projects / koha.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: a18e234) | patch
Bug 30649: Vendor EDI account passwords should be encrypted in the database
authorKyle Hall <kyle@bywatersolutions.com>
Tue, 18 Oct 2022 13:26:45 +0000 (09:26 -0400)
committerTomas Cohen Arazi <tomascohen@theke.io>
Mon, 15 May 2023 21:23:49 +0000 (18:23 -0300)
commit40b1b61cbf384a2ac101eb12119e3d28a3e45315
tree06c2acbfb555f0747c17c70162ada6b36eca0bf8tree | snapshot
parenta18e234ddc314e6b5baeb5df7dffbebd39441832commit | diff
Bug 30649: Vendor EDI account passwords should be encrypted in the database

We are storing edi vendor acccount passwords in clear text in the
database. Now that Koha has the Koha::Encryption module, we should
use that to encrypt passwords for all existing and new EDI accounts.

Test Plan:
1) Apply this patch
2) Create one or more EDI vendor accounts
3) Run a report to view the account passwords, note they are in clear
   text
4) Run updatedatabase.pl
5) Re-run the report, account passwords should be encrypted now
6) Edit a vendor EDI account, note you can still view and update the
   password for an account

Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Koha/Edifact/Transport.pm diff | blob | history
admin/edi_accounts.pl diff | blob | history
installer/data/mysql/atomicupdate/bug_30649.pl [new file with mode: 0755] blob
installer/data/mysql/kohastructure.sql diff | blob | history
Main Koha release repository