refuse users with empty login or empty passwords

git-svn-id: https://svn.erp5.org/repos/public/erp5/trunk@8813 20353a03-c40f-0410-a6d1-a30d3c3de9de

refuse users with empty login or empty passwords
git-svn-id: https://svn.erp5.org/repos/public/erp5/trunk@8813 20353a03-c40f-0410-a6d1-a30d3c3de9de
3b730fc5 · Jérome Perrin · 368d4fad · 3b730fc5
Commit 3b730fc5 authored Jul 26, 2006 by Jérome Perrin
Hide whitespace changes
Inline Side-by-side

Showing with 3 additions and 1 deletion

product/ERP5Security/ERP5UserManager.py product/ERP5Security/ERP5UserManager.py +3 -1

No files found.
--- a/product/ERP5Security/ERP5UserManager.py
+++ b/product/ERP5Security/ERP5UserManager.py
@@ -80,7 +80,7 @@ class ERP5UserManager(BasePlugin):
          return None

        def _authenticateCredentials(login, password, path):
-            if login is None or password is None:
+            if not login or not password:
                return None

            user_list = self.getUserByLogin(login)
@@ -156,6 +156,8 @@ class ERP5UserManager(BasePlugin):
        Search the Catalog for login and return a list of person objects
        login can be a string list or a list of strings
        """
+        if not login:
+          return []
        # because we aren't logged in, we have to create our own
        # SecurityManager to be able to access the Catalog
        sm = getSecurityManager()