diff --git a/security/Member.php b/security/Member.php index 817c4b01a..39573a4b9 100644 --- a/security/Member.php +++ b/security/Member.php @@ -975,8 +975,7 @@ class Member extends DataObject implements TemplateGlobalProvider { $encryption_details = Security::encrypt_password( $this->Password, // this is assumed to be cleartext $this->Salt, - ($this->PasswordEncryption) ? - $this->PasswordEncryption : Security::config()->password_encryption_algorithm, + $this->isChanged('PasswordEncryption') ? $this->PasswordEncryption : null, $this ); diff --git a/tests/security/MemberTest.php b/tests/security/MemberTest.php index d1db139e5..342a2da71 100644 --- a/tests/security/MemberTest.php +++ b/tests/security/MemberTest.php @@ -45,7 +45,21 @@ class MemberTest extends FunctionalTest { parent::tearDown(); } - + public function testPasswordEncryptionUpdatedOnChangedPassword() + { + Config::inst()->update('Security', 'password_encryption_algorithm', 'none'); + $member = Member::create(); + $member->SetPassword = 'password'; + $member->write(); + $this->assertEquals('password', $member->Password); + $this->assertEquals('none', $member->PasswordEncryption); + Config::inst()->update('Security', 'password_encryption_algorithm', 'blowfish'); + $member->SetPassword = 'newpassword'; + $member->write(); + $this->assertNotEquals('password', $member->Password); + $this->assertNotEquals('newpassword', $member->Password); + $this->assertEquals('blowfish', $member->PasswordEncryption); + } /** * @expectedException ValidationException @@ -94,28 +108,6 @@ class MemberTest extends FunctionalTest { ); } - public function testDefaultPasswordEncryptionDoesntChangeExistingMembers() { - $member = new Member(); - $member->Password = 'mypassword'; - $member->PasswordEncryption = 'sha1_v2.4'; - $member->write(); - - $origAlgo = Security::config()->password_encryption_algorithm; - Security::config()->password_encryption_algorithm = 'none'; - - $member->Password = 'mynewpassword'; - $member->write(); - - $this->assertEquals( - $member->PasswordEncryption, - 'sha1_v2.4' - ); - $result = $member->checkPassword('mynewpassword'); - $this->assertTrue($result->valid()); - - Security::config()->password_encryption_algorithm = $origAlgo; - } - public function testKeepsEncryptionOnEmptyPasswords() { $member = new Member(); $member->Password = 'mypassword'; @@ -126,8 +118,8 @@ class MemberTest extends FunctionalTest { $member->write(); $this->assertEquals( - $member->PasswordEncryption, - 'sha1_v2.4' + Security::config()->get('password_encryption_algorithm'), + $member->PasswordEncryption ); $result = $member->checkPassword(''); $this->assertTrue($result->valid());