Bug 1654623

Summary: Edited user can't log in
Product: [Red Hat Storage] Red Hat Gluster Storage Reporter: Elena Bondarenko <ebondare>
Component: web-admin-tendrl-uiAssignee: Neha Gupta <negupta>
Status: CLOSED DEFERRED QA Contact: sds-qe-bugs
Severity: high Docs Contact:
Priority: unspecified    
Version: rhgs-3.4CC: fbalak, mbukatov, nthomas, rhs-bugs, sankarshan
Target Milestone: ---Keywords: ZStream
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2019-08-14 05:54:46 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 1654743    

Description Elena Bondarenko 2018-11-29 09:27:58 UTC 
Description of problem:

After a user edits their username in My Settings they can't log in anymore because their password is simultaneously changed to empty string, and the login page won't allow to log in with the empty Password text box.


Version-Release number of selected component (if applicable):

tendrl-ui-1.6.3-14.el7rhgs.noarch


How reproducible:

100%


Steps to Reproduce:

1. Log in
2. Click My Settings 
3. Enter a new name in Name text box
4. Save changes
5. Log out
6. Try to log in again


Actual results:

It's impossible to log in because the password has been changed to empty string.


Expected results:

Changing user's name doesn't cause the change of password. It's possible to log in after the change of user's name with the old password.


Additional info:

The json in the POST request when a user edits their name includes 'password: ""'. It shouldn't.
Comment 2 Elena Bondarenko 2018-11-29 11:30:13 UTC 
Zero-length password is also set if a user enables or disables their email notifications in My Settings or edits their e-mail address.
Comment 4 Nishanth Thomas 2019-08-14 05:54:46 UTC 
Edit username is not a common usecase and low priority issue.Right now we don't have resources to pursue this.