linoman
ac84069071
* add password service interface * add password service implementation * add tests for password service * add password service wiring * add feature toggle * Rework from service interface to static function * Replace previous password validations * Add codeowners to password service * add error logs * update config files --------- Co-authored-by: Karl Persson <kalle.persson@grafana.com>
94 lines
3.9 KiB
Go
94 lines
3.9 KiB
Go
package user
|
|
|
|
import (
|
|
"testing"
|
|
|
|
"github.com/grafana/grafana/pkg/setting"
|
|
"github.com/stretchr/testify/assert"
|
|
)
|
|
|
|
func TestPasswowrdService_ValidatePasswordHardcodePolicy(t *testing.T) {
|
|
LOWERCASE := "lowercase"
|
|
UPPERCASE := "UPPERCASE"
|
|
NUMBER := "123"
|
|
SYMBOLS := "!@#$%"
|
|
testCases := []struct {
|
|
expectedError error
|
|
name string
|
|
passwordTest string
|
|
strongPasswordPolicyEnabled bool
|
|
}{
|
|
{
|
|
name: "should return error when the password has less than 4 characters and strong password policy is disabled",
|
|
passwordTest: NUMBER,
|
|
expectedError: ErrPasswordTooShort,
|
|
strongPasswordPolicyEnabled: false,
|
|
},
|
|
{name: "should not return error when the password has 4 characters and strong password policy is disabled",
|
|
passwordTest: LOWERCASE,
|
|
expectedError: nil,
|
|
strongPasswordPolicyEnabled: false,
|
|
},
|
|
{
|
|
name: "should return error when the password has less than 12 characters and strong password policy is enabled",
|
|
passwordTest: NUMBER,
|
|
expectedError: ErrPasswordTooShort,
|
|
strongPasswordPolicyEnabled: true,
|
|
},
|
|
{
|
|
name: "should return error when the password is missing an uppercase character and strong password policy is enabled",
|
|
passwordTest: LOWERCASE + NUMBER + SYMBOLS,
|
|
expectedError: ErrPasswordPolicyInfringe,
|
|
strongPasswordPolicyEnabled: true,
|
|
},
|
|
{
|
|
name: "should return error when the password is missing a lowercase character and strong password policy is enabled",
|
|
passwordTest: UPPERCASE + NUMBER + SYMBOLS,
|
|
expectedError: ErrPasswordPolicyInfringe,
|
|
strongPasswordPolicyEnabled: true,
|
|
},
|
|
{
|
|
name: "should return error when the password is missing a number character and strong password policy is enabled",
|
|
passwordTest: LOWERCASE + UPPERCASE + SYMBOLS,
|
|
expectedError: ErrPasswordPolicyInfringe,
|
|
strongPasswordPolicyEnabled: true,
|
|
},
|
|
{
|
|
name: "should return error when the password is missing a symbol characters and strong password policy is enabled",
|
|
passwordTest: LOWERCASE + UPPERCASE + NUMBER,
|
|
expectedError: ErrPasswordPolicyInfringe,
|
|
strongPasswordPolicyEnabled: true,
|
|
},
|
|
{
|
|
name: "should not return error when the password has lowercase, uppercase, number and symbol and strong password policy is enabled",
|
|
passwordTest: LOWERCASE + UPPERCASE + NUMBER + SYMBOLS,
|
|
expectedError: nil,
|
|
strongPasswordPolicyEnabled: true,
|
|
},
|
|
{
|
|
name: "should not return error when the password has uppercase, number, symbol and lowercase and strong password policy is enabled",
|
|
passwordTest: UPPERCASE + NUMBER + SYMBOLS + LOWERCASE,
|
|
expectedError: nil,
|
|
strongPasswordPolicyEnabled: true,
|
|
},
|
|
{
|
|
name: "should not return error when the password has number, symbol, lowercase and uppercase and strong password policy is enabled",
|
|
passwordTest: NUMBER + SYMBOLS + LOWERCASE + UPPERCASE,
|
|
expectedError: nil,
|
|
strongPasswordPolicyEnabled: true,
|
|
},
|
|
{
|
|
name: "should not return error when the password has symbol, lowercase, uppercase and number and strong password policy is enabled",
|
|
passwordTest: SYMBOLS + LOWERCASE + UPPERCASE + NUMBER,
|
|
expectedError: nil,
|
|
strongPasswordPolicyEnabled: true,
|
|
},
|
|
}
|
|
for _, tc := range testCases {
|
|
cfg := setting.NewCfg()
|
|
cfg.BasicAuthStrongPasswordPolicy = tc.strongPasswordPolicyEnabled
|
|
err := ValidatePassword(tc.passwordTest, cfg)
|
|
assert.Equal(t, tc.expectedError, err)
|
|
}
|
|
}
|