Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
1
Merge Requests
1
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
nexedi
gitlab-ce
Commits
a5a3a41a
Commit
a5a3a41a
authored
Jan 10, 2022
by
Zhu Shung
Committed by
Rémy Coutable
Jan 10, 2022
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
JH need more complex passwords
parent
3e98649b
Changes
34
Show whitespace changes
Inline
Side-by-side
Showing
34 changed files
with
102 additions
and
87 deletions
+102
-87
db/fixtures/development/18_abuse_reports.rb
db/fixtures/development/18_abuse_reports.rb
+1
-1
ee/spec/features/merge_request/user_approves_with_password_spec.rb
...eatures/merge_request/user_approves_with_password_spec.rb
+2
-2
ee/spec/features/trial_registrations/signin_spec.rb
ee/spec/features/trial_registrations/signin_spec.rb
+1
-1
ee/spec/features/users/login_spec.rb
ee/spec/features/users/login_spec.rb
+1
-1
ee/spec/lib/ee/gitlab/scim/provisioning_service_spec.rb
ee/spec/lib/ee/gitlab/scim/provisioning_service_spec.rb
+2
-1
ee/spec/lib/gitlab/auth/smartcard/certificate_spec.rb
ee/spec/lib/gitlab/auth/smartcard/certificate_spec.rb
+1
-1
ee/spec/lib/gitlab/auth_spec.rb
ee/spec/lib/gitlab/auth_spec.rb
+1
-1
ee/spec/requests/api/merge_request_approvals_spec.rb
ee/spec/requests/api/merge_request_approvals_spec.rb
+3
-3
ee/spec/requests/api/scim_spec.rb
ee/spec/requests/api/scim_spec.rb
+1
-1
ee/spec/requests/api/users_spec.rb
ee/spec/requests/api/users_spec.rb
+1
-1
ee/spec/services/ee/users/create_service_spec.rb
ee/spec/services/ee/users/create_service_spec.rb
+1
-1
ee/spec/services/ee/users/update_service_spec.rb
ee/spec/services/ee/users/update_service_spec.rb
+1
-1
ee/spec/services/merge_requests/approval_service_spec.rb
ee/spec/services/merge_requests/approval_service_spec.rb
+3
-3
lib/gitlab/auth/o_auth/user.rb
lib/gitlab/auth/o_auth/user.rb
+2
-2
lib/gitlab/password.rb
lib/gitlab/password.rb
+14
-0
lib/tasks/gitlab/seed/group_seed.rake
lib/tasks/gitlab/seed/group_seed.rake
+1
-1
spec/controllers/admin/users_controller_spec.rb
spec/controllers/admin/users_controller_spec.rb
+2
-2
spec/controllers/ldap/omniauth_callbacks_controller_spec.rb
spec/controllers/ldap/omniauth_callbacks_controller_spec.rb
+1
-1
spec/controllers/registrations_controller_spec.rb
spec/controllers/registrations_controller_spec.rb
+2
-2
spec/factories/users.rb
spec/factories/users.rb
+1
-1
spec/features/password_reset_spec.rb
spec/features/password_reset_spec.rb
+2
-2
spec/features/profile_spec.rb
spec/features/profile_spec.rb
+1
-1
spec/features/profiles/password_spec.rb
spec/features/profiles/password_spec.rb
+4
-4
spec/features/users/anonymous_sessions_spec.rb
spec/features/users/anonymous_sessions_spec.rb
+1
-1
spec/features/users/login_spec.rb
spec/features/users/login_spec.rb
+12
-12
spec/lib/gitlab/auth_spec.rb
spec/lib/gitlab/auth_spec.rb
+15
-15
spec/mailers/emails/profile_spec.rb
spec/mailers/emails/profile_spec.rb
+1
-1
spec/models/hooks/system_hook_spec.rb
spec/models/hooks/system_hook_spec.rb
+1
-1
spec/models/user_spec.rb
spec/models/user_spec.rb
+2
-2
spec/requests/api/users_spec.rb
spec/requests/api/users_spec.rb
+7
-7
spec/requests/git_http_spec.rb
spec/requests/git_http_spec.rb
+2
-2
spec/services/users/create_service_spec.rb
spec/services/users/create_service_spec.rb
+7
-7
spec/support/helpers/login_helpers.rb
spec/support/helpers/login_helpers.rb
+1
-1
spec/tasks/gitlab/password_rake_spec.rb
spec/tasks/gitlab/password_rake_spec.rb
+4
-4
No files found.
db/fixtures/development/18_abuse_reports.rb
View file @
a5a3a41a
...
...
@@ -11,7 +11,7 @@ module Db
name:
FFaker
::
Name
.
name
,
email:
FFaker
::
Internet
.
email
,
confirmed_at:
DateTime
.
now
,
password:
'12345678'
password:
Gitlab
::
Password
.
test_default
)
::
AbuseReport
.
create
(
reporter:
::
User
.
take
,
user:
reported_user
,
message:
'User sends spam'
)
...
...
ee/spec/features/merge_request/user_approves_with_password_spec.rb
View file @
a5a3a41a
...
...
@@ -16,7 +16,7 @@ RSpec.describe 'Merge request > User approves with password', :js do
end
it
'works, when user approves and enters correct password'
do
approve_with_password
'12345678'
approve_with_password
Gitlab
::
Password
.
test_default
page
.
within
(
'.js-mr-approvals'
)
do
expect
(
page
).
not_to
have_button
(
'Approve'
)
...
...
@@ -25,7 +25,7 @@ RSpec.describe 'Merge request > User approves with password', :js do
end
it
'does not need password to unapprove'
do
approve_with_password
'12345678'
approve_with_password
Gitlab
::
Password
.
test_default
unapprove
expect
(
page
).
to
have_button
(
'Approve'
)
...
...
ee/spec/features/trial_registrations/signin_spec.rb
View file @
a5a3a41a
...
...
@@ -18,7 +18,7 @@ RSpec.describe 'Trial Sign In' do
within
(
'div#login-pane'
)
do
fill_in
'user_login'
,
with:
user
.
email
fill_in
'user_password'
,
with:
'12345678'
fill_in
'user_password'
,
with:
Gitlab
::
Password
.
test_default
click_button
'Sign in'
end
...
...
ee/spec/features/users/login_spec.rb
View file @
a5a3a41a
...
...
@@ -12,7 +12,7 @@ RSpec.describe 'Login' do
end
it
'creates a security event for an invalid password login'
do
user
=
create
(
:user
,
password:
'not-the-default'
)
user
=
create
(
:user
,
password:
"not"
+
Gitlab
::
Password
.
test_default
)
expect
{
gitlab_sign_in
(
user
)
}
.
to
change
{
AuditEvent
.
where
(
entity_id:
-
1
).
count
}.
from
(
0
).
to
(
1
)
...
...
ee/spec/lib/ee/gitlab/scim/provisioning_service_spec.rb
View file @
a5a3a41a
...
...
@@ -128,7 +128,8 @@ RSpec.describe ::EE::Gitlab::Scim::ProvisioningService do
email:
'work@example.com'
,
name:
'Test Name'
,
extern_uid:
'test_uid'
,
username:
'username'
username:
'username'
,
password:
Gitlab
::
Password
.
test_default
}
end
...
...
ee/spec/lib/gitlab/auth/smartcard/certificate_spec.rb
View file @
a5a3a41a
...
...
@@ -142,7 +142,7 @@ RSpec.describe Gitlab::Auth::Smartcard::Certificate do
context
'avoids conflicting namespaces'
do
let
(
:subject_dn
)
{
'/CN=Gitlab User/emailAddress=gitlab-user@random-corp.org'
}
let!
(
:existing_user
)
{
create
(
:user
,
username:
'GitlabUser'
)
}
let!
(
:existing_user
)
{
create
(
:user
,
username:
'GitlabUser'
,
password:
Gitlab
::
Password
.
test_default
)
}
it
'creates user with correct usnername'
do
expect
{
subject
}.
to
change
{
User
.
count
}.
from
(
1
).
to
(
2
)
...
