dhis2-devs team mailing list archive
-
dhis2-devs team
-
Mailing list archive
-
Message #05273
[Branch ~dhis2-devs-core/dhis2/trunk] Rev 1731: STQC security: Password quality. Merge from Indian branch rev883-884
------------------------------------------------------------
revno: 1731
author: Viet <Viet@Viet-Laptop>
committer: Saptarshi <sunbiz@xxxxxxxxx>
branch nick: trunk
timestamp: Sun 2010-04-04 13:24:12 +0200
message:
STQC security: Password quality. Merge from Indian branch rev883-884
modified:
dhis-2/dhis-web/dhis-web-commons-resources/src/main/webapp/dhis-web-commons/util/validate/additional-methods.js
dhis-2/dhis-web/dhis-web-commons-resources/src/main/webapp/dhis-web-commons/util/validate/messages_locale.js
dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-user/src/main/java/org/hisp/dhis/user/action/ValidateUserAction.java
dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-user/src/main/resources/org/hisp/dhis/user/i18n_module.properties
dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-user/src/main/webapp/dhis-web-maintenance-user/addUserForm.vm
dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-user/src/main/webapp/dhis-web-maintenance-user/updateUserForm.vm
--
lp:dhis2
https://code.launchpad.net/~dhis2-devs-core/dhis2/trunk
Your team DHIS 2 developers is subscribed to branch lp:dhis2.
To unsubscribe from this branch go to https://code.launchpad.net/~dhis2-devs-core/dhis2/trunk/+edit-subscription
=== modified file 'dhis-2/dhis-web/dhis-web-commons-resources/src/main/webapp/dhis-web-commons/util/validate/additional-methods.js'
--- dhis-2/dhis-web/dhis-web-commons-resources/src/main/webapp/dhis-web-commons/util/validate/additional-methods.js 2010-02-28 03:32:13 +0000
+++ dhis-2/dhis-web/dhis-web-commons-resources/src/main/webapp/dhis-web-commons/util/validate/additional-methods.js 2010-04-04 11:24:12 +0000
@@ -90,6 +90,10 @@
return true;
}, "");
+jQuery.validator.addMethod("password", function(value, element, param) {
+ return this.optional(element) || /[a-z]+/.test(value) && /\d+/.test(value);
+});
+
/**
* Return true, if the value is a valid date, also making this formal check dd/mm/yyyy.
*
=== modified file 'dhis-2/dhis-web/dhis-web-commons-resources/src/main/webapp/dhis-web-commons/util/validate/messages_locale.js'
--- dhis-2/dhis-web/dhis-web-commons-resources/src/main/webapp/dhis-web-commons/util/validate/messages_locale.js 2010-02-22 09:19:15 +0000
+++ dhis-2/dhis-web/dhis-web-commons-resources/src/main/webapp/dhis-web-commons/util/validate/messages_locale.js 2010-04-04 11:24:12 +0000
@@ -33,14 +33,13 @@
,minWords : $.validator.format("Please enter at least {0} words.")
,rangeWords : $.validator.format("Please enter between {0} and {1} words.")
,lettersonly : "Letters only please."
- ,decimals : "Digits/Decimal only please"
,nowhitespace : "No white space please"
,ziprange : "Your ZIP-code must be in the range 902xx-xxxx to 905-xx-xxxx"
- ,unique : "Value must be unique."
,time : "Please enter a valid time, between 00:00 and 23:59"
,phone : "Please specify a valid phone number"
,strippedminlength : "Please enter at least {0} characters"
,datelessthanequaltoday: "This date can not be after today."
,required_group : "Please fill out at least one of these fields."
