Skip to content

do_reset in auth.py has sharp edges that should be filed down. #266

Description

@cubes

do_reset in auth.py has a sharp edge:

This function takes an iterable of stuff, i.e. guests, updates all the guests's password to the same password, and then emails an individual email with the new password. In practice, I think this is ok because it get's called like this:

    guests = Guest.objects.filter(email=email, can_login=True)
    if guests.count() > 0:
        do_reset(guests)
        return

... and, in practice, I don't think the data model supports having more than one Guest record with the same email.

That said, if you were to do something like the following:

    d_reset(Guest.objects.all())

... bad shit would happen.

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions