Ok, I confirm that... I had the same problem here the problem can be reproduced by adding this line to a new app :
db.auth_user.password.requires = [IS_STRONG(),CRYPT(key=auth.settings.hmac_key)] Below : ## create all tables needed by auth if not custom tables auth.define_tables(username=False, signature=False) HERE Or, by adding IS_STRONG() to my own app. The problem happen only in appadmin when trying to submit change to auth_user without touching the password field. I saw that IS_STRONG() had been patched recently : https://groups.google.com/forum/?fromgroups#!topic/web2py-developers/PukVxwKUCAo But I don't think that this is caused by this change... I try with a web2py 1.99.4 and the problem seems to be present. It may be possible we just don't know how to use IS_STRONG(). :) Richard On Tue, Oct 16, 2012 at 2:15 PM, piero crisci <piero.cri...@gmail.com>wrote: > > Here is a test app that have the same problem i described above > Il giorno lunedì 15 ottobre 2012 15:54:47 UTC+2, Richard ha scritto: >> >> Try to create the app by your self in this case... It is not very >> difficult... For the auth definition (I mean auth_user, auth_group, etc.). >> Use the code available in the book. >> >> Also, you could maybe post the demo app you create with the wizard here >> and we can test it in our environnement. >> >> Richard >> >> >> On Sun, Oct 14, 2012 at 12:26 PM, piero crisci <piero....@gmail.com>wrote: >> >>> I made the changes you said, >>> I also test the app with the V. 1.99.7 >>> I also create a new app called TEST with the wizard without add anything >>> else. >>> Once created the new APP i just add this lines to db.py : >>> >>> db.auth_user.password.requires = [IS_STRONG(),CRYPT(key=auth.** >>> settings.hmac_key)] >>> >>> I chose a good password and after i went to this link page to change >>> user info >>> http://127.0.0.1:8000/TEST/**appadmin/update/db/auth_user/1<http://127.0.0.1:8000/TEST/appadmin/update/db/auth_user/1> >>> I try the submit and i got the same IS_STRONG controls Error. >>> So with 2 differnts apps 2 different framework version, 2 different db i >>> got the same Controll error. >>> Could it be due to the use of the Wizard App creation?. >>> Thanks for help >>> >>> >>> Il giorno sabato 13 ottobre 2012 16:42:26 UTC+2, Massimo Di Pierro ha >>> scritto: >>> >>>> You do not need two decorators: >>>> >>>> @auth.requires_login() >>>> @auth.requires_membership('**ris**orse_umane' or 'admin') >>>> >>>> auth.requires_membership also requires login. >>>> You cannot do >>>> @auth.requires_membership('**ris**orse_umane' or 'admin') >>>> because that is the same as >>>> @auth.requires_membership('**ris**orse_umane') >>>> since 'risorse_umane' evaluates to True. >>>> >>>> There may be something else going on. >>>> >>>> >>>> >>>> On Friday, 12 October 2012 10:04:35 UTC-5, piero crisci wrote: >>>>> >>>>> I tryed to find others with the same iusse problem without understand >>>>> how to solve the problems :( >>>>> >>>>> I set in the db.py the follow table >>>>> >>>>> ##############################****########## >>>>> db.define_table('auth_user', >>>>> Field('username', type='string', >>>>> label=T('Username')), >>>>> Field('first_name', type='string', >>>>> label=T('First Name')), >>>>> Field('last_name', type='string', >>>>> label=T('Last Name')), >>>>> Field('email', type='string', >>>>> label=T('Email')), >>>>> Field('password', type='password',length=512, >>>>> readable=False, >>>>> label=T('Password')), >>>>> Field('created_on','datetime',****default=request.now, >>>>> label=T('Created On'),writable=False,readable=**F**alse), >>>>> Field('modified_on','datetime'****,default=request.now, >>>>> label=T('Modified On'),writable=False,readable=**F**alse, >>>>> update=request.now), >>>>> Field('registration_key',**defau**lt='', >>>>> writable=False,readable=False)****, >>>>> Field('reset_password_key',**def**ault='', >>>>> writable=False,readable=False)****, >>>>> Field('registration_id',**defaul**t='', >>>>> writable=False,readable=False)****, >>>>> format='%(username)s', >>>>> migrate=settings.migrate) >>>>> >>>>> >>>>> db.auth_user.first_name.**requir**es = IS_NOT_EMPTY(error_message=** >>>>> aut**h.messages.is_empty) >>>>> db.auth_user.last_name.**require**s = IS_NOT_EMPTY(error_message=**aut >>>>> **h.messages.is_empty) >>>>> #db.auth_user.password.**require**s = [ IS_STRONG(min=8, >>>>> number=1,special=1,error_**messa**ge = "La password deve contenere >>>>> almeno 8 Caratteri, un Numero, un Carattere Speciale, un carattere >>>>> Maiuscolo"), CRYPT(key=auth.settings.hmac_**k**ey)] >>>>> db.auth_user.password.**requires**= [*IS_STRONG(min=8), >>>>> CRYPT(auth.settings.hmac_key)*] >>>>> >>>>> db.auth_user.username.requires = IS_NOT_IN_DB(db, >>>>> db.auth_user.username, error_message = 'Username già censita') >>>>> db.auth_user.email.requires = (IS_EMAIL(error_message=auth.**m** >>>>> essages.invalid_email), >>>>> IS_NOT_IN_DB(db, >>>>> db.auth_user.email,error_**messa**ge = 'Email già censita')) >>>>> auth.define_tables(migrate = settings.migrate) >>>>> >>>>> I set in the default.py this def for manage the user changes . >>>>> >>>>> @auth.requires_login() >>>>> @auth.requires_membership('**ris**orse_umane' or 'admin') >>>>> def anagrafica_utenti_db_manage(): >>>>> form = SQLFORM.smartgrid(db.auth_**user**,onupdate=auth.archive) >>>>> return locals() >>>>> >>>>> When i try to modify the name or the surname the framework rise the >>>>> IS_STRONG control even if i don't touch the password string. >>>>> I am new with web2py and i want just to know if i need to create a >>>>> form to make the user changes or i can fix this problem using the >>>>> smartgrid. >>>>> I also set the "Requires approval" for the new registration. How can i >>>>> delete the "Pending" in the registration key ? (I can t do it right now >>>>> because of the IS_STRONG control. >>>>> Thanks for help >>>>> And sorry for bother you >>>>> >>>> -- >>> >>> >>> >>> >> >> -- > > > > --
