25124 enforcing password requirements #9423
Conversation
…o flow as before. split functions and custom exception.
…e after spark api and model integration)
…requirements' into 25124-enforcing-password-requirements
|
👋 Hello! Thanks for contributing to our project. If you are unsure the failing tests are related to your code, you can check the "reference jobs". These are jobs that run on a scheduled time with code from master. If they fail for the same reason as your build, it means the tests or the infrastructure are broken. If they do not fail, but yours do, it means it is related to your code. Reference tests: KNOWN ISSUES Sometimes the build can fail when pulling new jar files from download.opensuse.org . This is a known limitation. Given this happens rarely, when it does, all you need to do is rerun the test. Sorry for the inconvenience. For more tips on troubleshooting, see the troubleshooting guide. Happy hacking! |
|
@Serp1co You need to implement DB schema migration and also think about how to migrate from current configuration file values to DB. We have at least min and max password length. If they are changed, we should set it the DB configuration |
There was a problem hiding this comment.
Once the default values are decided, we need a button in the UI to reset everything to default. If you want to go one step further for convenience, we can decide on a few sensible presets with varying levels of restriction, and add buttons for each, which set all the fields accordingly.
Ideally, all those individual fields must be filled only if the user has some specific rules in mind. Otherwise, we should offer shortcuts like I mentioned above.
| * @param user | ||
| * @return an OK string | ||
| */ | ||
| public String postPasswordPolicy(Request request, Response response, User user) { |
There was a problem hiding this comment.
We also need an API for the user (XMLRCP/JSON over HTTP) to get and modify the policy
|
@cbbayburt what about showing the default value in front, maybe in gray, so customers know what was the default value, and if they want come back to that value for a few fields? |
I'm not sure. Especially the "special chars" field is not so convenient to type in manually. Maybe @bisht-richa or @Etheryte has some ideas? |
Some rough idea 
|
What does this PR change?
Enforce password requirement for server users, comes with a new admin panel to manage local users password policy.
GUI diff
Before:
After:
Documentation
Documentation issue was created: Link for SUSE Manager contributors, Link for community contributors.
API documentation added: please review the Wiki page Writing Documentation for the API if you have any changes to API documentation.
(OPTIONAL) Documentation PR
DONE
Test coverage
Unit tests were added
DONE
Links
Issue(s): #
Port(s): # add downstream PR(s), if any
Changelogs
Make sure the changelogs entries you are adding are compliant with https://github.com/uyuni-project/uyuni/wiki/Contributing#changelogs and https://github.com/uyuni-project/uyuni/wiki/Contributing#uyuni-projectuyuni-repository
If you don't need a changelog check, please mark this checkbox:
If you uncheck the checkbox after the PR is created, you will need to re-run
changelog_test(see below)Re-run a test
If you need to re-run a test, please mark the related checkbox, it will be unchecked automatically once it has re-run:
Before you merge
Check How to branch and merge properly!