You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@openmeetings.apache.org by so...@apache.org on 2020/09/17 09:49:48 UTC
[openmeetings] branch master updated: [OPENMEETINGS-2443] more pwd
controls were added
This is an automated email from the ASF dual-hosted git repository.
solomax pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/openmeetings.git
The following commit(s) were added to refs/heads/master by this push:
new 2872ee6 [OPENMEETINGS-2443] more pwd controls were added
2872ee6 is described below
commit 2872ee632159c785d69d0d431c79b61ceddef0bb
Author: Maxim Solodovnik <so...@gmail.com>
AuthorDate: Thu Sep 17 16:49:24 2020 +0700
[OPENMEETINGS-2443] more pwd controls were added
---
.../core/util/StrongPasswordValidator.java | 6 ++-
.../core/util/TestStrongPasswordValidator.java | 43 +++++++++++++++-------
.../db/dao/basic/ConfigurationDao.java | 14 +++++++
.../installation/ImportInitvalues.java | 7 +++-
.../openmeetings/util/OpenmeetingsVariables.java | 20 ++++++++++
.../org/apache/openmeetings/web/room/raw-video.js | 12 +++---
6 files changed, 80 insertions(+), 22 deletions(-)
diff --git a/openmeetings-core/src/main/java/org/apache/openmeetings/core/util/StrongPasswordValidator.java b/openmeetings-core/src/main/java/org/apache/openmeetings/core/util/StrongPasswordValidator.java
index c2c7893..234e4b4 100644
--- a/openmeetings-core/src/main/java/org/apache/openmeetings/core/util/StrongPasswordValidator.java
+++ b/openmeetings-core/src/main/java/org/apache/openmeetings/core/util/StrongPasswordValidator.java
@@ -19,6 +19,8 @@
package org.apache.openmeetings.core.util;
import static org.apache.openmeetings.util.OpenmeetingsVariables.getMinPasswdLength;
+import static org.apache.openmeetings.util.OpenmeetingsVariables.isPwdCheckDigit;
+import static org.apache.openmeetings.util.OpenmeetingsVariables.isPwdCheckSpecial;
import static org.apache.openmeetings.util.OpenmeetingsVariables.isPwdCheckUpper;
import java.util.Locale;
@@ -49,11 +51,11 @@ public class StrongPasswordValidator implements IValidator<String> {
}
private static boolean noDigit(String password) {
- return password == null || !password.matches(".*\\d+.*");
+ return password == null || (isPwdCheckDigit() && !password.matches(".*\\d+.*"));
}
private static boolean noSymbol(String password) {
- return password == null || !password.matches(".*[!@#$%^&*\\]\\[]+.*");
+ return password == null || (isPwdCheckSpecial() && !password.matches(".*[!@#$%^&*\\]\\[]+.*"));
}
private static boolean noUpperCase(String password) {
diff --git a/openmeetings-core/src/test/java/org/apache/openmeetings/core/util/TestStrongPasswordValidator.java b/openmeetings-core/src/test/java/org/apache/openmeetings/core/util/TestStrongPasswordValidator.java
index d1b30d6..fd69c5f 100644
--- a/openmeetings-core/src/test/java/org/apache/openmeetings/core/util/TestStrongPasswordValidator.java
+++ b/openmeetings-core/src/test/java/org/apache/openmeetings/core/util/TestStrongPasswordValidator.java
@@ -18,6 +18,8 @@
*/
package org.apache.openmeetings.core.util;
+import static org.apache.openmeetings.util.OpenmeetingsVariables.setPwdCheckDigit;
+import static org.apache.openmeetings.util.OpenmeetingsVariables.setPwdCheckSpecial;
import static org.apache.openmeetings.util.OpenmeetingsVariables.setPwdCheckUpper;
