Univention Bugzilla – Bug 46427
password export does not contain password changed by hook
Last modified: 2021-11-09 14:52:18 CET
In UserImport.create_and_modify_users() the password of new users are saved before running User.create() (because that removes it from the object) and after create() set on the object, so that it can be exported at a later time. If a pre_create() or post_create() hook modifies the password, after create() it will be overwritten on the User object and the old password will be exported. Also: a post_create() hook will not see the password. Store the User objects password attribute after the pre_create() and restore it before the post_create() hook to fix both problems.
This issue has been filed against UCS@school 4.2. UCS@school 4.2 is out of maintenance and many UCS@school components have changed in later releases. Thus, this issue is now being closed. If this issue still occurs in newer UCS@school versions, please reopen it and update the UCS@school version. In this case please provide detailed information on how this issue is affecting you.
This is still valid for UCS@School 4.4v9. I was able to reproduce the bug with the birthday2password-Hook [1]: the passwords are set as desired, but the passwords in the summary differ. [1] https://git.knut.univention.de/univention/components/ucsschool-hooks/-/blob/4.4/pyhooks/birthday2password.py