Describe the bug
If I want to comment or change the role(s) of a user (no matter if it's a root user or a normal database user), the password gets reset. Even though it should not "reset" the password field to an empty string. You can not login with an empty password string and therefore you brick your user.
I was able to detect what was happening via http and sniff the traffic (using Proxyman).
Important to note the PASSWORD "" in the request body.
Root user update request/response:
Normal database user request/response:
To Reproduce
Steps to reproduce the behavior:
Go to 'Authentication'
Click on a 'root' user (which has a password set) or create a new "Database user" with a password.
Verify if login with user, with a separate connection.
Update the user, select a role or add a comment and click on "save"
Try login with root or the database user and it will not be successful because the password was reset.
Expected behavior
The form field states that when leaving empty the password will not be set.
Workaround/Solution to fix
Current workaround I have found is start SurrealDB with the --allow-guests flag and change the password.
Environment:
Platform: Desktop
OS: Darwin
Architecture: x86_64
WebView: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko)
Version: 2.0.6
Flags: featureFlags: false, models_view: true, apidocs_view: true, themes: false, newsfeed: true
Describe the bug If I want to comment or change the role(s) of a user (no matter if it's a root user or a normal database user), the password gets reset. Even though it should not "reset" the password field to an empty string. You can not login with an empty password string and therefore you brick your user.
I was able to detect what was happening via
http
and sniff the traffic (using Proxyman).Root user update request/response:
Normal database user request/response:
![Screenshot 2024-05-18 at 15 08 44](https://github.com/surrealdb/surrealist/assets/1531885/a89e9b2e-70a5-4609-ad22-32b4701aaa9f)
To Reproduce Steps to reproduce the behavior:
Expected behavior The form field states that when leaving empty the password will not be set.
Workaround/Solution to fix Current workaround I have found is start SurrealDB with the
--allow-guests
flag and change the password.Environment: