Browse Source

[IMP] keychain: get_password must not be accessible from outside

pull/1143/head
Laurent Mignon (ACSONE) 7 years ago
parent
commit
a57347b55d
  1. 2
      keychain/__manifest__.py
  2. 2
      keychain/models/keychain.py
  3. 16
      keychain/tests/test_keychain.py

2
keychain/__manifest__.py

@ -4,7 +4,7 @@
{
"name": "Keychain",
"summary": "Store accounts and credentials",
"version": "10.0.1.0.0",
"version": "10.0.2.0.0",
"category": "Uncategorized",
"website": "https://akretion.com/",
"author": "Akretion, Odoo Community Association (OCA)",

2
keychain/models/keychain.py

@ -62,7 +62,7 @@ class KeychainAccount(models.Model):
# Only needed in v8 for _description_searchable issues
return True
def get_password(self):
def _get_password(self):
"""Password in clear text."""
try:
return self._decode_password(self.password)

16
keychain/tests/test_keychain.py

@ -68,7 +68,7 @@ class TestKeychain(TransactionCase):
account.clear_password = password
account._inverse_set_password()
self.assertTrue(account.clear_password != account.password)
self.assertEqual(account.get_password(), password)
self.assertEqual(account._get_password(), password)
def test_wrong_key(self):
"""It should raise an exception when encoded key != decoded."""
@ -78,7 +78,7 @@ class TestKeychain(TransactionCase):
account._inverse_set_password()
config['keychain_key'] = Fernet.generate_key()
try:
account.get_password()
account._get_password()
self.assertTrue(False, 'It should not work with another key')
except Warning as err:
self.assertTrue(True, 'It should raise a Warning')
@ -134,13 +134,13 @@ class TestKeychain(TransactionCase):
account.clear_password = 'abc'
account._inverse_set_password()
self.assertEqual(
account.get_password(),
account._get_password(),
'abc', 'Should work with dev')
config['running_env'] = 'prod'
with self.assertRaises(Warning):
self.assertEqual(
account.get_password(),
account._get_password(),
'abc', 'Should not work with prod key')
def test_multienv_blank(self):
@ -154,12 +154,12 @@ class TestKeychain(TransactionCase):
account.clear_password = 'abc'
account._inverse_set_password()
self.assertEqual(
account.get_password(),
account._get_password(),
'abc', 'Should work with dev')
config['running_env'] = 'prod'
self.assertEqual(
account.get_password(),
account._get_password(),
'abc', 'Should work with prod')
def test_multienv_force(self):
@ -178,12 +178,12 @@ class TestKeychain(TransactionCase):
with self.assertRaises(Warning):
self.assertEqual(
account.get_password(),
account._get_password(),
'abc', 'Should not work with dev')
config['running_env'] = 'prod'
self.assertEqual(
account.get_password(),
account._get_password(),
'abc', 'Should work with prod')
def test_wrong_json(self):

Loading…
Cancel
Save