import static org.junit.jupiter.api.Assertions.assertEquals;
import static org.mockito.ArgumentMatchers.any;
@@ -39,7 +41,7 @@ import org.mockito.MockedStatic;
import org.mockito.invocation.InvocationOnMock;
import org.mockito.stubbing.Answer;
-public class TestStrongPasswordValidator {
+class TestStrongPasswordValidator {
private static User getUser(String login, String email) {
User u = new User();
u.setLogin(login);
@@ -48,6 +50,10 @@ public class TestStrongPasswordValidator {
return u;
}
+ private static User getUser3() {
+ return getUser("2222", "2222@local");
+ }
+
private static Stream<Arguments> provideTestArgs() {
List<Arguments> args = new ArrayList<>();
for (boolean web : new boolean[] {true, false}) {
@@ -56,7 +62,7 @@ public class TestStrongPasswordValidator {
args.add(Arguments.of(null, web, u1, 5));
User u2 = getUser("2222", null);
args.add(Arguments.of("1", web, u2, 4));
- User u3 = getUser("2222", "2222@local");
+ User u3 = getUser3();
args.add(Arguments.of("password", web, u3, 3));
args.add(Arguments.of("passWord", web, u3, 2));
args.add(Arguments.of("passWord222", web, u3, 2));
@@ -98,28 +104,39 @@ public class TestStrongPasswordValidator {
});
}
-
@Test
void testNoUpper() {
try {
setPwdCheckUpper(false);
- runWrapped(() -> {
- int expectedErrors = 2;
- String pwd = "password";
- Validatable<String> pass = new Validatable<>(pwd);
- User u = getUser("2222", "2222@local");
- StrongPasswordValidator validator = new StrongPasswordValidator(u);
- validator.validate(pass);
- assertEquals(expectedErrors, pass.getErrors().size(), "Expected exactly " + expectedErrors + " errors, pass: '" + pwd + "', user: " + u);
- });
+ test("password", false, getUser3(), 2);
} finally {
setPwdCheckUpper(true);
}
}
+ @Test
+ void testNoDigit() {
+ try {
+ setPwdCheckDigit(false);
+ test("password", false, getUser3(), 2);
+ } finally {
+ setPwdCheckDigit(true);
+ }
+ }
+
+ @Test
+ void testNoSpecial() {
+ try {
+ setPwdCheckSpecial(false);
+ test("password", false, getUser3(), 2);
+ } finally {
+ setPwdCheckSpecial(true);
+ }
+ }
+
@ParameterizedTest
@MethodSource("provideTestArgs")
- void testNull(String pwd, boolean web, User u, int expectedErrors) {
+ void test(String pwd, boolean web, User u, int expectedErrors) {
runWrapped(() -> {
Validatable<String> pass = new Validatable<>(pwd);
StrongPasswordValidator validator = new StrongPasswordValidator(web, u);
diff --git a/openmeetings-db/src/main/java/org/apache/openmeetings/db/dao/basic/ConfigurationDao.java b/openmeetings-db/src/main/java/org/apache/openmeetings/db/dao/basic/ConfigurationDao.java
index 82af13d..6fe4fff 100644
--- a/openmeetings-db/src/main/java/org/apache/openmeetings/db/dao/basic/ConfigurationDao.java
+++ b/openmeetings-db/src/main/java/org/apache/openmeetings/db/dao/basic/ConfigurationDao.java
@@ -295,6 +295,12 @@ public class ConfigurationDao implements IDataProviderDao<Configuration> {
case CONFIG_PASS_CHECK_UPPER:
reloadPwdCheckUpper();
break;
+ case CONFIG_PASS_CHECK_DIGIT:
+ reloadPwdCheckNumber();
+ break;
+ case CONFIG_PASS_CHECK_SPECIAL:
+ reloadPwdCheckSpecial();
+ break;
case CONFIG_DEFAULT_GROUP_ID:
reloadDefaultGroup();
break;
@@ -436,6 +442,14 @@ public class ConfigurationDao implements IDataProviderDao<Configuration> {
setPwdCheckUpper(getBool(CONFIG_PASS_CHECK_UPPER, true));
