[FIX] auth_crypt: encrypt all passwords at installation

odony · odony · commit f29ff5ef70fd · 2014-06-18T15:32:06.000+02:00
When `base_crypt` was updated for v7, the auto-encryption at installation was dropped, with user passwords only encrypted on-demand whenever the user would connect. It is important to encrypt all passwords immediately to prevent password compromission for user who do not login often or even for deactivated users who are not allowed to login anymore. Fixes https://bugs.launchpad.net/openobject-addons/+bug/1280152 Based on LP merge proposal by Nicolas Bessi (Camptocamp): https://code.launchpad.net/~camptocamp/openobject-addons/improve_auth_crypt_3_please_launchpad_work-nbi/+merge/206476
diff --git a/addons/auth_crypt/auth_crypt.py b/addons/auth_crypt/auth_crypt.py
@@ -117,10 +117,22 @@ def sh256crypt(cls, password, salt, magic=magic_sha256):
 class res_users(osv.osv):
     _inherit = "res.users"
 
+    def init(self, cr):
+        """Encrypt all passwords at module installation"""
+        cr.execute("SELECT id, password FROM res_users WHERE password IS NOT NULL and password != ''")
+        for user in cr.fetchall():
+            self._set_encrypted_password(cr, user[0], user[1])
+
+    def _set_encrypted_password(self, cr, uid, plain_password):
+        """Set an encrypted password for a given user"""
+        salt = gen_salt()
+        stored_password_crypt = md5crypt(plain_password, salt)
+        cr.execute("UPDATE res_users SET password = '', password_crypt = %s WHERE id = %s",
+                   (stored_password_crypt, uid))
+
     def set_pw(self, cr, uid, id, name, value, args, context):
         if value:
-            encrypted = md5crypt(value, gen_salt())
-            cr.execute("update res_users set password='', password_crypt=%s where id=%s", (encrypted, id))
+            self._set_encrypted_password(cr, id, value)
         del value
 
     def get_pw( self, cr, uid, ids, name, args, context ):
@@ -144,9 +156,7 @@ def check_credentials(self, cr, uid, password):
         if cr.rowcount:
             stored_password, stored_password_crypt = cr.fetchone()
             if stored_password and not stored_password_crypt:
-                salt = gen_salt()
-                stored_password_crypt = md5crypt(stored_password, salt)
-                cr.execute("UPDATE res_users SET password='', password_crypt=%s WHERE id=%s", (stored_password_crypt, uid))
+                self._set_encrypted_password(cr, uid, stored_password)
         try:
             return super(res_users, self).check_credentials(cr, uid, password)
         except openerp.exceptions.AccessDenied:
