OO-4177: Fix RS if special signs are not allowed in passwords

54cc0cfc · uhensler · 6d6d9a6c · 54cc0cfc · 54cc0cfc · 54cc0cfc
Commit 54cc0cfc authored 5 years ago by uhensler
--- a/src/main/java/org/olat/login/LoginModule.java
+++ b/src/main/java/org/olat/login/LoginModule.java
@@ -69,7 +69,7 @@ public class LoginModule extends AbstractSpringModule {
 	};
 	
 	public static final String DISABLED = "disabled";
-	public static final String FORBIDDEN = "forbiddden";
+	public static final String FORBIDDEN = "forbidden";
 	public static final String AT_LEAST_1 = "atLeast1";
 	public static final String AT_LEAST_2 = "atLeast2";
 	public static final String AT_LEAST_3 = "atLeast3";

--- a/src/main/java/org/olat/login/ui/PasswordSyntaxController.java
+++ b/src/main/java/org/olat/login/ui/PasswordSyntaxController.java
@@ -51,12 +51,14 @@ import org.olat.core.logging.Tracing;
 import org.olat.core.util.Util;
 import org.olat.login.LoginModule;
 import org.olat.login.validation.PasswordValidationConfig;
+import org.olat.login.validation.PasswordValidationConfig.Builder;
 import org.olat.login.validation.PasswordValidationRulesFactory;
 import org.olat.login.validation.SyntaxValidator;
 import org.olat.login.validation.ValidationRulesProvider;
-import org.olat.login.validation.PasswordValidationConfig.Builder;
 import org.springframework.beans.factory.annotation.Autowired;

+import edu.emory.mathcs.backport.java.util.Arrays;
+
 /**
 * 
 * Initial date: 14 May 2019<br>
@@ -116,7 +118,9 @@ public class PasswordSyntaxController extends FormBasicController {
 		lettersKV.add(entry(VALIDATE_SEPARATELY, translate("admin.syntax.letters.lower.upper")));
 		lettersEl = uifactory.addDropdownSingleselect("admin.syntax.letters", formLayout, lettersKV.keys(),
 				lettersKV.values());
-		lettersEl.select(loginModule.getPasswordLetters(), true);
+		if (Arrays.asList(lettersKV.keys()).contains(loginModule.getPasswordLetters())) {
+			lettersEl.select(loginModule.getPasswordLetters(), true);
+		}
 		lettersEl.addActionListener(FormEvent.ONCHANGE);
 		
 		KeyValues lettersUppercaseKV = new KeyValues();
@@ -127,7 +131,9 @@ public class PasswordSyntaxController extends FormBasicController {
 		lettersUppercaseKV.add(entry(FORBIDDEN, translate("admin.syntax.forbidden")));
 		lettersUppercaseEl = uifactory.addDropdownSingleselect("admin.syntax.letters.uppercase", formLayout,
 				lettersUppercaseKV.keys(), lettersUppercaseKV.values());
-		lettersUppercaseEl.select(loginModule.getPasswordLettersUppercase(), true);
+		if (Arrays.asList(lettersUppercaseKV.keys()).contains(loginModule.getPasswordLettersUppercase())) {
+			lettersUppercaseEl.select(loginModule.getPasswordLettersUppercase(), true);
+		}
 		
 		KeyValues lettersLowercaseKV = new KeyValues();
 		lettersLowercaseKV.add(entry(DISABLED, translate("admin.syntax.permitted")));
@@ -137,7 +143,9 @@ public class PasswordSyntaxController extends FormBasicController {
 		lettersLowercaseKV.add(entry(FORBIDDEN, translate("admin.syntax.forbidden")));
 		lettersLowercaseEl = uifactory.addDropdownSingleselect("admin.syntax.letters.lowercase", formLayout,
 				lettersLowercaseKV.keys(), lettersLowercaseKV.values());
-		lettersLowercaseEl.select(loginModule.getPasswordLettersLowercase(), true);
+		if (Arrays.asList(lettersLowercaseKV.keys()).contains(loginModule.getPasswordLettersLowercase())) {
+			lettersLowercaseEl.select(loginModule.getPasswordLettersLowercase(), true);
+		}
 		
