2013-12-20 16:34:34 -05:00
|
|
|
require_dependency "common_passwords/common_passwords"
|
|
|
|
|
|
2013-12-19 15:12:03 -05:00
|
|
|
class PasswordValidator < ActiveModel::EachValidator
|
|
|
|
|
|
|
|
|
|
def validate_each(record, attribute, value)
|
2017-11-30 23:19:24 -05:00
|
|
|
return unless record.password_validation_required?
|
|
|
|
|
|
2013-12-19 15:12:03 -05:00
|
|
|
if value.nil?
|
|
|
|
|
record.errors.add(attribute, :blank)
|
2016-03-03 13:01:31 -05:00
|
|
|
elsif value.length < SiteSetting.min_admin_password_length && (record.admin? || is_developer?(record.email))
|
2016-03-02 03:31:38 -05:00
|
|
|
record.errors.add(attribute, :too_short, count: SiteSetting.min_admin_password_length)
|
2013-12-19 16:15:36 -05:00
|
|
|
elsif value.length < SiteSetting.min_password_length
|
|
|
|
|
record.errors.add(attribute, :too_short, count: SiteSetting.min_password_length)
|
2015-02-25 11:59:57 -05:00
|
|
|
elsif record.username.present? && value == record.username
|
|
|
|
|
record.errors.add(attribute, :same_as_username)
|
2016-01-05 15:43:11 -05:00
|
|
|
elsif record.email.present? && value == record.email
|
2015-02-27 13:47:43 -05:00
|
|
|
record.errors.add(attribute, :same_as_email)
|
2016-08-24 12:27:09 -04:00
|
|
|
elsif record.confirm_password?(value)
|
|
|
|
|
record.errors.add(attribute, :same_as_current)
|
2013-12-20 16:34:34 -05:00
|
|
|
elsif SiteSetting.block_common_passwords && CommonPasswords.common_password?(value)
|
|
|
|
|
record.errors.add(attribute, :common)
|
2017-02-14 09:40:15 -05:00
|
|
|
elsif value.chars.uniq.length < SiteSetting.password_unique_characters
|
2017-02-09 15:00:22 -05:00
|
|
|
record.errors.add(attribute, :unique_characters)
|
2013-12-19 15:12:03 -05:00
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
2016-03-03 13:01:31 -05:00
|
|
|
def is_developer?(value)
|
|
|
|
|
Rails.configuration.respond_to?(:developer_emails) && Rails.configuration.developer_emails.include?(value)
|
|
|
|
|
end
|
|
|
|
|
|
2013-12-19 15:12:03 -05:00
|
|
|
end
|
