DRCIT/snipe-it
1
0
Fork 0
mirror of https://github.com/snipe/snipe-it.git synced 2025-01-11 13:57:41 -08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

Fix #5408. (#5715)

Browse source 
The temporary password cannot be added to the users data until after do
any update-related logic, otherwise their password will be overwritten.
This commit is contained in:
Daniel Meltzer 2018-06-20 04:59:04 -04:00 committed by snipe
parent e7bc18dad4
commit 2d18b73138
1 changed files with 4 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
app/Importer/UserImporter.php
View file

@ -37,7 +37,6 @@ class UserImporter extends ItemImporter
$this->item['phone'] = $this->findCsvMatch($row, 'phone_number');
$this->item['jobtitle'] = $this->findCsvMatch($row, 'jobtitle');
$this->item['employee_num'] = $this->findCsvMatch($row, 'employee_num');
$this->item['password'] = $this->tempPassword;
$user = User::where('username', $this->item['username'])->first();
if ($user) {
if (!$this->updating) {
@ -45,11 +44,14 @@ class UserImporter extends ItemImporter
return;
}
$this->log('Updating User');
// $user = $this->users[$userId];
$user->update($this->sanitizeItemForUpdating($user));
$user->save();
return;
}
// This needs to be applied after the update logic, otherwise we'll overwrite user passwords
// Issue #5408
$this->item['password'] = $this->tempPassword;
$this->log("No matching user, creating one");
$user = new User();
$user->fill($this->sanitizeItemForStoring($user));