[FIX] base: make check_credentials more consistent with alternatives

The other methods do test password length before verifying it, so even if check_credentials() is not meant to be called directly, it's better to keep it consistent with the alternatives. Closes #29023

[FIX] base: make check_credentials more consistent with alternatives
6639630d · Denis Roussel · 3b85900f · 6639630d
Commit 6639630d authored 6 years ago by Denis Roussel
--- a/odoo/addons/base/res/res_users.py
+++ b/odoo/addons/base/res/res_users.py
@@ -444,6 +444,8 @@ class Users(models.Model):
    @api.model
    def check_credentials(self, password):
        """ Override this method to plug additional authentication methods"""
+        if not password:
+            raise AccessDenied()
        user = self.sudo().search([('id', '=', self._uid), ('password', '=', password)])
        if not user:
            raise AccessDenied()