ERP5: fix type mismatch in encrypted_password.checkPasswordValueAcceptable

isPasswordValid returns a boolean value, so we should check it's true rather than <= 0

ERP5: fix type mismatch in encrypted_password.checkPasswordValueAcceptable
isPasswordValid returns a boolean value, so we should check it's true rather than <= 0
fc796e1f · Jérome Perrin · cb7cf28c · fc796e1f
Commit fc796e1f authored Oct 24, 2016 by Jérome Perrin
Hide whitespace changes
Inline Side-by-side

Showing with 9 additions and 6 deletions

product/ERP5/mixin/encrypted_password.py product/ERP5/mixin/encrypted_password.py +9 -6

No files found.
--- a/product/ERP5/mixin/encrypted_password.py
+++ b/product/ERP5/mixin/encrypted_password.py
@@ -57,17 +57,20 @@ class EncryptedPasswordMixin:

  security.declareProtected(Permissions.SetOwnPassword, 'checkPasswordValueAcceptable')
  def checkPasswordValueAcceptable(self, value):
-    """
-    Check the password. This method is defined explicitly, because:
+    """Check the password.
+
+    This method is defined explicitly, because we want to apply an
+    authentication policy which itself may contain explicit password rules.

-     - we want to apply an authentication policy which itself may contain explicit password rules
+    Invalid passwords are supposed to be catched earlier in the user interface
+    and reported properly to the user, this method is just to prevent wrong API
+    usage.
    """
    if not self.getPortalObject().portal_preferences.isAuthenticationPolicyEnabled():
      # not a policy so basically all passwords are accceptable
      return True
-    result = self.isPasswordValid(value)
-    if result <= 0:
-      raise ValueError, "Bad password (%s)." %result
+    if not self.isPasswordValid(value):
+      raise ValueError("Password value doest not comply with password policy")

  def checkUserCanChangePassword(self):
    if not _checkPermission(Permissions.SetOwnPassword, self):