]> git.koha-community.org Git - koha.git/commit
Bug 30649: Vendor EDI account passwords should be encrypted in the database
authorKyle Hall <kyle@bywatersolutions.com>
Tue, 18 Oct 2022 13:26:45 +0000 (09:26 -0400)
committerPedro Amorim <pedro.amorim@ptfs-europe.com>
Fri, 2 Jun 2023 11:49:09 +0000 (11:49 +0000)
commita5d01aac49c003ee6f47f7423004809023b1f9a0
tree593446b114a1ddace7e2cf5fc46344994ae4650e
parentd54de73bfff2282cf59f16a078b6f924befd2a00
Bug 30649: Vendor EDI account passwords should be encrypted in the database

We are storing edi vendor acccount passwords in clear text in the
database. Now that Koha has the Koha::Encryption module, we should
use that to encrypt passwords for all existing and new EDI accounts.

Test Plan:
1) Apply this patch
2) Create one or more EDI vendor accounts
3) Run a report to view the account passwords, note they are in clear
   text
4) Run updatedatabase.pl
5) Re-run the report, account passwords should be encrypted now
6) Edit a vendor EDI account, note you can still view and update the
   password for an account

Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
(cherry picked from commit 40b1b61cbf384a2ac101eb12119e3d28a3e45315)
Signed-off-by: Pedro Amorim <pedro.amorim@ptfs-europe.com>
Koha/Edifact/Transport.pm
admin/edi_accounts.pl
installer/data/mysql/atomicupdate/bug_30649.pl [new file with mode: 0755]
installer/data/mysql/kohastructure.sql