Merge with HEAD: Collector #256: Added a check in _doChangeUser to make sure...

Merge with HEAD: Collector #256: Added a check in _doChangeUser to make sure passwords isn't encrypted twice.

Merge with HEAD: Collector #256: Added a check in _doChangeUser to make sure...
Merge with HEAD: Collector #256: Added a check in _doChangeUser to make sure passwords isn't encrypted twice.
611e5817 · Lennart Regebro · dce98531 · 611e5817 · 611e5817
Commit 611e5817 authored Dec 16, 2002 by Lennart Regebro
Hide whitespace changes
Inline Side-by-side

Showing with 5 additions and 2 deletions

doc/CHANGES.txt doc/CHANGES.txt +3 -0

lib/python/AccessControl/User.py lib/python/AccessControl/User.py +2 -2

No files found.
--- a/doc/CHANGES.txt
+++ b/doc/CHANGES.txt
@@ -13,6 +13,9 @@ Zope Changes
        modified in versions without this fix will have been corrupted in
        the zodb.

+      - Collector #256: Added a check in _doChangeUser to make sure 
+        passwords isn't encrypted twice.
+

  Zope 2.6.1 beta 1


--- a/lib/python/AccessControl/User.py
+++ b/lib/python/AccessControl/User.py
@@ -12,7 +12,7 @@
 ##############################################################################
 """Access control package"""

-__version__='$Revision: 1.172 $'[11:-2]
+__version__='$Revision: 1.173 $'[11:-2]

 import Globals, socket, SpecialUsers,re
 import os
@@ -1034,7 +1034,7 @@ class UserFolder(BasicUserFolder):
    def _doChangeUser(self, name, password, roles, domains, **kw):
        user=self.data[name]
        if password is not None:
-            if self.encrypt_passwords:
+            if self.encrypt_passwords and not self._isPasswordEncrypted(pw):
                password = self._encryptPassword(password)
            user.__=password
        user.roles=roles