=101984&action=edit Bug 23473: (follow-up) Catch and show password exceptions -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=23473 Marcel de Rooy <m.de.rooy@rijksmuseum.nl> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #97002|0 |1 is obsolete| | --- Comment #32 from Marcel de Rooy <m.de.rooy@rijksmuseum.nl> --- Created attachment 101985 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=101985&action=edit Bug 23473: Don't allow setting blank passwords via import -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=23473 Marcel de Rooy <m.de.rooy@rijksmuseum.nl> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #97003|0 |1 is obsolete| | --- Comment #33 from Marcel de Rooy <m.de.rooy@rijksmuseum.nl> --- Created attachment 101986 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=101986&action=edit Bug 23473: Don't allow staff password changes for imports -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=23473 Marcel de Rooy <m.de.rooy@rijksmuseum.nl> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #98382|0 |1 is obsolete| | --- Comment #34 from Marcel de Rooy <m.de.rooy@rijksmuseum.nl> --- Created attachment 101987 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=101987&action=edit Bug 23473: (follow-up) Fix QA complaints (tabs, filters, Dumper) -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=23473 --- Comment #35 from Marcel de Rooy <m.de.rooy@rijksmuseum.nl> --- Created attachment 101988 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=101988&action=edit Bug 23473: (QA follow-up) Fix number of tests => Looks like you planned 158 tests but ran 159. -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=23473 --- Comment #36 from Marcel de Rooy <m.de.rooy@rijksmuseum.nl> --- Several smaller things. No blockers on themselves. But struggled a bit before I got everything as it should.. misc/import_patrons: overwrite_passwords not in usage Might be helpful to include a warning if someone includes passwords in the csv file but forgets the switch? Are staff lines silently ignored ? Although we skip staff, you can promote a normal user to staff when changing his categorycode. Do we want that? We can even add flags with value 1 to overwrite users to superlib. I would say that we should not do that. (This is outside the scope of this report.) Styling on tools import could be improved for password check box? @RM: I am passing QA reluctantly on the patch set, but have the feeling that patron import still needs further attention. Including some security issues. Especially overwriting a regular user with import privs with superlibrarian privs and after that taking over control is not nice. -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=23473 --- Comment #37 from Jonathan Druart <jonathan.druart@bugs.koha-community.org> --- Should not we make sure only superlibrarian is allowed to overwrite superlibrarian's passwords? Or maybe only enable the feature from the command line? -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=23473 --- Comment #38 from Jonathan Druart <jonathan.druart@bugs.koha-community.org> --- (In reply to Jonathan Druart from comment #37)
Should not we make sure only superlibrarian is allowed to overwrite superlibrarian's passwords?
Or maybe only enable the feature from the command line?
See bug 23473 for follow-up patches. -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=23473 Jonathan Druart <jonathan.druart@bugs.koha-community.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Blocks| |24375 -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=23473 --- Comment #39 from Jonathan Druart <jonathan.druart@bugs.koha-community.org> --- (In reply to Jonathan Druart from comment #37)
Should not we make sure only superlibrarian is allowed to overwrite superlibrarian's passwords?
Or maybe only enable the feature from the command line?
See bug 23473 for follow-up patches.(In reply to Jonathan Druart from comment #37)
Should not we make sure only superlibrarian is allowed to overwrite superlibrarian's passwords?
Or maybe only enable the feature from the command line?
See bug 24375 for follow-up patches. -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=23473 --- Comment #40 from Jonathan Druart <jonathan.druart@bugs.koha-community.org> --- (In reply to Jonathan Druart from comment #37)
Should not we make sure only superlibrarian is allowed to overwrite superlibrarian's passwords?
Or maybe only enable the feature from the command line?
See bug 24375 for follow-up patches. (Sorry for the noise!) -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=23473 Martin Renvoize <martin.renvoize@ptfs-europe.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Version(s)| |20.05.00 released in| | Status|Passed QA |Pushed to master -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=23473 --- Comment #41 from Martin Renvoize <martin.renvoize@ptfs-europe.com> --- Nice work everyone! Pushed to master for 20.05 -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=23473 Joy Nelson <joy@bywatersolutions.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |joy@bywatersolutions.com --- Comment #42 from Joy Nelson <joy@bywatersolutions.com> --- enhancement not backported to 19.11.x -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=23473 Martin Renvoize <martin.renvoize@ptfs-europe.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Keywords|rel_20_05_candidate | -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=23473 Katrin Fischer <katrin.fischer@bsz-bw.de> changed: What |Removed |Added ---------------------------------------------------------------------------- Text to go in the| |This adds a new checkbox to release notes| |the patron import tool that | |will allow to overwrite | |patrons' passwords with the | |password from the import | |file. -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=23473 Martin Renvoize <martin.renvoize@ptfs-europe.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Summary|Allow passwords to be |Add option to |imported/overwritten using |import/overwrite passwords |the patron import tool |when using the patron | |import tool -- You are receiving this mail because: You are watching all bug changes.
participants (1)
-
bugzilla-daemon@bugs.koha-community.org