Item14903: fixed setPasssword() api

foswiki · May 25, 2020 · 7ecd010 · 7ecd010
1 parent 1627bb7
commit 7ecd010
Show file tree

Hide file tree

Showing 6 changed files with 14 additions and 27 deletions.
diff --git a/UnitTestContrib/test/unit/ManageDotPmTests.pm b/UnitTestContrib/test/unit/ManageDotPmTests.pm
@@ -811,9 +811,7 @@ sub verify_resetEmailOkay {
     $this->assert( $this->{session}->{users}->userExists($cUID),
         "new user created" );
     my $newPassU = '12345';
-    my $oldPassU = 1;         #force set
-    $this->assert(
-        $this->{session}->{users}->setPassword( $cUID, $newPassU, $oldPassU ) );
+    $this->assert( $this->{session}->{users}->setPassword( $cUID, $newPassU ) );
     my $newEmail = 'brian@family.guy';
 
     my $query = Unit::Request->new(
@@ -1117,9 +1115,7 @@ sub verify_deleteUser {
       ( $Foswiki::cfg{Register}{AllowLoginName} ) ? 'eric' : 'EricCartman';
     my $cUID     = $this->{session}->{users}->getCanonicalUserID($uname);
     my $newPassU = '12345';
-    my $oldPassU = 1;    #force set
-    $this->assert(
-        $this->{session}->{users}->setPassword( $cUID, $newPassU, $oldPassU ) );
+    $this->assert( $this->{session}->{users}->setPassword( $cUID, $newPassU ) );
 
     my $query = Unit::Request->new(
         {

diff --git a/UnitTestContrib/test/unit/PasswordTests.pm b/UnitTestContrib/test/unit/PasswordTests.pm
@@ -349,7 +349,7 @@ DONE
         $Foswiki::cfg{Htpasswd}{Encoding} = $user;
         $impl = Foswiki::Users::HtPasswdUser->new( $this->{session} );
 
-        my $added = $impl->setPassword( $user, "pw$user", 1 );
+        my $added = $impl->setPassword( $user, "pw$user" );
         $this->assert_null( $impl->error() );
     }
 

diff --git a/UnitTestContrib/test/unit/RegisterTests.pm b/UnitTestContrib/test/unit/RegisterTests.pm
@@ -1770,9 +1770,7 @@ sub verify_resetPasswordOkay {
     $this->assert( $this->{session}->{users}->userExists($cUID),
         " $cUID does not exist?" );
     my $newPassU = '12345';
-    my $oldPassU = 1;         #force set
-    $this->assert(
-        $this->{session}->{users}->setPassword( $cUID, $newPassU, $oldPassU ) );
+    $this->assert( $this->{session}->{users}->setPassword( $cUID, $newPassU ) );
     $this->assert( $this->{session}->{users}
           ->checkPassword( $this->{new_user_login}, $newPassU ) );
     my @emails = $this->{session}->{users}->getEmails($cUID);
@@ -2584,9 +2582,7 @@ sub verify_resetPassword_NoWikiUsersEntry {
     $this->assert( $this->{session}->{users}->userExists($cUID),
         " $cUID does not exist?" );
     my $newPassU = '12345';
-    my $oldPassU = 1;         #force set
-    $this->assert(
-        $this->{session}->{users}->setPassword( $cUID, $newPassU, $oldPassU ) );
+    $this->assert( $this->{session}->{users}->setPassword( $cUID, $newPassU ) );
     $this->assert( $this->{session}->{users}
           ->checkPassword( $this->{new_user_login}, $newPassU ) );
     my @emails = $this->{session}->{users}->getEmails($cUID);

diff --git a/core/lib/Foswiki/UI/Passwords.pm b/core/lib/Foswiki/UI/Passwords.pm
@@ -150,7 +150,7 @@ sub _resetUsersPassword {
     require Foswiki::Users;
     my $password = Foswiki::Users::randomPassword();
 
-    unless ( $users->setPassword( $user, $password, 1 ) ) {
+    unless ( $users->setPassword( $user, $password ) ) {
         $$pMess .= $session->inlineAlert( 'alertsnohtml', 'reset_bad', $user );
         return 0;
     }

diff --git a/core/lib/Foswiki/Users.pm b/core/lib/Foswiki/Users.pm
@@ -1004,9 +1004,9 @@ sub checkPassword {
 If the $oldPassU matches matches the user's password, then it will
 replace it with $newPassU.
 
-If $oldPassU is not correct and not 1, will return 0.
+If $oldPassU is defined but incorrect, will return 0.
 
-If $oldPassU is 1, will force the change irrespective of
+If $oldPassU is undefined, will force the change irrespective of
 the existing password, adding the user if necessary.
 
 Otherwise returns 1 on success, undef on failure.

diff --git a/core/lib/Foswiki/Users/HtPasswdUser.pm b/core/lib/Foswiki/Users/HtPasswdUser.pm
@@ -298,6 +298,7 @@ sub _readPasswd {
     while ( defined( $line = <$IN_FILE> ) ) {
         next if ( substr( $line, 0, 1 ) eq '#' );
         chomp $line;
+        next if $line =~ /^\s*$/;    # skip empty lines
         $pwcount++;
         my @fields = split( /:/, $line, 5 );
 
@@ -725,12 +726,12 @@ sub fetchPass {
 If the $oldPassU matches matches the user's password, then it will
 replace it with $newPassU.
 
-If $oldPassU is not correct and not 1, will return 0.
+If $oldPassU is defined but incorrect, will return 0.
 
-If $oldPassU is 1, will force the change irrespective of
+If $oldPassU is undefined, will force the change irrespective of
 the existing password, adding the user if necessary.
 
-Otherwise returns 1 on success, undef on failure.
+Otherwise returns 1 on success, 0 on failure.
 
 The password file is locked for exclusive access before being updated.
 
@@ -741,13 +742,7 @@ sub setPassword {
     ASSERT($login) if DEBUG;
 
     if ( defined($oldUserPassword) ) {
-        unless ( $oldUserPassword eq '1' ) {
-            return 0 unless $this->checkPassword( $login, $oldUserPassword );
-        }
-    }
-    elsif ( $this->fetchPass($login) ) {
-        $this->{error} = $login . ' already exists';
-        return 0;
+        return 0 unless $this->checkPassword( $login, $oldUserPassword );
     }
 
     my $lockHandle;
@@ -778,7 +773,7 @@ sub setPassword {
         print STDERR "ERROR: failed to setPassword - $! ($e)";
         $this->{error} = 'unknown error in setPassword'
           unless ( $this->{error} && length( $this->{error} ) );
-        return undef;
+        return 0;
     }
     finally {
         _unlockPasswdFile($lockHandle) if $lockHandle;