Skip to content

erp5
erp5
Commit abc46ef5 authored by Kazuhiko Shiozaki's avatar Kazuhiko Shiozaki
Browse files
Options

ERP5Security: empty password is not allowed.

parent 6467c1f3
Hide whitespace changes
Inline Side-by-side
Showing with 2 additions and 2 deletions
product/ERP5Security/ERP5UserManager.py
View file @ abc46ef5
...@@ -93,10 +93,10 @@ class ERP5UserManager(BasePlugin): ...@@ -93,10 +93,10 @@ class ERP5UserManager(BasePlugin):
else: else:
return return
is_authentication_policy_enabled = self.getPortalObject().portal_preferences.isAuthenticationPolicyEnabled() is_authentication_policy_enabled = self.getPortalObject().portal_preferences.isAuthenticationPolicyEnabled()
if check_password and not pw_validate( if check_password and (not credentials.get('password') or not pw_validate(
login_value.getPassword(), login_value.getPassword(),
credentials.get('password'), credentials.get('password'),
): )):
if is_authentication_policy_enabled: if is_authentication_policy_enabled:
login_value.notifyLoginFailure() login_value.notifyLoginFailure()
return return
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment
GitLab Nexedi Edition | About GitLab | About Nexedi | 沪ICP备2021021310号-2 | 沪ICP备2021021310号-7