[staticcontrollers] Raise Forbidden, not Unauthorized
Unauthorized means "log in to get access", as it results in a HTTP 401.
Here, the error is pretty much permanent, and returning 401 instead of
403 confuses things terribly.
(This seems to be a pretty widespread confusion :/)
from logilab.common.shellutils import generate_password
from cubicweb.server.utils import crypt_password
for user in rql('CWUser U WHERE U cw_source S, S name "system", U upassword P, U login L').entities():
salt = user.upassword.getvalue()
if crypt_password('', salt) == salt:
passwd = generate_password()
print 'setting random password for user %s' % user.login
user.set_attributes(upassword=passwd)
commit()