Uploaded image for project: 'aaa'
  1. aaa
  2. AAA-120

idmtool doesn't handle invalid user input

    XMLWordPrintable

Details

    • Bug
    • Status: Resolved
    • Resolution: Done
    • None
    • Magnesium, Sodium SR2, Neon SR3
    • General
    • None
    • Operating System: All
      Platform: All

    • 8119

    Description

      The existing idmtool doesn't really read the response of the HTTP request it makes. For example, if you do "./idmtool admin change-password xxx", where xxx is an invalid user id. The server returns an error with message "user not found". However, the idmtool doesn't check the message but assuming the userid is correct, so it will throw exception as expected fields are not there:

      bin/idmtool admin change-password user
      Password:
      Traceback (most recent call last):
      File "./idmtool", line 313, in <module>
      change_password(user, password, args.userid[0])
      File "./idmtool", line 228, in change_password
      del existing['salt']
      KeyError: 'salt'

      Attachments

        No reviews matched the request. Check your Options in the drop-down menu of this sections header.

        Activity

          People

            gvrangan Venkatrangan
            kevinxw Kevin Wang
            Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: