Open achillebnt opened 2 months ago
Hi @achillebnt
This is the desired and functional behaviour
GLPI is compatible with passwords in sha1
format
as soon as the user updates his password (which is recommended) GLPI will encrypt it with sodium
Best regards
It's not a desired and functional behaviour... initially i do it only to update phone number of users and after i had to restore the database because no one can access to the portal.
Ok I had misunderstood the context of the injection
Can you past here your mapping ?
Here the mapping
I do my test and i think function processAfterInsertOrUpdate in inc/userinjection.class.php has to be reviewed because this part of code every time you save it take the value in database and rehash it.
I comment out that query commit and my problem was gone.
Can you apply this patch, enable GLPI debug mode and reduo a CSV import ?
diff --git a/inc/userinjection.class.php b/inc/userinjection.class.php
index 9447426..af2bd72 100644
--- a/inc/userinjection.class.php
+++ b/inc/userinjection.class.php
@@ -174,6 +174,7 @@ class PluginDatainjectionUserInjection extends User implements PluginDatainjecti
}
}
+ toolbox::logDebug($values['User']);
if (isset($values['User']['password']) && ($values['User']['password'] != '')) {
//We use an SQL request because updating the password is unesasy
//(self reset password process in $user->prepareInputForUpdate())
Then check php-errors.log
file (/glpi/files/_log/php-errors.log
)
you should see what this call gets
Here the return log:
[2024-07-11 13:33:00] glpiphplog.DEBUG: PluginDatainjectionUserInjection::processAfterInsertOrUpdate() in /var/www/html/glpi-test/marketplace/datainjection/inc/userinjection.class.php line 177
Array
(
[name] => user.test
[mobile] => 12345678
[entities_id] => 0
[id] => 10
[password] => 6f851c48ba4b5592aa5340aaea956e3d102eb7b4
[password_last_update] => NULL
[phone] => NULL
[phone2] => NULL
[realname] => NULL
[firstname] => NULL
[locations_id] => 0
[language] => NULL
[use_mode] => 0
[list_limit] => NULL
[is_active] => 1
[comment] => NULL
[auths_id] => 0
[authtype] => 1
[last_login] => NULL
[date_mod] => 2024-07-11 11:18:06
[date_sync] => NULL
[is_deleted] => 0
[profiles_id] => 0
[usertitles_id] => 0
[usercategories_id] => 0
[date_format] => NULL
[number_format] => NULL
[names_format] => NULL
[csv_delimiter] => NULL
[is_ids_visible] => NULL
[use_flat_dropdowntree] => NULL
[show_jobs_at_login] => NULL
[priority_1] => NULL
[priority_2] => NULL
[priority_3] => NULL
[priority_4] => NULL
[priority_5] => NULL
[priority_6] => NULL
[followup_private] => NULL
[task_private] => NULL
[default_requesttypes_id] => NULL
[password_forget_token] => NULL
[password_forget_token_date] => NULL
[user_dn] => NULL
[user_dn_hash] => NULL
[registration_number] => NULL
[show_count_on_tabs] => NULL
[refresh_views] => NULL
[set_default_tech] => NULL
[personal_token] => NULL
[personal_token_date] => NULL
[api_token] => NULL
[api_token_date] => NULL
[cookie_token] => NULL
[cookie_token_date] => NULL
[display_count_on_home] => NULL
[notification_to_myself] => NULL
[duedateok_color] => NULL
[duedatewarning_color] => NULL
[duedatecritical_color] => NULL
[duedatewarning_less] => NULL
[duedatecritical_less] => NULL
[duedatewarning_unit] => NULL
[duedatecritical_unit] => NULL
[display_options] => NULL
[is_deleted_ldap] => 0
[pdffont] => NULL
[picture] => NULL
[begin_date] => NULL
[end_date] => NULL
[keep_devices_when_purging_item] => NULL
[privatebookmarkorder] => NULL
[backcreated] => NULL
[task_state] => NULL
[palette] => NULL
[page_layout] => NULL
[fold_menu] => NULL
[fold_search] => NULL
[savedsearches_pinned] => NULL
[timeline_order] => NULL
[itil_layout] => NULL
[richtext_layout] => NULL
[set_default_requester] => NULL
[lock_autolock_mode] => NULL
[lock_directunlock_notification] => NULL
[date_creation] => 2024-07-11 11:17:41
[highcontrast_css] => NULL
[plannings] => NULL
[sync_field] => NULL
[groups_id] => 0
[users_id_supervisor] => 0
[timezone] => NULL
[default_dashboard_central] => NULL
[default_dashboard_assets] => NULL
[default_dashboard_helpdesk] => NULL
[default_dashboard_mini_ticket] => NULL
[default_central_tab] => NULL
[nickname] => NULL
[timeline_action_btn_layout] => NULL
[timeline_date_format] => NULL
[use_flat_dropdowntree_on_search_result] => NULL
)
~~~
I create a simple model to import/update users, using username and phone as fields associated respectively to login and phone but when i do the import for some reason the password was changed to sha1 hash.
Doing a little debug i found this: writing a text password in database glpi_users.password for example pippo when i do the import that word will be converted to sha1 hash: d012f68144ed0f121d3cc330a17eec528c2e7d59
In the debug mode there is trace of sql query.