odoo
/
odoo
2
0
Fork 0
Code Pull Requests Releases Activity

[FIX] res_user.change_password: warn about empty passwords (needs context for translations) 

bzr revid: odo@openerp.com-20110107093929-2ezai2gwx8hdyfuc
This commit is contained in:
Olivier Dony 2011-01-07 10:39:29 +01:00
parent 925afa15cd
commit 95930221b6
1 changed files with 4 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
bin/addons/base/res/res_user.py
View File

@ -490,7 +490,7 @@ class users(osv.osv):
finally: finally:
cr.close() cr.close()
def change_password(self, cr, uid, old_passwd, new_passwd): def change_password(self, cr, uid, old_passwd, new_passwd, context=None):
"""Change current user password. Old password must be provided explicitly """Change current user password. Old password must be provided explicitly
to prevent hijacking an existing user session, or for cases where the cleartext to prevent hijacking an existing user session, or for cases where the cleartext
password is not used to authenticate requests. password is not used to authenticate requests.
@ -498,9 +498,9 @@ class users(osv.osv):
:return: True :return: True
:raise: security.ExceptionNoTb when old password is wrong :raise: security.ExceptionNoTb when old password is wrong
""" """
if self.check(cr.dbname, uid, old_passwd): if new_passwd and self.check(cr.dbname, uid, old_passwd):
self.write(cr, uid, uid, {'password': new_passwd}) return self.write(cr, uid, uid, {'password': new_passwd})
return True raise osv.except_osv(_('Warning!'), _("Setting empty passwords is not allowed for security reasons!"))
users() users()