LP#1579225: fix handling of passwords in patron registration
This patch improves how the new password hashing is invoked
by open-ils.actor.patron.update; in particular, it fixes
a problem whereby newly registered patrons could not
log in. It also fixes other issues:
- actor.usr.passwd would be set to an MD5 of the password
for new users, vitiating the strong hashes in actor.passwd
- certain types of updates via patron registration, such as
adding or deleting addresses, could result in the patron's
password getting doubly-hashed, thereby locking them out
of their account.
To test
-------
[1] Register a new patron; verify that they can log in.
[2] Edit an existing patron and change their password; verify
that they can log in.
[3] Edit an existing patron but do NOT change their password;
verify that they can still log in.
[4] Inspect the actor.usr rows for these patrons and verify
that actor.usr.passwd is set to the value MD5(''), not
the MD5 of their password.
This commit reverts a chapter heading change, which had broken an
internal cross reference link, thus causing the HTML docs to fail to
build. In this case, it seems best to keep the older heading rather than
fix the link to it.
In general, we should be careful about changing any AsciiDoc
headings, since we currently rely on autogenerated section IDs when
making internal links, and changing a heading changes its ID. If a
heading is changed, then all links to it need to be changed accordingly.
As suggested by Mike Rylander, keep the escape_email_header helper
around to avoid breaking templates that already adopted it, but make it
a no-op as the SendEmail reactor now encodes the email headers of
interest by default.
Signed-off-by: Dan Scott <email address hidden>
Signed-off-by: Dan Wells <email address hidden>
