[Bug 33832] New: Can't change a patron's username without entering passwords
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=33832 Bug ID: 33832 Summary: Can't change a patron's username without entering passwords Change sponsored?: --- Product: Koha Version: master Hardware: All OS: All Status: NEW Severity: major Priority: P5 - low Component: Patrons Assignee: koha-bugs@lists.koha-community.org Reporter: oleonard@myacpl.org QA Contact: testopia@bugs.koha-community.org CC: gmcharlt@gmail.com, kyle.m.hall@gmail.com In the staff interface, on the "Change password" page, it's not possible to update a patron's username without also entering password information. This is contrary to the help text, "Leave the field blank to leave password unchanged." As far as I can tell this bug goes back to at least 21.05.x -- You are receiving this mail because: You are the assignee for the bug. You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=33832 Sam Lau <samalau@gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |samalau@gmail.com --- Comment #1 from Sam Lau <samalau@gmail.com> --- It kind of makes sense that it behaves this way because it is on the "Change Password" page and not a page designed for just changing the username. The text at the bottom is just counterintuitive in my opinion. -- You are receiving this mail because: You are the assignee for the bug. You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=33832 David Cook <dcook@prosentient.com.au> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |dcook@prosentient.com.au --- Comment #2 from David Cook <dcook@prosentient.com.au> --- Should we perhaps change this script so that it just changes the password and doesn't affect the username? -- You are receiving this mail because: You are the assignee for the bug. You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=33832 Sally <sally.healey@cheshiresharedservices.gov.uk> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |sally.healey@cheshireshared | |services.gov.uk --- Comment #3 from Sally <sally.healey@cheshiresharedservices.gov.uk> --- (In reply to David Cook from comment #2)
Should we perhaps change this script so that it just changes the password and doesn't affect the username?
We use the change username functionality; it'd be a shame to lose this. -- You are receiving this mail because: You are the assignee for the bug. You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=33832 Brendan Lawlor <blawlor@clamsnet.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |Needs Signoff Patch complexity|--- |Small patch -- You are receiving this mail because: You are the assignee for the bug. You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=33832 --- Comment #4 from Brendan Lawlor <blawlor@clamsnet.org> --- Created attachment 164506 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=164506&action=edit Bug 33832: Allow updating username without changing password on member-password.pl This patch updates the change password page on the staff interface to allow for changing the patron's username without changing the password. If the new password is an empty string we can skip setting the patron's password and sending the new password to the template. -- You are receiving this mail because: You are watching all bug changes. You are the assignee for the bug.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=33832 Brendan Lawlor <blawlor@clamsnet.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Assignee|koha-bugs@lists.koha-commun |blawlor@clamsnet.org |ity.org | CC| |blawlor@clamsnet.org -- You are receiving this mail because: You are watching all bug changes. You are the assignee for the bug.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=33832 Brendan Lawlor <blawlor@clamsnet.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #164506|0 |1 is obsolete| | --- Comment #5 from Brendan Lawlor <blawlor@clamsnet.org> --- Created attachment 164507 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=164507&action=edit Bug 33832: Allow updating username without changing password on member-password.pl This patch updates the change password page on the staff interface to allow for changing the patron's username without changing the password. If the new password is an empty string we can skip setting the patron's password and sending the new password to the template. Test plan: 1. From a patron record tool bar click 'Change password' 2. Notice that if you try to change the user's name without also changing the password the page just reloads and nothing happens 3. Apply patch and restart_all 4. From the patron record click 'Change password' again 5. Set the user's new username and password eg. '1234Abc' and click 'Save' 6. Confirm that you can log in to the OPAC with the user 7. Return to the patron record and click 'Change password' again 8. This time change just the 'New username field' and click 'Save' 6. Notice that the username is updated 7. Confirm you can log into the OPAC with the new username and the original password '1234Abcd' 8. Make sure that the change password form still validates passwords for length and matching errors etc -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=33832 ByWater Sandboxes <bws.sandboxes@gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #164507|0 |1 is obsolete| | --- Comment #6 from ByWater Sandboxes <bws.sandboxes@gmail.com> --- Created attachment 164522 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=164522&action=edit Bug 33832: Allow updating username without changing password on member-password.pl This patch updates the change password page on the staff interface to allow for changing the patron's username without changing the password. If the new password is an empty string we can skip setting the patron's password and sending the new password to the template. Test plan: 1. From a patron record tool bar click 'Change password' 2. Notice that if you try to change the user's name without also changing the password the page just reloads and nothing happens 3. Apply patch and restart_all 4. From the patron record click 'Change password' again 5. Set the user's new username and password eg. '1234Abc' and click 'Save' 6. Confirm that you can log in to the OPAC with the user 7. Return to the patron record and click 'Change password' again 8. This time change just the 'New username field' and click 'Save' 6. Notice that the username is updated 7. Confirm you can log into the OPAC with the new username and the original password '1234Abcd' 8. Make sure that the change password form still validates passwords for length and matching errors etc Signed-off-by: Esther <esther@bywatersolutions.com> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=33832 Esther Melander <esther.melander@bywatersolutions.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |esther.melander@bywatersolu | |tions.com Status|Needs Signoff |Signed Off -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=33832 Marcel de Rooy <m.de.rooy@rijksmuseum.nl> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |m.de.rooy@rijksmuseum.nl Status|Signed Off |Failed QA --- Comment #7 from Marcel de Rooy <m.de.rooy@rijksmuseum.nl> --- Seeing this: if ( $op eq 'cud-update' && $newpassword.defined and not @errors ) { What is $newpassword.defined ?? Wondering why perl does compile that? Please explain. -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=33832 --- Comment #8 from David Cook <dcook@prosentient.com.au> --- (In reply to Marcel de Rooy from comment #7)
Seeing this: if ( $op eq 'cud-update' && $newpassword.defined and not @errors ) {
What is $newpassword.defined ?? Wondering why perl does compile that? Please explain.
