From 0d1ae7aac81c806632749d0214b73331937852ef Mon Sep 17 00:00:00 2001 From: mbauskar Date: Tue, 20 Jun 2017 18:02:53 +0530 Subject: [PATCH] [fixes] fixed password strength, ignore password strength if password policy is disabled --- frappe/core/doctype/user/test_user.py | 9 ++------- frappe/core/doctype/user/user.py | 29 ++++++++++++++++++--------- 2 files changed, 21 insertions(+), 17 deletions(-) diff --git a/frappe/core/doctype/user/test_user.py b/frappe/core/doctype/user/test_user.py index f0384c55f5..b2206a8d37 100644 --- a/frappe/core/doctype/user/test_user.py +++ b/frappe/core/doctype/user/test_user.py @@ -222,15 +222,10 @@ class TestUser(unittest.TestCase): def test_password_strength(self): # Test Password without Password Strenth Policy frappe.db.set_value("System Settings", "System Settings", "enable_password_policy", 0) - frappe.db.set_value("System Settings", "System Settings", "minimum_password_score", "") - # Score 0; should fail + # password policy is disabled, test_password_strength should be ignored result = test_password_strength("test_password") - self.assertEqual(result['feedback']['password_policy_validation_passed'], False) - - # Score 1; should pass - result = test_password_strength("bee2ve") - self.assertEqual(result['feedback']['password_policy_validation_passed'], True) + self.assertFalse(result.get("feedback", None)) # Test Password with Password Strenth Policy Set frappe.db.set_value("System Settings", "System Settings", "enable_password_policy", 1) diff --git a/frappe/core/doctype/user/user.py b/frappe/core/doctype/user/user.py index 48d2139360..f83e953b0b 100644 --- a/frappe/core/doctype/user/user.py +++ b/frappe/core/doctype/user/user.py @@ -412,11 +412,12 @@ class User(Document): def password_strength_test(self): """ test password strength """ - if frappe.db.get_single_value("System Settings", "enable_password_policy") and self.__new_password: + if self.__new_password: user_data = (self.first_name, self.middle_name, self.last_name, self.email, self.birth_date) result = test_password_strength(self.__new_password, '', None, user_data) + feedback = result.get("feedback", None) - if not result['feedback']['password_policy_validation_passed']: + if feedback and not feedback.get('password_policy_validation_passed', False): handle_password_test_fail(result) def suggest_username(self): @@ -507,8 +508,9 @@ def get_perm_info(role): @frappe.whitelist(allow_guest=True) def update_password(new_password, key=None, old_password=None): result = test_password_strength(new_password, key, old_password) + feedback = result.get("feedback", None) - if not result['feedback']['password_policy_validation_passed']: + if feedback and not feedback.get('password_policy_validation_passed', False): handle_password_test_fail(result) res = _get_user_for_update_password(key, old_password) @@ -539,21 +541,28 @@ def update_password(new_password, key=None, old_password=None): def test_password_strength(new_password, key=None, old_password=None, user_data=[]): from frappe.utils.password_strength import test_password_strength as _test_password_strength + password_policy = frappe.db.get_value("System Settings", None, + ["enable_password_policy", "minimum_password_score"], as_dict=True) + + enable_password_policy = cint(password_policy.get("enable_password_policy", 0)) + minimum_password_score = cint(password_policy.get("minimum_password_score", 0)) + + if not enable_password_policy: + return {} + if not user_data: - user_data = frappe.db.get_value('User', frappe.session.user, ['first_name', 'middle_name', 'last_name', 'email', 'birth_date']) + user_data = frappe.db.get_value('User', frappe.session.user, + ['first_name', 'middle_name', 'last_name', 'email', 'birth_date']) if new_password: result = _test_password_strength(new_password, user_inputs=user_data) - - enable_password_policy = cint(frappe.db.get_single_value("System Settings", "enable_password_policy")) and True or False - minimum_password_score = cint(frappe.db.get_single_value("System Settings", "minimum_password_score")) or 0 - password_policy_validation_passed = False - if result['score'] >= minimum_password_score: + + # score should be greater than 0 and minimum_password_score + if result.get('score') and result.get('score') >= minimum_password_score: password_policy_validation_passed = True result['feedback']['password_policy_validation_passed'] = password_policy_validation_passed - return result #for login