kallithea Changeset - caaf0d07c168

Changeset - caaf0d07c168

Parent rev.

Child rev.

[Not reviewed]

default

0 4 0

Mads Kiilerich - 10 years ago 2015-07-31 15:44:07
madski@unity3d.com

auth: make ValidPasswordsMatch more explicit and strict about which fields are being checked

4 files changed with 14 insertions and 12 deletions:

kallithea/model/forms.py

kallithea/model/validators.py

kallithea/tests/functional/test_login.py

kallithea/tests/other/test_validators.py

0 comments (0 inline, 0 general)

kallithea/model/forms.py

➞

Show inline comments

@@ @@ -102,6 +102,8 @@ def UserForm(edit=False, old_data={}): @@
                 v.UnicodeString(strip=False, min=6, not_empty=False),
+            )
             admin = v.StringBoolean(if_missing=False)
             chained_validators = [v.ValidPasswordsMatch('new_password',
                                                         'password_confirmation')]
         else:
             password = All(
                 v.ValidPassword(),
@@ @@ -111,6 +113,8 @@ def UserForm(edit=False, old_data={}): @@
                 v.ValidPassword(),
                 v.UnicodeString(strip=False, min=6, not_empty=False)
+            )
             chained_validators = [v.ValidPasswordsMatch('password',
                                                         'password_confirmation')]
         active = v.StringBoolean(if_missing=False)
         firstname = v.UnicodeString(strip=True, min=1, not_empty=False)
@@ @@ -118,7 +122,6 @@ def UserForm(edit=False, old_data={}): @@
         email = All(v.Email(not_empty=True), v.UniqSystemEmail(old_data))
         extern_name = v.UnicodeString(strip=True)
         extern_type = v.UnicodeString(strip=True)
         chained_validators = [v.ValidPasswordsMatch()]
     return _UserForm
@@ @@ -196,7 +199,8 @@ def RegisterForm(edit=False, old_data={} @@
         lastname = v.UnicodeString(strip=True, min=1, not_empty=False)
         email = All(v.Email(not_empty=True), v.UniqSystemEmail(old_data))
         chained_validators = [v.ValidPasswordsMatch()]
         chained_validators = [v.ValidPasswordsMatch('password',
                                                     'password_confirmation')]
     return _RegisterForm

kallithea/model/validators.py

➞

Show inline comments

@@ @@ -280,19 +280,17 @@ def ValidOldPassword(username): @@
     return _validator
-def ValidPasswordsMatch(passwd='new_password', passwd_confirmation='password_confirmation'):
+def ValidPasswordsMatch(password_field, password_confirmation_field):
     class _validator(formencode.validators.FancyValidator):
         messages = {
             'password_mismatch': _('Passwords do not match'),
+        }
         def validate_python(self, value, state):
             pass_val = value.get('password') or value.get(passwd)
             if pass_val != value[passwd_confirmation]:
             if value.get(password_field) != value[password_confirmation_field]:
                 msg = M(self, 'password_mismatch', state)
                 raise formencode.Invalid(msg, value, state,
-                     error_dict={passwd:msg, passwd_confirmation: msg}
+                     error_dict={password_field:msg, password_confirmation_field: msg}
+                )
     return _validator

kallithea/tests/functional/test_login.py

➞

Show inline comments

@@ @@ -298,7 +298,7 @@ class TestLoginController(TestController @@
                                              'email': 'goodmailm@test.plxa',
                                              'firstname': 'test',
                                              'lastname': 'test'})
         msg = validators.ValidPasswordsMatch()._messages['password_mismatch']
+        msg = validators.ValidPasswordsMatch('password', 'password_confirmation')._messages['password_mismatch']
         response.mustcontain(msg)
     def test_register_ok(self):

kallithea/tests/other/test_validators.py

➞

Show inline comments

@@ @@ -100,9 +100,9 @@ class TestRepoGroups(BaseTestCase): @@
         self.assertRaises(formencode.Invalid, validator.to_python, 'ąćżź')
     def test_ValidPasswordsMatch(self):
         validator = v.ValidPasswordsMatch()
+        validator = v.ValidPasswordsMatch('new_password', 'password_confirmation')
         self.assertRaises(formencode.Invalid,
-                    validator.to_python, {'password': 'pass',
+                    validator.to_python, {'new_password': 'pass',
                                           'password_confirmation': 'pass2'})
         self.assertRaises(formencode.Invalid,
@@ @@ -114,9 +114,9 @@ class TestRepoGroups(BaseTestCase): @@
                     validator.to_python({'new_password': 'pass',
                                          'password_confirmation': 'pass'}))
-        self.assertEqual({'password': 'pass',
+        self.assertEqual({'new_password': 'pass',
                           'password_confirmation': 'pass'},
-                    validator.to_python({'password': 'pass',
+                    validator.to_python({'new_password': 'pass',
                                          'password_confirmation': 'pass'}))
     def test_ValidAuth(self):

0 comments (0 inline, 0 general)