[koha-commits] main Koha release repository branch master updated. v3.16.00-111-gcb878c3
Git repo owner
gitmaster at git.koha-community.org
Sat Jun 21 01:45:58 CEST 2014
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "main Koha release repository".
The branch, master has been updated
via cb878c35a1a3d5e57cf6996732f849e738ba26ad (commit)
via 58766535b4e712e2164f0da5ecc5aab706b9f49a (commit)
via bf1819a0acf086b77cfc0400d7415074b63c8baf (commit)
from 91dae88abbe08b4e873cea9a6d6adb490dad12f1 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit cb878c35a1a3d5e57cf6996732f849e738ba26ad
Author: Bernardo Gonzalez Kriegel <bgkriegel at gmail.com>
Date: Mon Jun 16 13:42:26 2014 -0300
Bug 12226 - A user with the database username/userid can access staff with full permissions
This patch implements 2 suggestions on comment #3
- Prevents creation of a new user with same userid
of database user
- When checking password, if userid matches database user,
only check against pass on config file
To test:
1. Create a new user with same login as database user
any password different from real db user
2. Check that you can login on staff using this user/pass
and you are superlibrarian
3. Apply the patch
4. Login again using new pass, it must fail
5. Login again using db pass, you are now superuser,
but system does not warn you :( No problem, that's
for having one borrower with that login
6. Delete user with same login as db user
7. Try to create one again as in 1, system must return
an error of duplicate login!
8. Check for no regressions on user/pass authentication
Resubmited, has an error
Signed-off-by: Chris Cormack <chrisc at catalyst.net.nz>
Signed-off-by: Katrin Fischer <Katrin.Fischer.83 at web.de>
Passes all tests and QA script.
This works nicely and as described.
Also editing the former 'superuser' will force you to
change the userid in order to save any other change.
Signed-off-by: Tomas Cohen Arazi <tomascohen at gmail.com>
commit 58766535b4e712e2164f0da5ecc5aab706b9f49a
Author: Tomas Cohen Arazi <tomascohen at gmail.com>
Date: Fri Jun 20 21:06:08 2014 -0300
Bug 12226: (regression tests) Check_Userid should always consider the DB user not unique
Some improvements on t/db_dependent/Members.t and specifically regression
tests for bug 12226
Regards
To+
Signed-off-by: Tomas Cohen Arazi <tomascohen at gmail.com>
commit bf1819a0acf086b77cfc0400d7415074b63c8baf
Author: Katrin Fischer <Katrin.Fischer.83 at web.de>
Date: Thu Jun 19 17:39:56 2014 +0200
Bug 12454: Can't add new patron categories
To test:
- Add a new patron category
- After saving, the new patron category won't show up in the list
- Apply patch
- Try to add a new patron category again
- It should now save correctly and show up in the list of patron
categories.
Signed-off-by: Owen Leonard <oleonard at myacpl.org>
Signed-off-by: Jonathan Druart <jonathan.druart at biblibre.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen at gmail.com>
-----------------------------------------------------------------------
Summary of changes:
C4/Auth.pm | 19 +++++++++------
C4/Members.pm | 3 ++-
admin/categorie.pl | 2 +-
t/db_dependent/Members.t | 61 ++++++++++++++++++++++++++++++++++++++++------
4 files changed, 68 insertions(+), 17 deletions(-)
hooks/post-receive
--
main Koha release repository
More information about the koha-commits
mailing list