U4-4765 - backoffice user section does not save password changes in v6.2

Created by Dirk 26 Apr 2014, 19:51:12 Updated by Sebastiaan Janssen 30 Apr 2014, 15:18:33

Is duplicated by: U4-4793

Method SaveUser_Click in umbraco.cms.presentation.user.EditUser.aspx.cs ChangePassword() first changes and saves new password. But later on u.clearApplications() overrides the new password with the old one.


Dirk 26 Apr 2014, 20:02:40

similar problem in install step defaultUser. First membershipUser.ChangePassword() sets the new password but then user.Save() overrides it with the previous or "default" value.

Dirk 26 Apr 2014, 20:09:53

And also method tmp_save() in umbraco.cms.presentation.members.EditMember has this bug in line 413 ChangePassword() and line 437 _memberEntity.Save()

Dirk 26 Apr 2014, 20:34:14

Possible solution: get the current user / member in temp var to get the new password and update the original object e. g. for EditUser: ... ChangePassword(passwordChangerControl, membershipUser, passwordChangerValidator); var tmpUser = BusinessLogic.User.GetUser(u.Id); u.Password = tmpUser.Password; ...

Shannon Deminick 28 Apr 2014, 01:56:44

The problem is a dirty check on the password field at the repository level. We do this check in the member repo but not in the user repo. The problem is that the change password method at the membership provider level does change the password properly but it gets overwritten by the old password again on the next save. The password should only be updated if it is changed so we just need to do a dirty check on the property.

Shannon Deminick 28 Apr 2014, 02:22:33

fixed in 033fd1b7ff78e3fd334696b220c88b40d755a930

Dirk 28 Apr 2014, 07:54:12

That sounds a lot better ;-) Thank you Shannon

Priority: Critical

Type: Bug

State: Fixed

Assignee: Shannon Deminick

Difficulty: Normal


Backwards Compatible: True

Fix Submitted: Pull request

Affected versions:

Due in version: 6.2.0, 7.1.2


Story Points: