allow digit-only but not empty passwords

pull/2978/head
Markus Kahl 10 years ago
parent 7e8b95e169
commit 2a465785d1
  1. 6
      lib/open_project/authentication/strategies/warden/global_basic_auth.rb
  2. 48
      spec/lib/open_project/authentication/strategies/warden/global_basic_auth_spec.rb

@ -34,6 +34,10 @@ module OpenProject
raise ArgumentError, "global user must not be '#{UserBasicAuth.user}'"
end
if config[:password].blank?
raise ArgumentError, "password must not be empty"
end
@configuration = config
end
@ -55,7 +59,7 @@ module OpenProject
end
def self.password
configuration[:password]
configuration[:password].to_s
end
##

@ -28,14 +28,48 @@
require 'spec_helper'
describe OpenProject::Authentication::Strategies::Warden::GlobalBasicAuth do
it 'does not allow the UserBasicAuth user name' do
configuration = lambda do
user = OpenProject::Authentication::Strategies::Warden::UserBasicAuth.user
OpenProject::Authentication::Strategies::Warden::GlobalBasicAuth.configure!(
user: user, password: 'foo')
Strategies = OpenProject::Authentication::Strategies::Warden
describe Strategies::GlobalBasicAuth do
let(:user) { 'someuser' }
let(:password) { 'somepassword' }
let(:config) do
lambda do
Strategies::GlobalBasicAuth.configure! user: user, password: password
end
end
context "with UserBasicAuth's reserved username" do
let(:user) { Strategies::UserBasicAuth.user }
before do
allow(Strategies::UserBasicAuth).to receive(:user).and_return('schluessel')
end
it "raises an error" do
expect(config).to raise_error("global user must not be 'schluessel'")
end
end
expect(configuration).to raise_error(ArgumentError)
context 'with an empty pasword' do
let(:password) { '' }
it 'raises an error' do
expect(config).to raise_error('password must not be empty')
end
end
context 'with digits-only password' do
let(:password) { 1234 }
let(:strategy) { Strategies::GlobalBasicAuth.new nil }
before do
config.call
end
it 'must authenticate successfully' do
expect(strategy.authenticate_user(user, '1234')).to be_truthy
end
end
end

Loading…
Cancel
Save