Module: check_mk Branch: master Commit: 2317b16588796dcaff2e89277f4952138cb93e2f URL: http://git.mathias-kettner.de/git/?p=check_mk.git;a=commit;h=2317b16588796d… Author: Andreas Boesl <ab(a)mathias-kettner.de> Date: Wed Sep 6 16:00:56 2017 +0200 5140 FIX WATO Web API: add_users/edit_users: now able to set password attribute Fixed incorrect processing of the password attribute. The Web API expects the password attribute as plain text and encrypts it subsequently. Change-Id: I621a871f4950af77582acef8239e8ae553556498 --- .werks/5140 | 11 +++++++++++ web/plugins/webapi/webapi.py | 11 +++++++++++ 2 files changed, 22 insertions(+) diff --git a/.werks/5140 b/.werks/5140 new file mode 100644 index 0000000..481b35f --- /dev/null +++ b/.werks/5140 @@ -0,0 +1,11 @@ +Title: WATO Web API: add_users/edit_users: now able to set password attribute +Level: 1 +Component: wato +Compatible: compat +Edition: cre +Version: 1.5.0i1 +Date: 1504706281 +Class: fix + +Fixed incorrect processing of the password attribute. +The Web API expects the password attribute as plain text and encrypts it subsequently. diff --git a/web/plugins/webapi/webapi.py b/web/plugins/webapi/webapi.py index c77b1f8..06c65a8 100644 --- a/web/plugins/webapi/webapi.py +++ b/web/plugins/webapi/webapi.py @@ -537,6 +537,7 @@ register_group_apis() # Otherwise, group_type is known in the global scope.. # | | # +----------------------------------------------------------------------+ + def action_get_all_users(request): validate_request_keys(request, []) all_users = userdb.load_users(lock = False) @@ -571,6 +572,10 @@ def action_add_users(request): new_user_objects = {} for user_id, values in users_from_request.items(): user_template = userdb.new_user_template("htpasswd") + if "password" in values: + values["password"] = userdb.encrypt_password(values["password"]) + values["serial"] = 1 + user_template.update(values) new_user_objects[user_id] = {"attributes": user_template, "is_new_user": True} @@ -609,6 +614,12 @@ def action_edit_users(request): if entry not in user_attrs: continue del user_attrs[entry] + + new_password = settings.get("set_attributes", {}).get("password") + if new_password: + user_attrs["password"] = userdb.encrypt_password(new_password) + user_attrs["serial"] = user_attrs.get("serial", 0) + 1 + edit_user_objects[user_id] = {"attributes": user_attrs, "is_new_user": False} watolib.edit_users(edit_user_objects)