}
+ private void reloadPwdCheckNumber() {
+ setPwdCheckDigit(getBool(CONFIG_PASS_CHECK_DIGIT, true));
+ }
+
+ private void reloadPwdCheckSpecial() {
+ setPwdCheckSpecial(getBool(CONFIG_PASS_CHECK_SPECIAL, true));
+ }
+
private void reloadDefaultGroup() {
setDefaultGroup(getLong(CONFIG_DEFAULT_GROUP_ID, null));
}
diff --git a/openmeetings-install/src/main/java/org/apache/openmeetings/installation/ImportInitvalues.java b/openmeetings-install/src/main/java/org/apache/openmeetings/installation/ImportInitvalues.java
index 937adcb..60fe1cf 100644
--- a/openmeetings-install/src/main/java/org/apache/openmeetings/installation/ImportInitvalues.java
+++ b/openmeetings-install/src/main/java/org/apache/openmeetings/installation/ImportInitvalues.java
@@ -72,6 +72,8 @@ import static org.apache.openmeetings.util.OpenmeetingsVariables.CONFIG_MP4_AUDI
import static org.apache.openmeetings.util.OpenmeetingsVariables.CONFIG_MP4_AUDIO_RATE;
import static org.apache.openmeetings.util.OpenmeetingsVariables.CONFIG_MP4_VIDEO_PRESET;
import static org.apache.openmeetings.util.OpenmeetingsVariables.CONFIG_MYROOMS_ENABLED;
+import static org.apache.openmeetings.util.OpenmeetingsVariables.CONFIG_PASS_CHECK_DIGIT;
+import static org.apache.openmeetings.util.OpenmeetingsVariables.CONFIG_PASS_CHECK_SPECIAL;
import static org.apache.openmeetings.util.OpenmeetingsVariables.CONFIG_PASS_CHECK_UPPER;
import static org.apache.openmeetings.util.OpenmeetingsVariables.CONFIG_PASS_MIN_LENGTH;
import static org.apache.openmeetings.util.OpenmeetingsVariables.CONFIG_PATH_FFMPEG;
@@ -154,6 +156,7 @@ public class ImportInitvalues {
private static final String VER_3_0_3 = "3.0.3";
private static final String VER_3_3_0 = "3.3.0";
private static final String VER_5_0_0 = "5.0.0";
+ private static final String VER_5_0_1 = "5.0.1";
private static final String CLIENT_PLACEHOLDER = "<put your client_id>";
private static final String SECRET_PLACEHOLDER = "<put your client_secret>";
private static final String EMAIL_PARAM = "email";
@@ -385,7 +388,9 @@ public class ImportInitvalues {
+ DEFAULT_CSP_STYLE + ")" + cspMore, VER_5_0_0);
addCfg(list, CONFIG_SMTP_SSL, String.valueOf(false), Configuration.Type.BOOL, "Enable SSL", VER_5_0_0);
addCfg(list, CONFIG_CSP_ENABLED, String.valueOf(true), Configuration.Type.BOOL, "Whether or not CSP secure headers are enabled", VER_5_0_0);
- addCfg(list, CONFIG_PASS_CHECK_UPPER, String.valueOf(true), Configuration.Type.BOOL, "Whether or not Password MUST contain uppercase characters", "5.0.1");
+ addCfg(list, CONFIG_PASS_CHECK_UPPER, String.valueOf(true), Configuration.Type.BOOL, "Whether or not Password MUST contain uppercase characters", VER_5_0_1);
+ addCfg(list, CONFIG_PASS_CHECK_DIGIT, String.valueOf(true), Configuration.Type.BOOL, "Whether or not Password MUST contain numeric", VER_5_0_1);
+ addCfg(list, CONFIG_PASS_CHECK_SPECIAL, String.valueOf(true), Configuration.Type.BOOL, "Whether or not Password MUST contain special character", VER_5_0_1);
return list;
}
public void loadConfiguration(InstallationConfig cfg) {
diff --git a/openmeetings-util/src/main/java/org/apache/openmeetings/util/OpenmeetingsVariables.java b/openmeetings-util/src/main/java/org/apache/openmeetings/util/OpenmeetingsVariables.java
index 69d1b35..5455445 100644
