[6.0] users_ldap does not set last login date and allows login of inactive users
Bug #784501 reported by
Stéphane Bidoul (Acsone)
This bug affects 3 people
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Odoo Addons (MOVED TO GITHUB) |
Fix Released
|
Medium
|
OpenERP's Framework R&D |
Bug Description
Hello,
When using the users_ldap module, the last login date is not set for users authenticating against ldap.
Additionally, the active flag is not checked, allowing users that are marked inactive in the openerp database to login provided they have valid LDAP credentials.
Proposed patch attached.
Best regards,
-sbi
Related branches
lp:~openerp-community/openobject-addons/stefan-therp_lp794584
- Olivier Dony (Odoo): Approve
- Stefan Rijnhart (Opener) (community): Needs Resubmitting
-
Diff: 373 lines (+198/-116)1 file modifiedusers_ldap/users_ldap.py (+198/-116)
visibility: | private → public |
To post a comment you must log in.
I attach an improved patch (the previous one was missing a commit).
Note that I've not tested the interaction with the create_users option. If create_user is set, when connecting as an inactive user, the system will attempt to create another user and it will fail due to the unique_key constraint on login.