Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix the password length checks on invite User #19576

Merged
merged 5 commits into from Aug 1, 2022
Merged

Fix the password length checks on invite User #19576

merged 5 commits into from Aug 1, 2022

Conversation

peterhashair
Copy link
Contributor

Description:

Fixes: #19573
update password checks

Review

update password checks
155d4ee 
update password checks
@peterhashair peterhashair added the Needs Review PRs that need a code review label Jul 27, 2022
@peterhashair peterhashair linked an issue Jul 27, 2022 that may be closed by this pull request
Invitation process doesn't trigger insecure password check #19573
Closed
bx80
bx80 suggested changes Jul 28, 2022
View reviewed changes
Copy link
Contributor

@bx80 bx80 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It would be great if we could have the acceptInvitation method call UsersManager::checkPassword instead of duplicating the same checks, as suggested in the issue description. There might be additional password requirements in the future, so having just one place that decides if a password is valid would be more future proof. checkPassword throws an exception instead of providing a return value, but acceptInvitation could catch the exception string and set it as the value of $error.

@sgiehl sgiehl added this to the 4.11.0 milestone Jul 28, 2022
update passcheck
9eb21dd 
update passcheck
bx80
bx80 suggested changes Jul 28, 2022
View reviewed changes
plugins/UsersManager/UsersManager.php Outdated Show resolved Hide resolved
plugins/UsersManager/UsersManager.php Outdated Show resolved Hide resolved
Peter added 2 commits July 29, 2022 11:46
update event
e1f62f1 
update event
@sgiehl sgiehl merged commit 34aa273 into next_release Aug 1, 2022
@sgiehl sgiehl deleted the 19573 branch August 1, 2022 07:24
@justinvelluppillai justinvelluppillai added the not-in-changelog For issues or pull requests that should not be included in our release changelog on matomo.org. label Sep 29, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@bx80 bx80 bx80 requested changes

@sgiehl sgiehl sgiehl approved these changes

@Findus23 Findus23 Awaiting requested review from Findus23

Assignees
No one assigned
Labels
Needs Review PRs that need a code review not-in-changelog For issues or pull requests that should not be included in our release changelog on matomo.org.
Projects
None yet
Milestone
4.11.0
Development

Successfully merging this pull request may close these issues.

Invitation process doesn't trigger insecure password check
4 participants
@peterhashair @sgiehl @bx80 @justinvelluppillai