Mercurial > kallithea
changeset 5336:caaf0d07c168
auth: make ValidPasswordsMatch more explicit and strict about which fields are being checked
| author | Mads Kiilerich <madski@unity3d.com> |
|---|---|
| date | Fri, 31 Jul 2015 15:44:07 +0200 |
| parents | 8ccc02375c0d |
| children | dd87009b518b |
| files | kallithea/model/forms.py kallithea/model/validators.py kallithea/tests/functional/test_login.py kallithea/tests/other/test_validators.py |
| diffstat | 4 files changed, 14 insertions(+), 12 deletions(-) [+] |
line wrap: on
line diff
--- a/kallithea/model/forms.py Fri Jul 31 15:44:07 2015 +0200 +++ b/kallithea/model/forms.py Fri Jul 31 15:44:07 2015 +0200 @@ -102,6 +102,8 @@ v.UnicodeString(strip=False, min=6, not_empty=False), ) admin = v.StringBoolean(if_missing=False) + chained_validators = [v.ValidPasswordsMatch('new_password', + 'password_confirmation')] else: password = All( v.ValidPassword(), @@ -111,6 +113,8 @@ v.ValidPassword(), v.UnicodeString(strip=False, min=6, not_empty=False) ) + chained_validators = [v.ValidPasswordsMatch('password', + 'password_confirmation')] active = v.StringBoolean(if_missing=False) firstname = v.UnicodeString(strip=True, min=1, not_empty=False) @@ -118,7 +122,6 @@ email = All(v.Email(not_empty=True), v.UniqSystemEmail(old_data)) extern_name = v.UnicodeString(strip=True) extern_type = v.UnicodeString(strip=True) - chained_validators = [v.ValidPasswordsMatch()] return _UserForm @@ -196,7 +199,8 @@ lastname = v.UnicodeString(strip=True, min=1, not_empty=False) email = All(v.Email(not_empty=True), v.UniqSystemEmail(old_data)) - chained_validators = [v.ValidPasswordsMatch()] + chained_validators = [v.ValidPasswordsMatch('password', + 'password_confirmation')] return _RegisterForm
--- a/kallithea/model/validators.py Fri Jul 31 15:44:07 2015 +0200 +++ b/kallithea/model/validators.py Fri Jul 31 15:44:07 2015 +0200 @@ -280,19 +280,17 @@ return _validator -def ValidPasswordsMatch(passwd='new_password', passwd_confirmation='password_confirmation'): +def ValidPasswordsMatch(password_field, password_confirmation_field): class _validator(formencode.validators.FancyValidator): messages = { 'password_mismatch': _('Passwords do not match'), } def validate_python(self, value, state): - - pass_val = value.get('password') or value.get(passwd) - if pass_val != value[passwd_confirmation]: + if value.get(password_field) != value[password_confirmation_field]: msg = M(self, 'password_mismatch', state) raise formencode.Invalid(msg, value, state, - error_dict={passwd:msg, passwd_confirmation: msg} + error_dict={password_field:msg, password_confirmation_field: msg} ) return _validator
--- a/kallithea/tests/functional/test_login.py Fri Jul 31 15:44:07 2015 +0200 +++ b/kallithea/tests/functional/test_login.py Fri Jul 31 15:44:07 2015 +0200 @@ -298,7 +298,7 @@ 'email': 'goodmailm@test.plxa', 'firstname': 'test', 'lastname': 'test'}) - msg = validators.ValidPasswordsMatch()._messages['password_mismatch'] + msg = validators.ValidPasswordsMatch('password', 'password_confirmation')._messages['password_mismatch'] response.mustcontain(msg) def test_register_ok(self):
--- a/kallithea/tests/other/test_validators.py Fri Jul 31 15:44:07 2015 +0200 +++ b/kallithea/tests/other/test_validators.py Fri Jul 31 15:44:07 2015 +0200 @@ -100,9 +100,9 @@ self.assertRaises(formencode.Invalid, validator.to_python, 'ąćżź') def test_ValidPasswordsMatch(self): - validator = v.ValidPasswordsMatch() + validator = v.ValidPasswordsMatch('new_password', 'password_confirmation') self.assertRaises(formencode.Invalid, - validator.to_python, {'password': 'pass', + validator.to_python, {'new_password': 'pass', 'password_confirmation': 'pass2'}) self.assertRaises(formencode.Invalid, @@ -114,9 +114,9 @@ validator.to_python({'new_password': 'pass', 'password_confirmation': 'pass'})) - self.assertEqual({'password': 'pass', + self.assertEqual({'new_password': 'pass', 'password_confirmation': 'pass'}, - validator.to_python({'password': 'pass', + validator.to_python({'new_password': 'pass', 'password_confirmation': 'pass'})) def test_ValidAuth(self):