 		KeyValues digitsOrSpecialsKV = new KeyValues();
 		digitsOrSpecialsKV.add(entry(DISABLED, translate("admin.syntax.permitted")));
@@ -148,7 +156,9 @@ public class PasswordSyntaxController extends FormBasicController {
 		digitsOrSpecialsKV.add(entry(VALIDATE_SEPARATELY, translate("admin.syntax.digits.or.specials")));
 		digitsAndSpecialsEl = uifactory.addDropdownSingleselect("admin.syntax.digits.specials", formLayout, digitsOrSpecialsKV.keys(),
 				digitsOrSpecialsKV.values());
-		digitsAndSpecialsEl.select(loginModule.getPasswordDigitsAndSpecialSigns(), true);
+		if (Arrays.asList(digitsOrSpecialsKV.keys()).contains(loginModule.getPasswordDigitsAndSpecialSigns())) {
+			digitsAndSpecialsEl.select(loginModule.getPasswordDigitsAndSpecialSigns(), true);
+		}
 		digitsAndSpecialsEl.addActionListener(FormEvent.ONCHANGE);
 		
 		KeyValues digitsKV = new KeyValues();
@@ -159,7 +169,9 @@ public class PasswordSyntaxController extends FormBasicController {
 		digitsKV.add(entry(FORBIDDEN, translate("admin.syntax.forbidden")));
 		digitsEl = uifactory.addDropdownSingleselect("admin.syntax.digits", formLayout, digitsKV.keys(),
 				digitsKV.values());
-		digitsEl.select(loginModule.getPasswordDigits(), true);
+		if (Arrays.asList(digitsKV.keys()).contains(loginModule.getPasswordDigits())) {
+			digitsEl.select(loginModule.getPasswordDigits(), true);
+		}
 		
 		KeyValues specialsKV = new KeyValues();
 		specialsKV.add(entry(DISABLED, translate("admin.syntax.permitted")));
@@ -169,7 +181,9 @@ public class PasswordSyntaxController extends FormBasicController {
 		specialsKV.add(entry(FORBIDDEN, translate("admin.syntax.forbidden")));
 		specialsEl = uifactory.addDropdownSingleselect("admin.syntax.specials", formLayout, specialsKV.keys(),
 				specialsKV.values());
-		specialsEl.select(loginModule.getPasswordSpecialSigns(), true);
+		if (Arrays.asList(specialsKV.keys()).contains(loginModule.getPasswordSpecialSigns())) {
+			specialsEl.select(loginModule.getPasswordSpecialSigns(), true);
+		}
 		
 		KeyValues forbiddenValuesKV = new KeyValues();
 		forbiddenValuesKV.add(entry(FORBIDDEN_USERNAME, translate("admin.syntax.forbidden.username")));

