2019-04-29 20:27:42 -04:00
|
|
|
# frozen_string_literal: true
|
|
|
|
|
2022-07-27 22:27:38 -04:00
|
|
|
RSpec.describe PasswordValidator do
|
2017-02-09 15:00:22 -05:00
|
|
|
def password_error_message(key)
|
|
|
|
I18n.t("activerecord.errors.models.user.attributes.password.#{key.to_s}")
|
|
|
|
end
|
|
|
|
|
2013-12-19 15:12:03 -05:00
|
|
|
subject(:validate) { validator.validate_each(record, :password, @password) }
|
|
|
|
|
2023-06-21 10:00:19 -04:00
|
|
|
let(:validator) { described_class.new(attributes: :password) }
|
|
|
|
|
2022-07-27 12:14:14 -04:00
|
|
|
describe "password required" do
|
2013-12-19 15:12:03 -05:00
|
|
|
let(:record) do
|
|
|
|
u = Fabricate.build(:user, password: @password)
|
|
|
|
u.password_required!
|
|
|
|
u
|
2023-01-09 06:18:21 -05:00
|
|
|
end
|
2013-12-19 15:12:03 -05:00
|
|
|
|
2022-07-27 12:14:14 -04:00
|
|
|
context "when password is not common" do
|
2013-12-27 11:15:53 -05:00
|
|
|
before { CommonPasswords.stubs(:common_password?).returns(false) }
|
2013-12-19 16:15:36 -05:00
|
|
|
|
2022-07-27 12:14:14 -04:00
|
|
|
context "when min password length is 8" do
|
2017-07-07 02:09:14 -04:00
|
|
|
before { SiteSetting.min_password_length = 8 }
|
2013-12-20 16:34:34 -05:00
|
|
|
|
|
|
|
it "doesn't add an error when password is good" do
|
|
|
|
@password = "weron235alsfn234"
|
|
|
|
validate
|
2015-01-09 11:34:37 -05:00
|
|
|
expect(record.errors[:password]).not_to be_present
|
2013-12-20 16:34:34 -05:00
|
|
|
end
|
|
|
|
|
|
|
|
it "adds an error when password is too short" do
|
|
|
|
@password = "p"
|
|
|
|
validate
|
2015-01-09 11:34:37 -05:00
|
|
|
expect(record.errors[:password]).to be_present
|
2013-12-20 16:34:34 -05:00
|
|
|
end
|
|
|
|
|
|
|
|
it "adds an error when password is blank" do
|
|
|
|
@password = ""
|
|
|
|
validate
|
2015-01-09 11:34:37 -05:00
|
|
|
expect(record.errors[:password]).to be_present
|
2013-12-20 16:34:34 -05:00
|
|
|
end
|
|
|
|
|
|
|
|
it "adds an error when password is nil" do
|
|
|
|
@password = nil
|
|
|
|
validate
|
2015-01-09 11:34:37 -05:00
|
|
|
expect(record.errors[:password]).to be_present
|
2013-12-20 16:34:34 -05:00
|
|
|
end
|
2016-03-02 03:31:38 -05:00
|
|
|
|
|
|
|
it "adds an error when user is admin and password is less than 15 chars" do
|
|
|
|
SiteSetting.min_admin_password_length = 15
|
|
|
|
|
|
|
|
@password = "12345678912"
|
|
|
|
record.admin = true
|
|
|
|
validate
|
|
|
|
expect(record.errors[:password]).to be_present
|
|
|
|
end
|
2013-12-19 16:15:36 -05:00
|
|
|
end
|
|
|
|
|
2022-07-27 12:14:14 -04:00
|
|
|
context "when min password length is 12" do
|
2017-07-07 02:09:14 -04:00
|
|
|
before { SiteSetting.min_password_length = 12 }
|
2013-12-20 16:34:34 -05:00
|
|
|
|
|
|
|
it "adds an error when password length is 11" do
|
|
|
|
@password = "gt38sdt92bv"
|
|
|
|
validate
|
2015-01-09 11:34:37 -05:00
|
|
|
expect(record.errors[:password]).to be_present
|
2013-12-20 16:34:34 -05:00
|
|
|
end
|
2013-12-19 16:15:36 -05:00
|
|
|
end
|
2013-12-20 16:34:34 -05:00
|
|
|
end
|
2013-12-19 16:15:36 -05:00
|
|
|
|
2022-07-27 12:14:14 -04:00
|
|
|
context "when password is commonly used" do
|
2013-12-20 16:34:34 -05:00
|
|
|
before do
|
2017-07-07 02:09:14 -04:00
|
|
|
SiteSetting.min_password_length = 8
|
2013-12-27 11:15:53 -05:00
|
|
|
CommonPasswords.stubs(:common_password?).returns(true)
|
2013-12-19 16:15:36 -05:00
|
|
|
end
|
|
|
|
|
2013-12-20 16:34:34 -05:00
|
|
|
it "adds an error when block_common_passwords is enabled" do
|
2017-07-07 02:09:14 -04:00
|
|
|
SiteSetting.block_common_passwords = true
|
2013-12-20 16:34:34 -05:00
|
|
|
@password = "password"
|
2013-12-19 16:15:36 -05:00
|
|
|
validate
|
2017-02-09 15:00:22 -05:00
|
|
|
expect(record.errors[:password]).to include(password_error_message(:common))
|
2013-12-19 16:15:36 -05:00
|
|
|
end
|
2013-12-19 15:12:03 -05:00
|
|
|
|
2013-12-20 16:34:34 -05:00
|
|
|
it "doesn't add an error when block_common_passwords is disabled" do
|
2017-07-07 02:09:14 -04:00
|
|
|
SiteSetting.block_common_passwords = false
|
2013-12-20 16:34:34 -05:00
|
|
|
@password = "password"
|
2013-12-19 16:15:36 -05:00
|
|
|
validate
|
2015-01-09 11:34:37 -05:00
