Password encryption should be managed at _setPassword level

because Password Tool need to bypass setPassword to avoid SetOwnPassword Permission checking. git-svn-id: https://svn.erp5.org/repos/public/erp5/trunk@24611 20353a03-c40f-0410-a6d1-a30d3c3de9de

Password encryption should be managed at _setPassword level
because Password Tool need to bypass setPassword to avoid SetOwnPassword Permission checking. git-svn-id: https://svn.erp5.org/repos/public/erp5/trunk@24611 20353a03-c40f-0410-a6d1-a30d3c3de9de
83190211 · Nicolas Delaby · db4df282 · 83190211
Commit 83190211 authored Nov 17, 2008 by Nicolas Delaby
Hide whitespace changes
Inline Side-by-side

Showing with 7 additions and 1 deletion

product/ERP5/Document/Person.py product/ERP5/Document/Person.py +7 -1

No files found.
--- a/product/ERP5/Document/Person.py
+++ b/product/ERP5/Document/Person.py
@@ -192,9 +192,15 @@ class Person(XMLObject):
      if value is not None:
        if not _checkPermission(Permissions.SetOwnPassword, self):
          raise AccessControl_Unauthorized('setPassword')
-        self._setPassword(pw_encrypt(value))
+        self._setPassword(value)
        self.reindexObject()

+    def _setPassword(self, value):
+      """
+        Encrypt value
+      """
+      self._baseSetPassword(pw_encrypt(value))
+
    # Time management
    security.declareProtected(Permissions.AccessContentsInformation, 
                              'getAvailableTime')