FIX: password validator was being too strict

lib/validators/password_validator.rb

@@ -18,7 +18,7 @@ class PasswordValidator < ActiveModel::EachValidator
       record.errors.add(attribute, :same_as_current)
     elsif SiteSetting.block_common_passwords && CommonPasswords.common_password?(value)
       record.errors.add(attribute, :common)
-    elsif value.chars.inject(Hash.new(0)) { |h,char| h[char] += 1; h }.reject { |k,v| v > 1 }.size < SiteSetting.password_unique_characters
+    elsif value.split("").uniq.length < SiteSetting.password_unique_characters
       record.errors.add(attribute, :unique_characters)
     end
   end

spec/components/validators/password_validator_spec.rb

@@ -93,19 +93,20 @@ describe PasswordValidator do
       end
 
       it "adds an error when there are too few unique characters" do
+        SiteSetting.password_unique_characters = 6
         @password = "aaaaaa5432"
         validate
         expect(record.errors[:password]).to include(password_error_message(:unique_characters))
       end
 
       it "doesn't add an error when there are enough unique characters" do
-        @password = "aaaaa54321"
+        @password = "aaaaa54322"
         validate
         expect(record.errors[:password]).not_to be_present
       end
 
       it "counts capital letters as different" do
-        @password = "aaaAaa5432"
+        @password = "aaaAaa543A"
         validate
         expect(record.errors[:password]).not_to be_present
       end

spec/controllers/users_controller_spec.rb

@@ -613,9 +613,9 @@ describe UsersController do
           auth[:authenticator_name] = 'twitter'
           auth[:extra_data] = twitter_auth
 
-          TwitterUserInfo.expects(:create)
-
           post_user
+
+          expect(TwitterUserInfo.count).to eq(1)
         end
       end
     end