It looks like a copy/paste error from the template toolkit where scalar values can have methods. It looks like Perl compiles it because "." is used to concatenate things together. It looks like $newpassword.defined is equivalent to $newpassword . defined $_ "Returns a Boolean value telling whether EXPR has a value other than the undefined value undef. If EXPR is not present, $_ is checked." https://perldoc.perl.org/functions/defined Yikes! -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=33832 --- Comment #9 from David Cook <dcook@prosentient.com.au> --- Although I think using "defined" at all in this context is probably wrong anyways. -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=33832 --- Comment #10 from Marcel de Rooy <m.de.rooy@rijksmuseum.nl> --- (In reply to David Cook from comment #8)
It looks like $newpassword.defined is equivalent to $newpassword . defined $_
Ah yes that sounds like it. -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=33832 --- Comment #11 from David Cook <dcook@prosentient.com.au> --- (In reply to Marcel de Rooy from comment #10)
(In reply to David Cook from comment #8)
It looks like $newpassword.defined is equivalent to $newpassword . defined $_
Ah yes that sounds like it.
Good catch though. When I first looked at it, I couldn't believe what I was seeing. Thought I was looking at some Ruby missing the question mark... -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=33832 --- Comment #12 from Brendan Lawlor <blawlor@clamsnet.org> --- (In reply to David Cook from comment #8)
(In reply to Marcel de Rooy from comment #7)
Seeing this: if ( $op eq 'cud-update' && $newpassword.defined and not @errors ) {
What is $newpassword.defined ?? Wondering why perl does compile that? Please explain.
It looks like a copy/paste error from the template toolkit where scalar values can have methods.
I'm new to Perl and mixed up this syntax from template tool kit. I think it should have been written as defined($newpassword) The idea of this patch is that if the user does not fill the form with both 'New password' and 'Confirm new password' then there's no need to check and set the password. I think this patch is close but needs another try. -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=33832 --- Comment #13 from Owen Leonard <oleonard@myacpl.org> --- It looks like the change to the template is not necessary and is causing JS errors in the browser console. Including the password-checking JS doesn't seem to cause a problem whether or not the password is being updated. -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=33832 Brendan Lawlor <blawlor@clamsnet.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|Failed QA |Needs Signoff -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=33832 Brendan Lawlor <blawlor@clamsnet.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #164522|0 |1 is obsolete| | --- Comment #14 from Brendan Lawlor <blawlor@clamsnet.org> --- Created attachment 164856 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=164856&action=edit Bug 33832: Allow updating username without changing password on member-password.pl This patch updates the change password page on the staff interface to allow for changing the patron's username without changing the password. If the new password is an empty string we can skip setting the patron's password and sending the new password to the template. Test plan: 1. From a patron record tool bar click 'Change password' 2. Notice that if you try to change the user's name without also changing the password the page just reloads and nothing happens 3. Apply patch and restart_all 4. From the patron record click 'Change password' again 5. Set the user's new username and password eg. '1234Abc' and click 'Save' 6. Confirm that you can log in to the OPAC with the user 7. Return to the patron record and click 'Change password' again 8. This time change just the 'New username field' and click 'Save' 6. Notice that the username is updated 7. Confirm you can log into the OPAC with the new username and the original password '1234Abcd' 8. Make sure that the change password form still validates passwords for length and matching errors etc -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=33832 --- Comment #15 from Brendan Lawlor <blawlor@clamsnet.org> --- (In reply to Owen Leonard from comment #13)
It looks like the change to the template is not necessary and is causing JS errors in the browser console. Including the password-checking JS doesn't seem to cause a problem whether or not the password is being updated.
