[ckan-changes] [okfn/ckan] 59e6a7: [#1178] perform_reset uses the received id as the ...
GitHub
noreply at github.com
Thu Aug 15 14:52:09 UTC 2013
Branch: refs/heads/1178-users-invitations
Home: https://github.com/okfn/ckan
Commit: 59e6a7431548f6b0e8227edc130566c40773e184
https://github.com/okfn/ckan/commit/59e6a7431548f6b0e8227edc130566c40773e184
Author: Vitor Baptista <vitor at vitorbaptista.com>
Date: 2013-08-15 (Thu, 15 Aug 2013)
Changed paths:
M ckan/controllers/user.py
Log Message:
-----------
[#1178] perform_reset uses the received id as the context's user
When performing a password reset, the user is probably (always?) not logged in.
So c.user is an empty string. So, the auth functions have no way to tell which
user is trying to reset his/her password.
This worked fine before, because everyone was able to reset the password. But
now that we've got users in DELETED state, it's not the case anymore.
More information about the ckan-changes
mailing list