[Bug 36449] New: Patron->store falls back to stored password when modifying patron
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=36449 Bug ID: 36449 Summary: Patron->store falls back to stored password when modifying patron Change sponsored?: --- Product: Koha Version: master Hardware: All OS: All Status: NEW Severity: normal Priority: P5 - low Component: Architecture, internals, and plumbing Assignee: koha-bugs@lists.koha-community.org Reporter: m.de.rooy@rijksmuseum.nl QA Contact: testopia@bugs.koha-community.org At some point we added this in patron->store (ModMember-labeled part): # Password must be updated using $self->set_password $self->password($self_from_storage->password); I stumbled over that requirement in a custom script updating specific patron accounts. But we do allow to set the password in the AddMember part. Which feels inconsistent at the least.. But why do we silently(!) ignore a new password here? A warn might have been handy too ;) Couldnt we just add a call to set_password in store and perhaps add a param to not explicitly save it (when coming from store) or something like that? -- You are receiving this mail because: You are the assignee for the bug. You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=36449 Marcel de Rooy <m.de.rooy@rijksmuseum.nl> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |jonathan.druart@gmail.com, | |tomascohen@gmail.com -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=36449 Jonathan Druart <jonathan.druart@gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Depends on| |21087 --- Comment #1 from Jonathan Druart <jonathan.druart@gmail.com> --- Coming from bug 21087. I don't have time right now to deep dive into this but maybe the answer is there? Referenced Bugs: https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21087 [Bug 21087] Patron's password is hashed twice when the object is saved -- You are receiving this mail because: You are watching all bug changes. You are the assignee for the bug.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=36449 --- Comment #2 from Marcel de Rooy <m.de.rooy@rijksmuseum.nl> --- (In reply to Jonathan Druart from comment #1)
Coming from bug 21087. I don't have time right now to deep dive into this but maybe the answer is there?
Ah thanks. Yes thats the one: From: Jonathan Druart <jonathan.druart@bugs.koha-community.org> Date: Wed, 25 Jul 2018 10:38:48 -0300 Subject: [PATCH] Bug 21087: Do not store the password in ->store for existing patrons When ->store is called on an existing patron we must not save the password, but keep the one in DB instead. There is a dedicated method (update_password) to call when the password need to be updated Signed-off-by: John Doe <you@example.com> Why did John Doe sign that one off? LOL It would be nice to know the reasons why we should not do it. We can always call the dedicated method from store (to perform needed checks etc).. There was no discussion about this in that report btw. -- You are receiving this mail because: You are watching all bug changes. You are the assignee for the bug.
participants (1)
-
bugzilla-daemon@bugs.koha-community.org