Thanks for checking, Owen. I removed the change to the template. I also changed the Perl that I had mixed up with template toolkit syntax to check defined($newpassword). The reason we have to check if the new password is defined is because if the user leaves the input blank, the Perl script gets the param as an empty string. If you check the value of the empty string it evaluates to false. -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=33832 Owen Leonard <oleonard@myacpl.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|Needs Signoff |Signed Off -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=33832 Owen Leonard <oleonard@myacpl.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #164856|0 |1 is obsolete| | --- Comment #16 from Owen Leonard <oleonard@myacpl.org> --- Created attachment 164858 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=164858&action=edit Bug 33832: Allow updating username without changing password on member-password.pl This patch updates the change password page on the staff interface to allow for changing the patron's username without changing the password. If the new password is an empty string we can skip setting the patron's password and sending the new password to the template. Test plan: 1. From a patron record tool bar click 'Change password' 2. Notice that if you try to change the user's name without also changing the password the page just reloads and nothing happens 3. Apply patch and restart_all 4. From the patron record click 'Change password' again 5. Set the user's new username and password eg. '1234Abc' and click 'Save' 6. Confirm that you can log in to the OPAC with the user 7. Return to the patron record and click 'Change password' again 8. This time change just the 'New username field' and click 'Save' 6. Notice that the username is updated 7. Confirm you can log into the OPAC with the new username and the original password '1234Abcd' 8. Make sure that the change password form still validates passwords for length and matching errors etc Signed-off-by: Owen Leonard <oleonard@myacpl.org> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=33832 Martin Renvoize <martin.renvoize@ptfs-europe.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #164858|0 |1 is obsolete| | --- Comment #17 from Martin Renvoize <martin.renvoize@ptfs-europe.com> --- Created attachment 164987 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=164987&action=edit Bug 33832: Allow updating username without changing password on member-password.pl This patch updates the change password page on the staff interface to allow for changing the patron's username without changing the password. If the new password is an empty string we can skip setting the patron's password and sending the new password to the template. Test plan: 1. From a patron record tool bar click 'Change password' 2. Notice that if you try to change the user's name without also changing the password the page just reloads and nothing happens 3. Apply patch and restart_all 4. From the patron record click 'Change password' again 5. Set the user's new username and password eg. '1234Abc' and click 'Save' 6. Confirm that you can log in to the OPAC with the user 7. Return to the patron record and click 'Change password' again 8. This time change just the 'New username field' and click 'Save' 6. Notice that the username is updated 7. Confirm you can log into the OPAC with the new username and the original password '1234Abcd' 8. Make sure that the change password form still validates passwords for length and matching errors etc Signed-off-by: Owen Leonard <oleonard@myacpl.org> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=33832 Martin Renvoize <martin.renvoize@ptfs-europe.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |martin.renvoize@ptfs-europe | |.com Status|Signed Off |Passed QA QA Contact|testopia@bugs.koha-communit |martin.renvoize@ptfs-europe |y.org |.com --- Comment #18 from Martin Renvoize <martin.renvoize@ptfs-europe.com> --- Clear code, QA scripts happy, resolves the issue.. Passing QA, thanks Brendan. -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=33832 Katrin Fischer <katrin.fischer@bsz-bw.de> changed: What |Removed |Added ---------------------------------------------------------------------------- Version(s)| |24.05.00 released in| | Status|Passed QA |Pushed to master -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=33832 --- Comment #19 from Katrin Fischer <katrin.fischer@bsz-bw.de> --- Pushed for 24.05! Well done everyone, thank you! -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=33832 Fridolin Somers <fridolin.somers@biblibre.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|Pushed to main |Pushed to stable Version(s)|24.05.00 |24.05.00,23.11.06 released in| | CC| |fridolin.somers@biblibre.co | |m --- Comment #20 from Fridolin Somers <fridolin.somers@biblibre.com> --- Pushed to 23.11.x for 23.11.06 -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=33832 --- Comment #21 from Fridolin Somers <fridolin.somers@biblibre.com> --- I think we should add an error when login is empty saying one can not remove login here. NB it allows 0 has password but not as login ;) -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=33832 Lucas Gass <lucas@bywatersolutions.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|Pushed to stable |Pushed to oldstable Version(s)|24.05.00,23.11.06 |24.05.00,23.11.06,23.05.12 released in| | CC| |lucas@bywatersolutions.com --- Comment #22 from Lucas Gass <lucas@bywatersolutions.com> --- Backported to 23.05.x for upcoming 23.05.12 -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=33832 Martin Renvoize <martin.renvoize@ptfs-europe.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC|martin.renvoize@ptfs-europe | |.com | -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=33832 Wainui Witika-Park <wainuiwitikapark@catalyst.net.nz> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |wainuiwitikapark@catalyst.n | |et.nz Status|Pushed to oldstable |RESOLVED Resolution|--- |FIXED --- Comment #23 from Wainui Witika-Park <wainuiwitikapark@catalyst.net.nz> --- Not backporting to 22.11 unless requested -- You are receiving this mail because: You are watching all bug changes.
participants (1)
-
bugzilla-daemon@bugs.koha-community.org