--- a/openmeetings-util/src/main/java/org/apache/openmeetings/util/OpenmeetingsVariables.java
+++ b/openmeetings-util/src/main/java/org/apache/openmeetings/util/OpenmeetingsVariables.java
@@ -52,6 +52,8 @@ public class OpenmeetingsVariables {
public static final String CONFIG_LOGIN_MIN_LENGTH = "user.login.minimum.length";
public static final String CONFIG_PASS_MIN_LENGTH = "user.pass.minimum.length";
public static final String CONFIG_PASS_CHECK_UPPER = "user.pass.check.upper";
+ public static final String CONFIG_PASS_CHECK_DIGIT = "user.pass.check.digit";
+ public static final String CONFIG_PASS_CHECK_SPECIAL = "user.pass.check.special";
public static final String CONFIG_IGNORE_BAD_SSL = "oauth2.ignore.bad.ssl";
public static final String CONFIG_REDIRECT_URL_FOR_EXTERNAL = "redirect.url.for.external.users";
public static final String CONFIG_APPOINTMENT_REMINDER_MINUTES = "number.minutes.reminder.send";
@@ -130,6 +132,8 @@ public class OpenmeetingsVariables {
private static int minLoginLength = USER_LOGIN_MINIMUM_LENGTH;
private static int minPasswdLength = USER_PASSWORD_MINIMUM_LENGTH;
private static boolean pwdCheckUpper = true;
+ private static boolean pwdCheckDigit = true;
+ private static boolean pwdCheckSpecial = true;
private static JSONObject roomSettings = new JSONObject();
private static boolean initComplete = false;
private static long maxUploadSize = DEFAULT_MAX_UPLOAD_SIZE;
@@ -338,6 +342,22 @@ public class OpenmeetingsVariables {
pwdCheckUpper = check;
}
+ public static boolean isPwdCheckDigit() {
+ return pwdCheckDigit;
+ }
+
+ public static void setPwdCheckDigit(boolean check) {
+ pwdCheckDigit = check;
+ }
+
+ public static boolean isPwdCheckSpecial() {
+ return pwdCheckSpecial;
+ }
+
+ public static void setPwdCheckSpecial(boolean check) {
+ pwdCheckSpecial = check;
+ }
+
public static Long getDefaultGroup() {
return defaultGroup;
}
diff --git a/openmeetings-web/src/main/java/org/apache/openmeetings/web/room/raw-video.js b/openmeetings-web/src/main/java/org/apache/openmeetings/web/room/raw-video.js
index 302146d..d6b0112 100644
--- a/openmeetings-web/src/main/java/org/apache/openmeetings/web/room/raw-video.js
+++ b/openmeetings-web/src/main/java/org/apache/openmeetings/web/room/raw-video.js
@@ -169,12 +169,12 @@ var Video = (function() {
level = MicLevel();
level.meter(data.analyser, lm, _micActivity, OmUtil.error);
}
- data.rtcPeer.generateOffer(function(error, offerSdp) {
+ data.rtcPeer.generateOffer(function(genErr, offerSdp) {
if (state.disposed || true === data.rtcPeer.cleaned) {
return;
}
- if (error) {
- return OmUtil.error('Sender sdp offer error ' + error);
+ if (genErr) {
+ return OmUtil.error('Sender sdp offer error ' + genErr);
}
OmUtil.log('Invoking Sender SDP offer callback function');
VideoManager.sendMessage({
@@ -216,12 +216,12 @@ var Video = (function() {
if (error) {
return OmUtil.error(error);
}
- data.rtcPeer.generateOffer(function(error, offerSdp) {
+ data.rtcPeer.generateOffer(function(genErr, offerSdp) {
if (state.disposed || true === data.rtcPeer.cleaned) {
return;
}
- if (error) {
- return OmUtil.error('Receiver sdp offer error ' + error);
+ if (genErr) {
+ return OmUtil.error('Receiver sdp offer error ' + genErr);
}
OmUtil.log('Invoking Receiver SDP offer callback function');
VideoManager.sendMessage({