dbaccess/source/core/dataaccess/databasecontext.cxx | 36 +++++---------------
dbaccess/source/core/dataaccess/datasource.cxx | 12 +++++-
dbaccess/source/core/inc/ModelImpl.hxx | 1
3 files changed, 19 insertions(+), 30 deletions(-)
New commits:
commit 04d2a7d2f6a20bc69b7876e9c502c627e83e9f8f
Author: prrvchr <prrv...@gmail.com>
AuthorDate: Fri Aug 15 23:54:08 2025 +0200
Commit: Mike Kaganski <mike.kagan...@collabora.com>
CommitDate: Mon Aug 18 11:23:26 2025 +0200
tdf#167960 The password of an unknown user is no longer stored
To resolve this issue, several things were necessary.
- Add a Boolean attribute m_bAskPassword to the data source's Model
implementation (i.e., the ModelImpl.hxx file)
- Modify the connectWithCompletion() procedure of the data source (i.e.,
the datasource.cxx file) that Base calls each time an ODB file is first opened.
When opening the connection, it will verify that the connection is indeed made
by the user provided by the data source. If this is not the case, the
m_bAskPassword attribute of the model will be set to true.
- If this first connection is successful, the DataBaseContext (i.e., the
databasecontext.cxx file) will attempt to cache the data source's properties,
and if the m_bAskPassword attribute of the model is true, the Password property
of the data source will not be cached.
Now if you connect with a user other than the one proposed by default, your
password will be constantly requested after disconnecting and reconnecting or
until the odb file is saved.
Change-Id: I40960c04fb84604c018374743a735676f556e2b8
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/189732
Tested-by: Jenkins
Reviewed-by: Mike Kaganski <mike.kagan...@collabora.com>
diff --git a/dbaccess/source/core/dataaccess/databasecontext.cxx
b/dbaccess/source/core/dataaccess/databasecontext.cxx
index fc5dc5f0907e..412e34ca2a50 100644
--- a/dbaccess/source/core/dataaccess/databasecontext.cxx
+++ b/dbaccess/source/core/dataaccess/databasecontext.cxx
@@ -456,10 +456,17 @@ void ODatabaseContext::storeTransientProperties(
ODatabaseModelImpl& _rModelImpl
&& ( ( rProperty.Attributes & PropertyAttribute::READONLY) ==
0 )
)
{
- // found such a property
- aRememberProps.put( rProperty.Name, xSource->getPropertyValue(
rProperty.Name ) );
+ // If the connection was opened by a user other than the one
registered in the
+ // data source, the password will not be stored and always
requested. See tdf#167960
+ if (rProperty.Name != "Password" ||
!_rModelImpl.m_bAskPassword)
+ {
+ // found such a property
+ aRememberProps.put( rProperty.Name,
xSource->getPropertyValue( rProperty.Name ) );
+ }
}
}
+ // We don't need him anymore, we only come here once for a datasource.
+ _rModelImpl.m_bAskPassword = false;
}
catch ( const Exception& )
{
diff --git a/dbaccess/source/core/dataaccess/datasource.cxx
b/dbaccess/source/core/dataaccess/datasource.cxx
index 387b4c88c2a7..af166a92caa6 100644
--- a/dbaccess/source/core/dataaccess/datasource.cxx
+++ b/dbaccess/source/core/dataaccess/datasource.cxx
@@ -1084,12 +1084,18 @@ Reference< XConnection >
ODatabaseSource::connectWithCompletion( const Reference
return Reference< XConnection >();
// get the result
- sUser = m_pImpl->m_sUser = pAuthenticate->getUser();
- sPassword = pAuthenticate->getPassword();
+ sUser = pAuthenticate->getUser();
+ if (sUser != m_pImpl->m_sUser)
+ {
+ m_pImpl->m_sUser = sUser;
+ m_pImpl->m_bAskPassword = true;
+ }
+
+ sPassword = pAuthenticate->getPassword();
if (pAuthenticate->getRememberPassword())
{
- m_pImpl->m_aPassword = pAuthenticate->getPassword();
+ m_pImpl->m_aPassword = sPassword;
bNewPasswordGiven = true;
}
m_pImpl->m_sFailedPassword.clear();
diff --git a/dbaccess/source/core/inc/ModelImpl.hxx
b/dbaccess/source/core/inc/ModelImpl.hxx
index 8f4e7affddbe..e20c32b5f3f5 100644
--- a/dbaccess/source/core/inc/ModelImpl.hxx
+++ b/dbaccess/source/core/inc/ModelImpl.hxx
@@ -238,6 +238,7 @@ public:
bool m_bModified : 1;
bool m_bDocumentReadOnly : 1;
bool
m_bMacroCallsSeenWhileLoading : 1;
+ bool m_bAskPassword;
css::uno::Reference< css::beans::XPropertyBag >
m_xSettings;
css::uno::Sequence< OUString > m_aTableFilter;
commit d4e478e4b501ec6c6e928fb3f3564be5f44666f4
Author: Mike Kaganski <mike.kagan...@collabora.com>
AuthorDate: Mon Aug 18 08:05:23 2025 +0200
Commit: Mike Kaganski <mike.kagan...@collabora.com>
CommitDate: Mon Aug 18 11:23:20 2025 +0200
Revert "tdf#167960: store also username associated with this password"
This reverts commit 5b064206d83c6854e292e93de168fbf802201e5b.
