Fixes wrong password validation

Now, minimum length of 6 is properly checked Closes elastic/elasticsearch#441 Original commit: elastic/x-pack-elasticsearch@d644528570
2014-12-08 14:17:53 +01:00 · 2014-12-08 14:17:53 +01:00 · 9970267058
parent 87a2a2afc6
commit 9970267058
2 changed files with 12 additions and 1 deletions
--- a/src/main/java/org/elasticsearch/shield/support/Validation.java
+++ b/src/main/java/org/elasticsearch/shield/support/Validation.java
@ -28,7 +28,7 @@ public final class Validation {
        }

        public static Error validatePassword(char[] password) {
-            return password.length > MIN_PASSWD_LENGTH ?
+            return password.length >= MIN_PASSWD_LENGTH ?
                    null :
                    new Error("passwords must must be at least [" + MIN_PASSWD_LENGTH + "] charachters long");
        }
--- a/src/test/java/org/elasticsearch/shield/support/ValidationTests.java
+++ b/src/test/java/org/elasticsearch/shield/support/ValidationTests.java
@ -63,6 +63,17 @@ public class ValidationTests extends ElasticsearchTestCase {
        assertThat(Validation.ESUsers.validateUsername(name), notNullValue());
    }

+    @Test @Repeat(iterations = 100)
+    public void testESUsers_validatePassword() throws Exception {
+        String passwd = randomAsciiOfLength(randomIntBetween(0, 20));
+        logger.info(passwd + "[{}]", passwd.length());
+        if (passwd.length() >= 6) {
+            assertThat(Validation.ESUsers.validatePassword(passwd.toCharArray()), nullValue());
+        } else {
+            assertThat(Validation.ESUsers.validatePassword(passwd.toCharArray()), notNullValue());
+        }
+    }
+
    @Test @Repeat(iterations = 100)
    public void testRoles_validateRoleName() throws Exception {
        int length = randomIntBetween(1, 30);