From 056819157925de1d8897ec6a508c1230d8acd53a Mon Sep 17 00:00:00 2001 From: Bill Erickson Date: Tue, 15 Mar 2016 12:31:37 -0400 Subject: [PATCH] LP#1557621 Verify password barcode / deleted users repair * Fixes bug that caused password verify calls to fail with an exception when tested with a barcode. * Verify API always returns false when tested on deleted users. To test: 1. In the staff client, navigate to Circulation -> Verify Credentials 2. Confirm username and barcode lookups return success for a non-deleted user using the correct password. 3. Delete a test user in the database: UPDATE actor.usr SET deleted = TRUE WHERE id = ; 4. Re-do step 2 confirming non-success results are returned. Signed-off-by: Bill Erickson Signed-off-by: Galen Charlton --- Open-ILS/src/perlmods/lib/OpenILS/Application/Actor.pm | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/Open-ILS/src/perlmods/lib/OpenILS/Application/Actor.pm b/Open-ILS/src/perlmods/lib/OpenILS/Application/Actor.pm index 87fb870dc3..1e0593dbf3 100644 --- a/Open-ILS/src/perlmods/lib/OpenILS/Application/Actor.pm +++ b/Open-ILS/src/perlmods/lib/OpenILS/Application/Actor.pm @@ -3293,11 +3293,10 @@ sub verify_user_password { $user_by_username = $e->search_actor_user({usrname => $username})->[0] or return 0; $user = $user_by_username; } - return 0 if (!$user); + return 0 if (!$user || $U->is_true($user->deleted)); return 0 if ($user_by_username && $user_by_barcode && $user_by_username->id != $user_by_barcode->id); return $e->event unless $e->allowed('VIEW_USER', $user->home_ou); - return $U->verify_migrated_user_password( - $e, $user_by_username->id, $password, 1); + return $U->verify_migrated_user_password($e, $user->id, $password, 1); } __PACKAGE__->register_method ( -- 2.43.2