|
|
|
expect(record.errors[:password]).not_to be_present
|
2013-12-19 16:15:36 -05:00
|
|
|
end
|
2013-12-19 15:12:03 -05:00
|
|
|
end
|
2015-02-25 11:59:57 -05:00
|
|
|
|
2022-07-27 12:14:14 -04:00
|
|
|
context "when password_unique_characters is 5" do
|
2017-02-09 15:00:22 -05:00
|
|
|
before { SiteSetting.password_unique_characters = 5 }
|
|
|
|
|
|
|
|
it "adds an error when there are too few unique characters" do
|
2017-02-14 09:17:52 -05:00
|
|
|
SiteSetting.password_unique_characters = 6
|
2017-02-10 10:38:17 -05:00
|
|
|
@password = "aaaaaa5432"
|
2017-02-09 15:00:22 -05:00
|
|
|
validate
|
|
|
|
expect(record.errors[:password]).to include(password_error_message(:unique_characters))
|
|
|
|
end
|
|
|
|
|
|
|
|
it "doesn't add an error when there are enough unique characters" do
|
2017-02-16 20:06:19 -05:00
|
|
|
@password = "aaaaa12345"
|
2017-02-09 15:00:22 -05:00
|
|
|
validate
|
|
|
|
expect(record.errors[:password]).not_to be_present
|
|
|
|
end
|
|
|
|
|
2017-02-10 10:38:17 -05:00
|
|
|
it "counts capital letters as different" do
|
2017-02-16 20:06:19 -05:00
|
|
|
@password = "aaaAaa1234"
|
2017-02-09 15:00:22 -05:00
|
|
|
validate
|
|
|
|
expect(record.errors[:password]).not_to be_present
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2015-02-25 11:59:57 -05:00
|
|
|
it "adds an error when password is the same as the username" do
|
2016-03-02 03:31:38 -05:00
|
|
|
@password = "porkchops1234"
|
2015-02-25 11:59:57 -05:00
|
|
|
record.username = @password
|
|
|
|
validate
|
2017-02-09 15:00:22 -05:00
|
|
|
expect(record.errors[:password]).to include(password_error_message(:same_as_username))
|
2015-02-25 11:59:57 -05:00
|
|
|
end
|
2015-02-27 13:47:43 -05:00
|
|
|
|
2019-05-13 16:43:19 -04:00
|
|
|
it "adds an error when password is the same as the name" do
|
|
|
|
@password = "myawesomepassword"
|
|
|
|
record.name = @password
|
|
|
|
validate
|
|
|
|
expect(record.errors[:password]).to include(password_error_message(:same_as_name))
|
|
|
|
end
|
|
|
|
|
2015-02-27 13:47:43 -05:00
|
|
|
it "adds an error when password is the same as the email" do
|
|
|
|
@password = "pork@chops.com"
|
|
|
|
record.email = @password
|
|
|
|
validate
|
2017-02-09 15:00:22 -05:00
|
|
|
expect(record.errors[:password]).to include(password_error_message(:same_as_email))
|
2015-02-27 13:47:43 -05:00
|
|
|
end
|
2016-08-24 12:27:09 -04:00
|
|
|
|
|
|
|
it "adds an error when new password is same as current password" do
|
|
|
|
@password = "mypetsname"
|
|
|
|
record.save!
|
|
|
|
record.reload
|
|
|
|
record.password = @password
|
|
|
|
validate
|
2017-02-09 15:00:22 -05:00
|
|
|
expect(record.errors[:password]).to include(password_error_message(:same_as_current))
|
2016-08-24 12:27:09 -04:00
|
|
|
end
|
2017-11-30 23:19:24 -05:00
|
|
|
|
|
|
|
it "validation required if password is required" do
|
|
|
|
expect(record.password_validation_required?).to eq(true)
|
|
|
|
end
|
|
|
|
|
|
|
|
it "validation not required after save until a new password is set" do
|
|
|
|
@password = "myoldpassword"
|
|
|
|
record.save!
|
|
|
|
record.reload
|
|
|
|
expect(record.password_validation_required?).to eq(false)
|
|
|
|
record.password = "mynewpassword"
|
|
|
|
expect(record.password_validation_required?).to eq(true)
|
|
|
|
end
|
2013-12-19 15:12:03 -05:00
|
|
|
end
|
|
|
|
|
2022-07-27 12:14:14 -04:00
|
|
|
describe "password not required" do
|
2013-12-19 15:12:03 -05:00
|
|
|
let(:record) { Fabricate.build(:user, password: @password) }
|
|
|
|
|
|
|
|
it "doesn't add an error if password is not required" do
|
|
|
|
@password = nil
|
|
|
|
validate
|
2015-01-09 11:34:37 -05:00
|
|
|
expect(record.errors[:password]).not_to be_present
|
2013-12-19 15:12:03 -05:00
|
|
|
end
|
2017-11-30 23:19:24 -05:00
|
|
|
|
|
|
|
it "validation required if a password is set" do
|
|
|
|
@password = "mygameshow"
|
|
|
|
expect(record.password_validation_required?).to eq(true)
|
|
|
|
end
|
|
|
|
|
|
|
|
it "adds an error even password not required" do
|
|
|
|
@password = "p"
|
|
|
|
validate
|
|
|
|
expect(record.errors[:password]).to be_present
|
|
|
|
end
|
2013-12-19 15:12:03 -05:00
|
|
|
end
|
|
|
|
end
|