This must have been a merge error. Your solution is in trunk, please check
it.
On Friday, 11 January 2013 08:31:14 UTC-6, Niphlod wrote:
>
> in DAL there are 2 similar REGEXes at the top that parse the DAL uri. The
> method "hide_password()" should hide the password and not the user from the
> uri....a simple script to reproduce
>
> import re
> REGEX_PASSWORD = re.compile('\://([^:@]*)\:')
> REGEX_NOPASSWD = re.compile('(?<=\:)([^:@/]+)(?=@.+)')
>
> uri = 'postgres://mdipierro:password@localhost/test'
> #actual method
> print REGEX_PASSWORD.sub('://******:',uri)
> >> postgres://******:password@localhost/test
>
> #proposed method
> print REGEX_NOPASSWD.sub('******',uri)
> >> postgres://mdipierro:******@localhost/test
>
>
> Currently the 1st is used, I'd suggest the 2nd unless there is some reason
> behind it.
>
> Il giorno venerdì 11 gennaio 2013 15:14:42 UTC+1, Massimo Di Pierro ha
> scritto:
>>
>> I am not sure I understand the context. Can you show me a code example?
>>
>> On Friday, 11 January 2013 05:37:23 UTC-6, Niphlod wrote:
>>>
>>> yep, don't know why ....
>>>
>>> seems that hide_password() should be among the lines of
>>>
>>> def hide_password(uri):
>>> return REGEX_NOPASSWD.sub('******',uri)
>>>
>>> On Friday, January 11, 2013 11:01:45 AM UTC+1, Joel Samuelsson wrote:
>>>>
>>>> Using version 2.3.2 (stable) by the way.
>>>>
>>>> Den fredagen den 11:e januari 2013 kl. 10:59:24 UTC+1 skrev Joel
>>>> Samuelsson:
>>>>>
>>>>> Not sure if this is the right place to submit a "bug report" but here
>>>>> it goes:
>>>>>
>>>>> If you print a DAL object (using a MySQL adapter, at least) the
>>>>> username is hidden but the password is still visible. To me it looks like
>>>>> the regexp is at fault (gluon/dal.py):
>>>>> REGEX_PASSWORD = re.compile('\://([^:@]*)\:')
>>>>>
>>>>
--