+ ,password: "Password must contain at least one capital letter and one digit"
};
=== modified file 'dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-user/src/main/java/org/hisp/dhis/user/action/ValidateUserAction.java'
--- dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-user/src/main/java/org/hisp/dhis/user/action/ValidateUserAction.java 2010-01-28 15:47:24 +0000
+++ dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-user/src/main/java/org/hisp/dhis/user/action/ValidateUserAction.java 2010-04-04 11:24:12 +0000
@@ -62,7 +62,6 @@
// -------------------------------------------------------------------------
// Input
// -------------------------------------------------------------------------
-
private Integer id;
public void setId( Integer id )
@@ -90,7 +89,7 @@
{
this.firstName = firstName;
}
-
+
private String email;
public void setEmail( String email )
@@ -115,7 +114,6 @@
// -------------------------------------------------------------------------
// Output
// -------------------------------------------------------------------------
-
private String message;
public String getMessage()
@@ -126,7 +124,6 @@
// -------------------------------------------------------------------------
// Action implementation
// -------------------------------------------------------------------------
-
public String execute()
throws Exception
{
@@ -137,8 +134,7 @@
message = i18n.getString( "specify_username" );
return INPUT;
- }
- else
+ } else
{
username = username.trim();
@@ -174,7 +170,22 @@
return INPUT;
}
-
+
+ if ( id == null )
+ {
+ if ( rawPassword.trim().length() < 8 )
+ {
+ message = i18n.getString( "password_length_not_valid" );
+
+ return INPUT;
+ }
+ if ( !( rawPassword.matches( ".*\\d+.*" ) && rawPassword.matches( ".*[A-Z]+.*" ) ) )
+ {
+ message = i18n.getString( "password_is_not_valid" );
+ return INPUT;
+ }
+ }
+
if ( id == null && ( !ValidationUtils.passwordIsValid( rawPassword ) ) )
{
message = i18n.getString( "password_is_not_valid" );
@@ -204,7 +215,7 @@
if ( email != null && email.trim().length() > 0 && !ValidationUtils.emailIsValid( email ) )
{
message = i18n.getString( "email_is_not_valid" );
-
+
return INPUT;
}
=== modified file 'dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-user/src/main/resources/org/hisp/dhis/user/i18n_module.properties'
--- dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-user/src/main/resources/org/hisp/dhis/user/i18n_module.properties 2010-03-31 03:07:10 +0000
+++ dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-user/src/main/resources/org/hisp/dhis/user/i18n_module.properties 2010-04-04 11:24:12 +0000
@@ -190,7 +190,7 @@
filter_by_role_name = Filter by rolename
phone_number = Phone number
email_is_not_valid = E-mail is not valid
-password_is_not_valid = Password is not valid
+password_is_not_valid = Password is not valid. It should be at least 8 characters, and contains at least one capital letter and one digit
select_all_in_group = Select all in group
remove_all_in_group = Remove all in group
organisation_units = Organisation units
=== modified file 'dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-user/src/main/webapp/dhis-web-maintenance-user/addUserForm.vm'
--- dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-user/src/main/webapp/dhis-web-maintenance-user/addUserForm.vm 2010-03-17 14:06:28 +0000
+++ dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-user/src/main/webapp/dhis-web-maintenance-user/addUserForm.vm 2010-04-04 11:24:12 +0000
@@ -41,13 +41,13 @@
</tr>
<tr>
<td><label for="rawPassword">$i18n.getString( "password" ) <em title="$i18n.getString( "required" )" class="required">*</em></label></td>
- <td><input type="password" id="rawPassword" name="rawPassword" style="width:20em" maxlength="50" class="{validate:{required:true,minlength:5,maxlength:50,notequalto:'#username'}}"></td>
+ <td><input type="password" id="rawPassword" name="rawPassword" style="width:20em" maxlength="50" class="{validate:{required:true,password:true,rangelength:[8,35],notequalto:'#username'}}"></td>
<td></td>
<td></td>
</tr>
<tr>
<td><label for="retypePassword">$i18n.getString( "retype_password" ) <em title="$i18n.getString( "required" )" class="required">*</em></label></td>
- <td><input type="password" id="retypePassword" name="retypePassword" style="width:20em" maxlength="50" class="{validate:{required:true,minlength:5,maxlength:50,equalTo:'#rawPassword'}}"></td>
+ <td><input type="password" id="retypePassword" name="retypePassword" style="width:20em" maxlength="50" class="{validate:{required:true,rangelength:[8,35],equalTo:'#rawPassword'}}"></td>
<td></td>
<td></td>
</tr>
=== modified file 'dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-user/src/main/webapp/dhis-web-maintenance-user/updateUserForm.vm'
--- dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-user/src/main/webapp/dhis-web-maintenance-user/updateUserForm.vm 2010-03-19 16:20:33 +0000
+++ dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-user/src/main/webapp/dhis-web-maintenance-user/updateUserForm.vm 2010-04-04 11:24:12 +0000
@@ -46,13 +46,13 @@
</tr>
<tr>
<td><label for="rawPassword">$i18n.getString( "password" )</label></td>
- <td><input type="password" id="rawPassword" name="rawPassword" style="width:20em" maxlength="50" class="{validate:{minlength:5,maxlength:50,notequalto:'#username'}}"></td>
+ <td><input type="password" id="rawPassword" name="rawPassword" style="width:20em" maxlength="50" class="{validate:{rangelength:[8,35],password:true,notequalto:'#username'}}"></td>
<td></td>
<td></td>
</tr>
<tr>
<td><label for="retypePassword">$i18n.getString( "retype_password" ) </label></td>
- <td><input type="password" id="retypePassword" name="retypePassword" style="width:20em" maxlength="50" class="{validate:{minlength:5,maxlength:50,equalTo:'#rawPassword'}}"></td>
+ <td><input type="password" id="retypePassword" name="retypePassword" style="width:20em" maxlength="50" class="{validate:{rangelength:[8,35],equalTo:'#rawPassword'}}"></td>
<td></td>
<td></td>
</tr>
