From: richard Date: Tue, 8 Oct 2002 04:11:17 +0000 (+0000) Subject: allow blank passwords again (sf bug 619714) X-Git-Url: https://git.tokkee.org/?a=commitdiff_plain;h=df7f145b529fe80a3ac1211705c88f8f55f7068c;p=roundup.git allow blank passwords again (sf bug 619714) git-svn-id: http://svn.roundup-tracker.org/svnroot/roundup/trunk@1325 57a73879-2fb5-44c3-a270-3262357dd7e2 --- diff --git a/CHANGES.txt b/CHANGES.txt index 665dd35..5d2c2fb 100644 --- a/CHANGES.txt +++ b/CHANGES.txt @@ -13,6 +13,7 @@ are given with the most recent entry first. - https URLs from config now recognised as valid (sf bug 619829) - nicer display of tracker list in roundup-server (sf bug 619769) - fixed some missed renaming instance -> tracker (sf bug 619769) +- allow blank passwords again (sf bug 619714) 2002-10-02 0.5.0 diff --git a/doc/customizing.txt b/doc/customizing.txt index 4caa99a..fec578b 100644 --- a/doc/customizing.txt +++ b/doc/customizing.txt @@ -2,7 +2,7 @@ Customising Roundup =================== -:Version: $Revision: 1.52 $ +:Version: $Revision: 1.53 $ .. This document borrows from the ZopeBook section on ZPT. The original is at: http://www.zope.org/Documentation/Books/ZopeBook/current/ZPT.stx @@ -580,6 +580,10 @@ Example Scenarios +**don't give users who register through email web access** + Create a new Role called "Email User" which has all the Permissions of the + normal "User" Role minus the "Web Access" Permission. This will allow users + to send in emails to the tracker, but not access the web interface. Web Interface diff --git a/roundup/backends/back_anydbm.py b/roundup/backends/back_anydbm.py index d99094f..755dab3 100644 --- a/roundup/backends/back_anydbm.py +++ b/roundup/backends/back_anydbm.py @@ -15,7 +15,7 @@ # BASIS, AND THERE IS NO OBLIGATION WHATSOEVER TO PROVIDE MAINTENANCE, # SUPPORT, UPDATES, ENHANCEMENTS, OR MODIFICATIONS. # -#$Id: back_anydbm.py,v 1.88 2002-10-07 00:52:51 richard Exp $ +#$Id: back_anydbm.py,v 1.89 2002-10-08 04:11:14 richard Exp $ ''' This module defines a backend that saves the hyperdatabase in a database chosen by anydbm. It is guaranteed to always be available in python @@ -366,7 +366,7 @@ class Database(FileStorage, hyperdb.Database, roundupdb.Database): # get the property spec prop = properties[k] - if isinstance(prop, Password): + if isinstance(prop, Password) and v is not None: d[k] = str(v) elif isinstance(prop, Date) and v is not None: d[k] = v.serialise() @@ -397,7 +397,7 @@ class Database(FileStorage, hyperdb.Database, roundupdb.Database): d[k] = date.Date(v) elif isinstance(prop, Interval) and v is not None: d[k] = date.Interval(v) - elif isinstance(prop, Password): + elif isinstance(prop, Password) and v is not None: p = password.Password() p.unpack(v) d[k] = p diff --git a/roundup/backends/back_sqlite.py b/roundup/backends/back_sqlite.py index cbd6d6e..53be129 100644 --- a/roundup/backends/back_sqlite.py +++ b/roundup/backends/back_sqlite.py @@ -1,4 +1,4 @@ -# $Id: back_sqlite.py,v 1.6 2002-09-27 01:04:38 richard Exp $ +# $Id: back_sqlite.py,v 1.7 2002-10-08 04:11:16 richard Exp $ __doc__ = ''' See https://pysqlite.sourceforge.net/ for pysqlite info ''' @@ -155,7 +155,7 @@ class Database(Database): d[k] = date.Date(v) elif isinstance(prop, Interval) and v is not None: d[k] = date.Interval(v) - elif isinstance(prop, Password): + elif isinstance(prop, Password) and v is not None: p = password.Password() p.unpack(v) d[k] = p diff --git a/roundup/backends/rdbms_common.py b/roundup/backends/rdbms_common.py index 8839273..a60c79d 100644 --- a/roundup/backends/rdbms_common.py +++ b/roundup/backends/rdbms_common.py @@ -1,4 +1,4 @@ -# $Id: rdbms_common.py,v 1.21 2002-10-07 00:52:51 richard Exp $ +# $Id: rdbms_common.py,v 1.22 2002-10-08 04:11:16 richard Exp $ ''' Relational database (SQL) backend common code. Basics: @@ -699,7 +699,7 @@ class Database(FileStorage, hyperdb.Database, roundupdb.Database): # get the property spec prop = properties[k] - if isinstance(prop, Password): + if isinstance(prop, Password) and v is not None: d[k] = str(v) elif isinstance(prop, Date) and v is not None: d[k] = v.serialise() @@ -730,7 +730,7 @@ class Database(FileStorage, hyperdb.Database, roundupdb.Database): d[k] = date.Date(v) elif isinstance(prop, Interval) and v is not None: d[k] = date.Interval(v) - elif isinstance(prop, Password): + elif isinstance(prop, Password) and v is not None: p = password.Password() p.unpack(v) d[k] = p diff --git a/roundup/cgi/client.py b/roundup/cgi/client.py index 46167eb..635cf72 100644 --- a/roundup/cgi/client.py +++ b/roundup/cgi/client.py @@ -1,4 +1,4 @@ -# $Id: client.py,v 1.50 2002-10-07 00:52:51 richard Exp $ +# $Id: client.py,v 1.51 2002-10-08 04:11:17 richard Exp $ __doc__ = """ WWW request handler (also used in the stand-alone server). @@ -525,7 +525,8 @@ class Client: # make sure we're allowed to be here if not self.loginPermission(): self.make_user_anonymous() - raise Unauthorised, _("You do not have permission to login") + self.error_message.append(_("You do not have permission to login")) + return # now we're OK, re-open the database for real, using the user self.opendb(self.user) @@ -536,7 +537,12 @@ class Client: def verifyPassword(self, userid, password): ''' Verify the password that the user has supplied ''' - return password == self.db.user.get(self.userid, 'password') + stored = self.db.user.get(self.userid, 'password') + if password == stored: + return 1 + if not password and not stored: + return 1 + return 0 def loginPermission(self): ''' Determine whether the user has permission to log in. diff --git a/roundup/roundupdb.py b/roundup/roundupdb.py index eb62444..65739b0 100644 --- a/roundup/roundupdb.py +++ b/roundup/roundupdb.py @@ -15,7 +15,7 @@ # BASIS, AND THERE IS NO OBLIGATION WHATSOEVER TO PROVIDE MAINTENANCE, # SUPPORT, UPDATES, ENHANCEMENTS, OR MODIFICATIONS. # -# $Id: roundupdb.py,v 1.70 2002-10-08 03:27:24 richard Exp $ +# $Id: roundupdb.py,v 1.71 2002-10-08 04:11:13 richard Exp $ __doc__ = """ Extending hyperdb with types specific to issue-tracking. @@ -291,7 +291,7 @@ class IssueClass: # then append a trailing slash if it is missing base = self.db.config.TRACKER_WEB if (not isinstance(base , type('')) or - not base.startswith('http://'): + not base.startswith('http://') or not base.startswith('https://')): base = "Configuration Error: TRACKER_WEB isn't a " \ "fully-qualified URL"