Reason for revert:
Let's use https://gerrit.libreoffice.org/c/core/+/189732 instead.
This reportedly doesn't cause tdf#167994.
Change-Id: I47014b0419362d54c75b13ccb299f64ed9e29b4d
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/189837
Tested-by: Jenkins
Reviewed-by: Mike Kaganski <mike.kagan...@collabora.com>
diff --git a/dbaccess/source/core/dataaccess/databasecontext.cxx
b/dbaccess/source/core/dataaccess/databasecontext.cxx
index e1a3cf4f068c..fc5dc5f0907e 100644
--- a/dbaccess/source/core/dataaccess/databasecontext.cxx
+++ b/dbaccess/source/core/dataaccess/databasecontext.cxx
@@ -385,7 +385,6 @@ void ODatabaseContext::setTransientProperties(const
OUString& _sURL, ODatabaseMo
try
{
OUString sAuthFailedPassword;
- Any aUser, aPassword;
Reference< XPropertySet > xDSProps(
_rDataSourceModel.getOrCreateDataSource(), UNO_QUERY_THROW );
const Sequence< PropertyValue >& rSessionPersistentProps =
m_aDatasourceProperties[_sURL];
for ( auto const & prop : rSessionPersistentProps )
@@ -394,14 +393,6 @@ void ODatabaseContext::setTransientProperties(const
OUString& _sURL, ODatabaseMo
{
OSL_VERIFY( prop.Value >>= sAuthFailedPassword );
}
- else if (prop.Name == PROPERTY_USER)
- {
- aUser = prop.Value;
- }
- else if (prop.Name == PROPERTY_PASSWORD)
- {
- aPassword = prop.Value;
- }
else
{
xDSProps->setPropertyValue( prop.Name, prop.Value );
@@ -409,12 +400,6 @@ void ODatabaseContext::setTransientProperties(const
OUString& _sURL, ODatabaseMo
}
_rDataSourceModel.m_sFailedPassword = sAuthFailedPassword;
- // tdf#167960: only restore password, if the username is unchanged
- if (aPassword.hasValue() && aUser.hasValue())
- {
- if (aUser == xDSProps->getPropertyValue(PROPERTY_USER))
- xDSProps->setPropertyValue(PROPERTY_PASSWORD, aPassword);
- }
}
catch( const Exception& )
{
@@ -475,16 +460,6 @@ void ODatabaseContext::storeTransientProperties(
ODatabaseModelImpl& _rModelImpl
aRememberProps.put( rProperty.Name, xSource->getPropertyValue(
rProperty.Name ) );
}
}
- if (aRememberProps.has(PROPERTY_PASSWORD))
- {
- // tdf#167960: store also username associated with this password.
- // It may happen, that the next time this document is loaded, it
gets another username.
- // It happens e.g. if this time a different username and password
were used, which are
- // now saved in the model's PROPERTY_USER / PROPERTY_PASSWORD; but
the document is not
- // modified to write that username to file. The next time it is
opened, the previously
- // stored name is loaded. We can detect the change, using this
stored value.
- aRememberProps.put(PROPERTY_USER,
xSource->getPropertyValue(PROPERTY_USER));
- }
}
catch ( const Exception& )
{