--- a/src/main/java/org/olat/upgrade/OLATUpgrade_14_0_3.java
+++ b/src/main/java/org/olat/upgrade/OLATUpgrade_14_0_3.java
+/**
+ * <a href="http://www.openolat.org">
+ * OpenOLAT - Online Learning and Training</a><br>
+ * <p>
+ * Licensed under the Apache License, Version 2.0 (the "License"); <br>
+ * you may not use this file except in compliance with the License.<br>
+ * You may obtain a copy of the License at the
+ * <a href="http://www.apache.org/licenses/LICENSE-2.0">Apache homepage</a>
+ * <p>
+ * Unless required by applicable law or agreed to in writing,<br>
+ * software distributed under the License is distributed on an "AS IS" BASIS, <br>
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. <br>
+ * See the License for the specific language governing permissions and <br>
+ * limitations under the License.
+ * <p>
+ * Initial code contributed and copyrighted by<br>
+ * frentix GmbH, http://www.frentix.com
+ * <p>
+ */
+package org.olat.upgrade;
+
+import org.apache.logging.log4j.Logger;
+import org.olat.core.logging.Tracing;
+import org.olat.login.LoginModule;
+import org.springframework.beans.factory.annotation.Autowired;
+
+/**
+ * 
+ * Initial date: 4 janv. 2019<br>
+ * @author srosse, stephane.rosse@frentix.com, http://www.frentix.com
+ *
+ */
+public class OLATUpgrade_14_0_3 extends OLATUpgrade {
+
+	private static final Logger log = Tracing.createLoggerFor(OLATUpgrade_14_0_3.class);
+	
+	private static final String VERSION = "OLAT_14.0.3";
+	private static final String PASSWORD_SYNTAX_CHECK_TYPO = "PASSWORD SYNTAX CHECK TYPO";
+	
+	@Autowired
+	private LoginModule loginModule;
+
+	
+	public OLATUpgrade_14_0_3() {
+		super();
+	}
+	
+	@Override
+	public String getVersion() {
+		return VERSION;
+	}
+
+	@Override
+	public boolean doPostSystemInitUpgrade(UpgradeManager upgradeManager) {
+		UpgradeHistoryData uhd = upgradeManager.getUpgradesHistory(VERSION);
+		if (uhd == null) {
+			// has never been called, initialize
+			uhd = new UpgradeHistoryData();
+		} else if (uhd.isInstallationComplete()) {
+			return false;
+		}
+		
+		boolean allOk = true;
+		allOk &= migratePasswordSyntaxCheckTypo(upgradeManager, uhd);
+
+		uhd.setInstallationComplete(allOk);
+		upgradeManager.setUpgradesHistory(uhd, VERSION);
+		if(allOk) {
+			log.info(Tracing.M_AUDIT, "Finished OLATUpgrade_14_0_3 successfully!");
+		} else {
+			log.info(Tracing.M_AUDIT, "OLATUpgrade_14_0_3 not finished, try to restart OpenOLAT!");
+		}
+		return allOk;
+	}
+	
+	private boolean migratePasswordSyntaxCheckTypo(UpgradeManager upgradeManager, UpgradeHistoryData uhd) {
+		boolean allOk = true;
+		if (!uhd.getBooleanDataValue(PASSWORD_SYNTAX_CHECK_TYPO)) {
+			try {
+				if ("forbiddden".equals(loginModule.getPasswordDigits())) {
+					loginModule.setPasswordDigits(LoginModule.FORBIDDEN);
+				}
+				if ("forbiddden".equals(loginModule.getPasswordDigitsAndSpecialSigns())) {
+					loginModule.setPasswordDigitsAndSpecialSigns(LoginModule.FORBIDDEN);
+				}
+				if ("forbiddden".equals(loginModule.getPasswordLetters())) {
+					loginModule.setPasswordLetters(LoginModule.FORBIDDEN);
+				}
+				if ("forbiddden".equals(loginModule.getPasswordLettersLowercase())) {
+					loginModule.setPasswordLettersLowercase(LoginModule.FORBIDDEN);
+				}
+				if ("forbiddden".equals(loginModule.getPasswordLettersUppercase())) {
+					loginModule.setPasswordLettersUppercase(LoginModule.FORBIDDEN);
+				}
+				if ("forbiddden".equals(loginModule.getPasswordSpecialSigns())) {
+					loginModule.setPasswordSpecialSigns(LoginModule.FORBIDDEN);
+				}
+			} catch (Exception e) {
+				log.error("", e);
+				allOk = false;
+			}
+			
+			uhd.setBooleanDataValue(PASSWORD_SYNTAX_CHECK_TYPO, allOk);
+			upgradeManager.setUpgradesHistory(uhd, VERSION);
+		}
+		return allOk;
+	}
+
+}
--- a/src/main/java/org/olat/upgrade/_spring/upgradeContext.xml
+++ b/src/main/java/org/olat/upgrade/_spring/upgradeContext.xml
@@ -50,6 +50,7 @@
 				<bean id="upgrade_13_2_4" class="org.olat.upgrade.OLATUpgrade_13_2_4"/>
 				<bean id="upgrade_13_2_8" class="org.olat.upgrade.OLATUpgrade_13_2_8"/>
 				<bean id="upgrade_14_0_0" class="org.olat.upgrade.OLATUpgrade_14_0_0"/>
+				<bean id="upgrade_14_0_3" class="org.olat.upgrade.OLATUpgrade_14_0_3"/>
 			</list>
 		</property>
 	</bean>