You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@syncope.apache.org by "Andrea Patricelli (Jira)" <ji...@apache.org> on 2020/05/15 08:31:00 UTC

[jira] [Created] (SYNCOPE-1563) User approval update should send the password only when requested

Andrea Patricelli created SYNCOPE-1563:
------------------------------------------

             Summary: User approval update should send the password only when requested
                 Key: SYNCOPE-1563
                 URL: https://issues.apache.org/jira/browse/SYNCOPE-1563
             Project: Syncope
          Issue Type: Bug
          Components: console
    Affects Versions: 2.1.6
            Reporter: Andrea Patricelli
            Assignee: Andrea Patricelli
             Fix For: 2.1.7, 3.0.0


1. Create an user approval request (through enduser by assigning groupForWorkflowApproval for example).
2. Login into console as an approver, claim and edit the request.
3. If you submit the form the password is added to the payload and a PasswordPatch is ever created with value the hased password taken from UserTO stored into the workflow.

This also affects the mustChangePassword flag, that, if true for the UserTO under approval, is set to false (because password ever changes).



--
This message was sent by Atlassian Jira
(v8.3.4#803005)