Mercurial Mercurial > pub > hg > cubicweb / annotate
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
misc/migration/3.15.4_Any.py
author Julien Cristau <julien.cristau@logilab.fr>
Wed, 05 Feb 2014 16:34:21 +0100
branchstable
changeset 9523 cd5738fc440f
parent 8522 85b1c4b36d1d
child 10589 7c23b7de2b8d
permissions -rw-r--r--
[ajax] use a custom tag to handle dynamically loaded js Using <pre class="script"> makes it trivial for a malicious user to inject arbitrary javascript into a html or rest text element (because it looks innocent to the html sanitizer). Using a custom tag we can be sure that it actually comes from our code and not from untrusted user data. IE ignores custom tags, though, so we put it in its own namespace. https://extranet.logilab.fr/1530578
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
8522
85b1c4b36d1d migration: replace empty passwords with random ones on upgrade
Julien Cristau <julien.cristau@logilab.fr>
parents:
diff changeset 
     1
 
from logilab.common.shellutils import generate_password
85b1c4b36d1d migration: replace empty passwords with random ones on upgrade
Julien Cristau <julien.cristau@logilab.fr>
parents:
diff changeset 
     2
 
from cubicweb.server.utils import crypt_password
85b1c4b36d1d migration: replace empty passwords with random ones on upgrade
Julien Cristau <julien.cristau@logilab.fr>
parents:
diff changeset 
     3
 












85b1c4b36d1d
migration: replace empty passwords with random ones on upgrade



Julien Cristau <julien.cristau@logilab.fr>


parents: 

diff
changeset




     4


for user in rql('CWUser U WHERE U cw_source S, S name "system", U upassword P, U login L').entities():












85b1c4b36d1d
migration: replace empty passwords with random ones on upgrade



Julien Cristau <julien.cristau@logilab.fr>


parents: 

diff
changeset




     5


    salt = user.upassword.getvalue()












85b1c4b36d1d
migration: replace empty passwords with random ones on upgrade



Julien Cristau <julien.cristau@logilab.fr>


parents: 

diff
changeset




     6


    if crypt_password('', salt) == salt:












85b1c4b36d1d
migration: replace empty passwords with random ones on upgrade



Julien Cristau <julien.cristau@logilab.fr>


parents: 

diff
changeset




     7


        passwd = generate_password()












85b1c4b36d1d
migration: replace empty passwords with random ones on upgrade



Julien Cristau <julien.cristau@logilab.fr>


parents: 

diff
changeset




     8


        print 'setting random password for user %s' % user.login












85b1c4b36d1d
migration: replace empty passwords with random ones on upgrade



Julien Cristau <julien.cristau@logilab.fr>


parents: 

diff
changeset




     9


        user.set_attributes(upassword=passwd)












85b1c4b36d1d
migration: replace empty passwords with random ones on upgrade



Julien Cristau <julien.cristau@logilab.fr>


parents: 

diff
changeset




    10














85b1c4b36d1d
migration: replace empty passwords with random ones on upgrade



Julien Cristau <julien.cristau@logilab.fr>


parents: 

diff
changeset




    11


commit()














cubicweb