Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Don't let users that are used for os user have their passwords set via the not specified password flow. #12115

Merged
merged 1 commit into from May 13, 2024
Merged

Don't let users that are used for os user have their passwords set via the not specified password flow. #12115

merged 1 commit into from May 13, 2024

Conversation

rtibbles
Copy link
Member

Summary

  • Adds checks in the session creation endpoint and nonspecifiedpassword setting endpoint to exclude users for which there is an OSUser model
  • Adds tests for the above

References

Fixes #12112

Reviewer guidance

This is probably best tested in the context of the Flatpak app @dylanmccall might be best placed to test this.

Testing checklist

  • Contributor has fully tested the PR manually
  • If there are any front-end changes, before/after screenshots are included
  • Critical user journeys are covered by Gherkin stories
  • Critical and brittle code paths are covered by unit tests

PR process

  • PR has the correct target branch and milestone
  • PR has 'needs review' or 'work-in-progress' label
  • If PR is ready for review, a reviewer has been added. (Don't use 'Assignees')
  • If this is an important user-facing change, PR or related issue has a 'changelog' label
  • If this includes an internal dependency change, a link to the diff is provided

Reviewer checklist

  • Automated test coverage is satisfactory
  • PR is fully functional
  • PR has been tested for accessibility regressions
  • External dependency files were updated if necessary (yarn and pip)
  • Documentation is updated
  • Contributor is in AUTHORS.md

@rtibbles rtibbles added the TODO: needs review Waiting for review label Apr 30, 2024
@github-actions github-actions bot added DEV: backend Python, databases, networking, filesystem... SIZE: medium labels Apr 30, 2024
@github-actions GitHub Actions
Copy link

github-actions bot commented May 1, 2024
edited

Build Artifacts

Asset type Download link
PEX file kolibri-0.16.2b1.dev0_git.2.g8bfe743e.pex
Windows Installer (EXE) kolibri-0.16.2b1.dev0+git.2.g8bfe743e-windows-setup-unsigned.exe
Debian Package kolibri_0.16.2b1.dev0+git.2.g8bfe743e-0ubuntu1_all.deb
Mac Installer (DMG) kolibri-0.16.2b1.dev0+git.2.g8bfe743e-0.4.1.dmg
Android Package (APK) kolibri-0.16.2b1.dev0+git.2.g8bfe743e-0.1.2-debug.apk
TAR file kolibri-0.16.2b1.dev0+git.2.g8bfe743e.tar.gz
WHL file kolibri-0.16.2b1.dev0+git.2.g8bfe743e-py2.py3-none-any.whl

@dylanmccall
Copy link
Contributor

In learningequality/kolibri-installer-gnome#99, I changed the flatpak manifest to include this patch, and it appears to solve the problem I reported. There's one other issue over there which is probably because it isn't going through the initialize API. Reading the code, I see the app needs to use that for FacilityUser.objects.get_or_create_os_user() to run given the current auth token :) So I'll need to fix that and keep poking at it just to be sure, but this is looking good to me.

marcellamaki
marcellamaki approved these changes May 13, 2024
View reviewed changes
Copy link
Member

@marcellamaki marcellamaki left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code review looks okay, and per feedback from @dylanmccall - this seems to resolve the concern that they ran into

@marcellamaki marcellamaki merged commit ec43861 into learningequality:release-v0.16.x May 13, 2024
34 checks passed
@marcellamaki marcellamaki mentioned this pull request May 13, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@marcellamaki marcellamaki marcellamaki approved these changes

Assignees

@marcellamaki marcellamaki

Labels
DEV: backend Python, databases, networking, filesystem... SIZE: medium TODO: needs review Waiting for review
Projects
None yet
Milestone
Kolibri 0.16: Planned Patch 2
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@rtibbles @dylanmccall @marcellamaki