Roundup Tracker - Issues

Message5926

Author rouilj
Recipients rouilj
Date 2017-02-01.00:54:54
Message-id <1485910494.92.0.332851560265.issue2550933@psf.upfronthosting.co.za>
In-reply-to 
I have the now more pythonic:

        if self._value is None:
            return ''
        try:
            value = self._value.dummystr()
        except AttributeError:
            value = self._('[hidden]')
        if escape:
            value = cgi.escape(value)
        return value

If you get the password fields wrong, I get a journal entry that looks like:

2017-02-01 00:42:14	admin	set	password: {PBKDF2}*encrypted* -> [hidden]
2017-02-01 00:41:28	admin	set	address: demo@example.com -> demo@example1.com

If I change something else (leaving the password fields blank)

I get this in the history:

2017-02-01 00:43:47	admin	set	address: demo@example1.com -> demo@example.com
2017-02-01 00:42:14	admin	set	password: {PBKDF2}*encrypted* ->
{PBKDF2}*encrypted*
2017-02-01 00:41:28	admin	set	address: demo@example.com -> demo@example1.com

so it looks like the failed attempt to change the password at 42:14
was still recorded.

If I again do a broken password change this is displayed as the history:

2017-02-01 00:43:47	admin	set	address: demo@example1.com -> demo@example.com
2017-02-01 00:42:14	admin	set	password: {PBKDF2}*encrypted* -> [hidden]
2017-02-01 00:41:28	admin	set	address: demo@example.com -> demo@example1.com

If I now do a proper password change I see:

2017-02-01 00:46:07	admin	set	password: {PBKDF2}*encrypted* ->
{PBKDF2}*encrypted*
2017-02-01 00:43:47	admin	set	address: demo@example1.com -> demo@example.com
2017-02-01 00:42:14	admin	set	password: {PBKDF2}*encrypted* ->
{PBKDF2}*encrypted*
2017-02-01 00:41:28	admin	set	address: demo@example.com -> demo@example1.com

again not sure why the 42:14 failed password attempt is showing up in
the journal or why is changes back and forth to hidden. If I do another
failed password attempt I get:

2017-02-01 00:46:07	admin	set	password: {PBKDF2}*encrypted* -> [hidden]
2017-02-01 00:43:47	admin	set	address: demo@example1.com -> demo@example.com
2017-02-01 00:42:14	admin	set	password: {PBKDF2}*encrypted* ->
{PBKDF2}*encrypted*
2017-02-01 00:41:28	admin	set	address: demo@example.com -> demo@example1.com

despite the fact it's now 00:47 something. Very odd.

But at least displaying the password field in read only mode
(e.g. in user.index.html) works and displays values like:
{PBKDF2}*encrypted*

Unless somebody has a brighter idea, this fixes a crash bug and the
journal issue can wait for another day.
History
Date User Action Args
2017-02-01 00:54:54rouiljsetmessageid: <1485910494.92.0.332851560265.issue2550933@psf.upfronthosting.co.za>
2017-02-01 00:54:54rouiljsetrecipients: + rouilj
2017-02-01 00:54:54rouiljlinkissue2550933 messages
2017-02-01 00:54:54rouiljcreate

Supported by The Python Software Foundation,
Powered by Roundup

Last modified: Fri Feb 28 22:02:04 EST 2020