When a token is requested from the Kelvin REST API and the user is authorized (member of the Kelvin admin group) but the password is wrong, a HTTP 500 happens, because of an AttributeError. Fix the AttributeError. HTTP 401 should be returned for a wrong password.
Fixed the bug. Additionally changed the order to only retrieve the admin group members, when the users password has been verified. [feature/kelvin a12dbcc53] Bug #54431: fix token request with authorized user and wrong password leading to AttributeError (HTTP 500) The Docker image build failed because the versions of bacl in the container and in the pre-commmit configuration mismatched. They are now the same: [feature/kelvin 272c784eb] Bug #54431: use same versions of black, isort and flake8 in Docker container build and on dev machine A new Docker image (c4b7099bb691) has been built for version 1.5.3 and a new app version (1.5.3) was created in the test appcenter: http://appcenter-test.software-univention.de/univention-repository/4.4/maintained/component/ucsschool-kelvin-rest-api_20220208185832/
> curl -X 'POST' "https://$(hostname -f)/ucsschool/kelvin/token" -d 'username=Administrator' -d 'password=wrong' < HTTP/1.1 500 Internal Server Error after the update to > curl -X 'POST' "https://$(hostname -f)/ucsschool/kelvin/token" -d 'username=Administrator' -d 'password=wrong' {"detail":"Incorrect username or password"} < HTTP/1.1 401 Unauthorized OK - 401 Unauthorized for wrong password or username OK - get token with correct password OK - app update OK - changelog looks good to me
Released with version 1.5.3 If error occurs again, please clone this bug.