#33419 closed defect (bug) (fixed)
Cancelling password update on user-profile fails
Reported by: | peterwilsoncc | Owned by: | adamsilverstein |
---|---|---|---|
Milestone: | 4.3.1 | Priority: | normal |
Severity: | major | Version: | 4.3 |
Component: | Users | Keywords: | has-patch commit fixed-major |
Focuses: | javascript, administration | Cc: |
Description
Cancelling a new password on the user profile form fails.
- Edit user profile
- Click Generate Password
- Click Cancel
- Submit the form
- New password is set
Prior to step 1, #pass1
's value is empty; following step 3, #pass1
is set, #pass2
is empty.
Attachments (2)
Change History (11)
#1
@
9 years ago
- Keywords has-patch added
- Milestone changed from Awaiting Review to 4.3.1
- Severity changed from normal to major
#3
@
9 years ago
- Focuses administration added
- Keywords commit added
- Owner set to adamsilverstein
- Status changed from new to assigned
This looks good, thanks for catching and fixing this!
I tested this and verified: before the patch, clicking cancel then save resulted in a changed password. With the patch, performing the same sequence the password is not updated.
Thanks!
#4
follow-up:
↓ 5
@
9 years ago
We could replace $( '#pass1' )
with $pass1
, which is set earlier.
I've found another quirk:
- Click Generate Password.
- Enter a weak password (e.g. "123").
- Click Cancel.
- The Update User button is still inactive after clicking cancel, because "Confirm use of weak password" checkbox was not checked.
33419.2.diff fixes that too.
#5
in reply to:
↑ 4
@
9 years ago
Nice improvements! Thank you.
Replying to SergeyBiryukov:
We could replace
$( '#pass1' )
with$pass1
, which is set earlier.
I've found another quirk:
- Click Generate Password.
- Enter a weak password (e.g. "123").
- Click Cancel.
- The Update User button is still inactive after clicking cancel, because "Confirm use of weak password" checkbox was not checked.
33419.2.diff fixes that too.
Note: See
TracTickets for help on using
tickets.
33419.1.diff clears the password fields when a user clicks the cancel new password button on the profile page.
Setting milestone and upping severity as inadvertently setting a user's passwords seems to warrant it.