You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@kylin.apache.org by xx...@apache.org on 2022/12/13 10:25:18 UTC
[kylin] 11/25: KYLIN-5338 Add verification to the parameters about update password
This is an automated email from the ASF dual-hosted git repository.
xxyu pushed a commit to branch kylin5
in repository https://gitbox.apache.org/repos/asf/kylin.git
commit 30514a328bdac26685d42b84a2242b82de286d2c
Author: KmCherry0 <86...@users.noreply.github.com>
AuthorDate: Tue Oct 11 15:24:24 2022 +0800
KYLIN-5338 Add verification to the parameters about update password
---
.../main/java/org/apache/kylin/rest/controller/NUserController.java | 5 ++---
1 file changed, 2 insertions(+), 3 deletions(-)
diff --git a/src/metadata-server/src/main/java/org/apache/kylin/rest/controller/NUserController.java b/src/metadata-server/src/main/java/org/apache/kylin/rest/controller/NUserController.java
index 37b64a1917..ac0b6e18ce 100644
--- a/src/metadata-server/src/main/java/org/apache/kylin/rest/controller/NUserController.java
+++ b/src/metadata-server/src/main/java/org/apache/kylin/rest/controller/NUserController.java
@@ -427,6 +427,8 @@ public class NUserController extends NBasicController implements ApplicationList
throw new KylinException(PERMISSION_DENIED, msg.getPermissionDenied());
}
accessService.checkDefaultAdmin(username, true);
+ val oldPassword = pwdBase64Decode(StringUtils.isEmpty(user.getPassword()) ? StringUtils.EMPTY : user.getPassword());
+ val newPassword = pwdBase64Decode(user.getNewPassword());
checkUsername(username);
@@ -445,9 +447,6 @@ public class NUserController extends NBasicController implements ApplicationList
}
checkRequiredArg("new_password", user.getNewPassword());
- val newPassword = pwdBase64Decode(StringUtils.isEmpty(user.getNewPassword()) ? StringUtils.EMPTY : user.getNewPassword());
- checkPasswordLength(newPassword);
- checkPasswordCharacter(newPassword);
if (newPassword.equals(oldPassword)) {
throw new KylinException(FAILED_UPDATE_PASSWORD, msg.getNewPasswordSameAsOld());