[FIX] users_ldap: consistent handling of login() vs check()

Explicit check for blank passwords was introduced recently in check() for bug 760301, but login() did not behave the same so the resulting error message would be inconsistent. lp bug: https://launchpad.net/bugs/760301 fixed bzr revid: odo@openerp.com-20110616160219-m0y066q914s4y7ev
2011-06-16 18:02:19 +02:00 · 2011-06-16 18:02:19 +02:00 · 20c49ad274
parent d6e1bc3046
commit 20c49ad274
1 changed files with 5 additions and 0 deletions
--- a/addons/users_ldap/users_ldap.py
+++ b/addons/users_ldap/users_ldap.py
@ -70,6 +70,11 @@ res_company()
 class users(osv.osv):
    _inherit = "res.users"
    def login(self, db, login, password):
+
+        if not password:
+            # empty passwords are disallowed for obvious security reasons
+            return False
+
        ret = super(users,self).login(db, login, password)
        if ret:
            return ret