IntenseWebs/mattermost
3
0
Fork 0
mirror of https://github.com/mattermost/mattermost.git synced 2025-02-25 18:55:24 -06:00
Code Issues Packages Projects Releases Wiki Activity

Refactor password validation and config defaults (#7859)

Browse Source 
* refactor password validation and config defaults

* reorder config lines for clarity
This commit is contained in:
Chris
2017-11-20 11:04:04 -06:00
committed by GitHub
parent ab6ef954b4
commit d1cee02247
7 changed files with 1180 additions and 982 deletions
Download Patch File Download Diff File Expand all files Collapse all files

98
utils/password.go
View File

@@ -11,55 +11,55 @@ import (
)
func IsPasswordValid(password string) *model.AppError {
id := "model.user.is_valid.pwd"
isError := false
min := model.PASSWORD_MINIMUM_LENGTH
if IsLicensed() && *License().Features.PasswordRequirements {
if len(password) < *Cfg.PasswordSettings.MinimumLength || len(password) > model.PASSWORD_MAXIMUM_LENGTH {
isError = true
}
if *Cfg.PasswordSettings.Lowercase {
if !strings.ContainsAny(password, model.LOWERCASE_LETTERS) {
isError = true
}
id = id + "_lowercase"
}
if *Cfg.PasswordSettings.Uppercase {
if !strings.ContainsAny(password, model.UPPERCASE_LETTERS) {
isError = true
}
id = id + "_uppercase"
}
if *Cfg.PasswordSettings.Number {
if !strings.ContainsAny(password, model.NUMBERS) {
isError = true
}
id = id + "_number"
}
if *Cfg.PasswordSettings.Symbol {
if !strings.ContainsAny(password, model.SYMBOLS) {
isError = true
}
id = id + "_symbol"
}
min = *Cfg.PasswordSettings.MinimumLength
} else if len(password) > model.PASSWORD_MAXIMUM_LENGTH || len(password) < model.PASSWORD_MINIMUM_LENGTH {
isError = true
min = model.PASSWORD_MINIMUM_LENGTH
}
if isError {
return model.NewAppError("User.IsValid", id+".app_error", map[string]interface{}{"Min": min}, "", http.StatusBadRequest)
if len(password) > model.PASSWORD_MAXIMUM_LENGTH || len(password) < model.PASSWORD_MINIMUM_LENGTH {
return model.NewAppError("User.IsValid", "model.user.is_valid.pwd.app_error", map[string]interface{}{"Min": model.PASSWORD_MINIMUM_LENGTH}, "", http.StatusBadRequest)
}
return nil
}
func IsPasswordValidWithSettings(password string, settings *model.PasswordSettings) *model.AppError {
id := "model.user.is_valid.pwd"
isError := false
if len(password) < *settings.MinimumLength || len(password) > model.PASSWORD_MAXIMUM_LENGTH {
isError = true
}
if *settings.Lowercase {
if !strings.ContainsAny(password, model.LOWERCASE_LETTERS) {
isError = true
}
id = id + "_lowercase"
}
if *settings.Uppercase {
if !strings.ContainsAny(password, model.UPPERCASE_LETTERS) {
isError = true
}
id = id + "_uppercase"
}
if *settings.Number {
if !strings.ContainsAny(password, model.NUMBERS) {
isError = true
}
id = id + "_number"
}
if *settings.Symbol {
if !strings.ContainsAny(password, model.SYMBOLS) {
isError = true
}
id = id + "_symbol"
}
if isError {
return model.NewAppError("User.IsValid", id+".app_error", map[string]interface{}{"Min": *settings.MinimumLength}, "", http.StatusBadRequest)
}
return nil

127
utils/password_test.go Normal file
View File

@@ -0,0 +1,127 @@
package utils
import (
"strings"
"testing"
"github.com/stretchr/testify/assert"
"github.com/mattermost/mattermost-server/model"
)
func TestIsPasswordValid(t *testing.T) {
for name, tc := range map[string]struct {
Password string
ExpectedError string
}{
"Short": {
Password: strings.Repeat("x", model.PASSWORD_MINIMUM_LENGTH),
},
"Long": {
Password: strings.Repeat("x", model.PASSWORD_MAXIMUM_LENGTH),
},
"TooShort": {
Password: strings.Repeat("x", model.PASSWORD_MINIMUM_LENGTH-1),
ExpectedError: "model.user.is_valid.pwd.app_error",
},
"TooLong": {
Password: strings.Repeat("x", model.PASSWORD_MAXIMUM_LENGTH+1),
ExpectedError: "model.user.is_valid.pwd.app_error",
},
} {
t.Run(name, func(t *testing.T) {
if err := IsPasswordValid(tc.Password); tc.ExpectedError == "" {
assert.Nil(t, err)
} else {
assert.Equal(t, tc.ExpectedError, err.Id)
}
})
}
}
func TestIsPasswordValidWithSettings(t *testing.T) {
for name, tc := range map[string]struct {
Password string
Settings *model.PasswordSettings
ExpectedError string
}{
"Short": {
Password: strings.Repeat("x", 3),
Settings: &model.PasswordSettings{
MinimumLength: model.NewInt(3),
},
},
"Long": {
Password: strings.Repeat("x", model.PASSWORD_MAXIMUM_LENGTH),
Settings: &model.PasswordSettings{},
},
"TooShort": {
Password: strings.Repeat("x", 2),
Settings: &model.PasswordSettings{
MinimumLength: model.NewInt(3),
},
ExpectedError: "model.user.is_valid.pwd.app_error",
},
"TooLong": {
Password: strings.Repeat("x", model.PASSWORD_MAXIMUM_LENGTH+1),
Settings: &model.PasswordSettings{},
ExpectedError: "model.user.is_valid.pwd.app_error",
},
"MissingLower": {
Password: "ASD123!@#",
Settings: &model.PasswordSettings{
Lowercase: model.NewBool(true),
},
ExpectedError: "model.user.is_valid.pwd_lowercase.app_error",
},
"MissingUpper": {
Password: "asd123!@#",
Settings: &model.PasswordSettings{
Uppercase: model.NewBool(true),
},
ExpectedError: "model.user.is_valid.pwd_uppercase.app_error",
},
"MissingNumber": {
Password: "asdASD!@#",
Settings: &model.PasswordSettings{
Number: model.NewBool(true),
},
ExpectedError: "model.user.is_valid.pwd_number.app_error",
},
"MissingSymbol": {
Password: "asdASD123",
Settings: &model.PasswordSettings{
Symbol: model.NewBool(true),
},
ExpectedError: "model.user.is_valid.pwd_symbol.app_error",
},
"MissingMultiple": {
Password: "asd",
Settings: &model.PasswordSettings{
Lowercase: model.NewBool(true),
Uppercase: model.NewBool(true),
Number: model.NewBool(true),
Symbol: model.NewBool(true),
},
ExpectedError: "model.user.is_valid.pwd_lowercase_uppercase_number_symbol.app_error",
},
"Everything": {
Password: "asdASD!@#123",
Settings: &model.PasswordSettings{
Lowercase: model.NewBool(true),
Uppercase: model.NewBool(true),
Number: model.NewBool(true),
Symbol: model.NewBool(true),
},
},
} {
tc.Settings.SetDefaults()
t.Run(name, func(t *testing.T) {
if err := IsPasswordValidWithSettings(tc.Password, tc.Settings); tc.ExpectedError == "" {
assert.Nil(t, err)
} else {
assert.Equal(t, tc.ExpectedError, err.Id)
}
})
}
}