]> git.koha-community.org Git - koha.git/commit
Bug 21336: Do not increase login_attempts after locking
authorMarcel de Rooy <m.de.rooy@rijksmuseum.nl>
Mon, 1 Oct 2018 12:46:15 +0000 (14:46 +0200)
committerNick Clemens <nick@bywatersolutions.com>
Wed, 17 Apr 2019 12:25:23 +0000 (12:25 +0000)
commit71f17b35ee8023967e671ca9203d5d5b62aa2931
treebe43d70a614fcabe49cba2399d238062597c63ea
parent37460d924eef0383e55ef8078944354a9d500e9a
Bug 21336: Do not increase login_attempts after locking

If an account has been locked, there is no use to keep increasing this
number. It is not true too; after the pref number has been reached,
we can not really speak of login attempts anymore. The credentials are
just ignored.

Adding a dbrev to put existing values in line. And a simple test in
Auth.t to confirm that login_attempts stop increasing.

Note: It feels safe to keep the '>=' condition in account_locked. But it
could obviously be changed to '=='. (Added a test for that.)

Note: Adding a mock_preference in Auth.t too for GDPR_Policy. Since not all
tests will pass when the pref is enabled (though disabled by default).

Test plan:
Run dbrev with updatedatabase.pl.
Run t/db_dependent/Koha/Patrons.t
Run t/db_dependent/Auth.t

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
C4/Auth.pm
installer/data/mysql/atomicupdate/bug_21336c.perl [new file with mode: 0644]
t/db_dependent/Auth.t
t/db_dependent/Koha/Patrons.t