...
ee/spec/lib/gitlab/auth_spec.rb
View file @
a5a3a41a
...
...
@@ -12,7 +12,7 @@ RSpec.describe Gitlab::Auth do
end
let
(
:username
)
{
'John'
}
# username isn't lowercase, test this
let
(
:password
)
{
'my-secret'
}
let
(
:password
)
{
Gitlab
::
Password
.
test_default
}
context
'with kerberos'
do
before
do
...
...
ee/spec/requests/api/merge_request_approvals_spec.rb
View file @
a5a3a41a
...
...
@@ -405,7 +405,7 @@ RSpec.describe API::MergeRequestApprovals do
context
'when project requires force auth for approval'
do
before
do
project
.
update!
(
require_password_to_approve:
true
)
approver
.
update!
(
password:
'password'
)
approver
.
update!
(
password:
Gitlab
::
Password
.
test_default
)
end
it
'does not approve the merge request with no password'
do
...
...
@@ -416,14 +416,14 @@ RSpec.describe API::MergeRequestApprovals do
end
it
'does not approve the merge request with incorrect password'
do
approve
(
approval_password:
'incorrect'
)
approve
(
approval_password:
"not"
+
Gitlab
::
Password
.
test_default
)
expect
(
response
).
to
have_gitlab_http_status
(
:unauthorized
)
expect
(
merge_request
.
reload
.
approvals_left
).
to
eq
(
2
)
end
it
'approves the merge request with correct password'
do
approve
(
approval_password:
'password'
)
approve
(
approval_password:
Gitlab
::
Password
.
test_default
)
expect
(
response
).
to
have_gitlab_http_status
(
:created
)
expect
(
merge_request
.
reload
.
approvals_left
).
to
eq
(
1
)
...
...
ee/spec/requests/api/scim_spec.rb
View file @
a5a3a41a
...
...
@@ -7,7 +7,7 @@ RSpec.describe API::Scim do
let
(
:scim_token
)
{
create
(
:scim_oauth_access_token
,
group:
group
)
}
let
(
:group
)
{
identity
.
group
}
let_it_be
(
:password
)
{
'secret_pass'
}
let_it_be
(
:password
)
{
Gitlab
::
Password
.
test_default
}
let_it_be
(
:access_token
)
{
'secret_token'
}
before
do
...
...
ee/spec/requests/api/users_spec.rb
View file @
a5a3a41a
...
...
@@ -71,7 +71,7 @@ RSpec.describe API::Users do
describe
"PUT /users/:id"
do
it
"creates audit event when updating user with new password"
do
put
api
(
"/users/
#{
user
.
id
}
"
,
admin
),
params:
{
password:
'12345678'
}
put
api
(
"/users/
#{
user
.
id
}
"
,
admin
),
params:
{
password:
Gitlab
::
Password
.
test_default
}
expect
(
AuditEvent
.
count
).
to
eq
(
1
)
end
...
...
ee/spec/services/ee/users/create_service_spec.rb
View file @
a5a3a41a
...
...
@@ -10,7 +10,7 @@ RSpec.describe Users::CreateService do
name:
'John Doe'
,
username:
'jduser'
,
email:
'jd@example.com'
,
password:
'mydummypass'
password:
Gitlab
::
Password
.
test_default
}
end
...
...
ee/spec/services/ee/users/update_service_spec.rb
View file @
a5a3a41a
...
...
@@ -177,7 +177,7 @@ RSpec.describe Users::UpdateService do
let
(
:service
)
{
described_class
.
new
(
admin_user
,
ActionController
::
Parameters
.
new
(
params
).
permit!
)
}
let
(
:params
)
do
{
name:
'John Doe'
,
username:
'jduser'
,
email:
'jd@example.com'
,
password:
'mydummypass'
}
{
name:
'John Doe'
,
username:
'jduser'
,
email:
'jd@example.com'
,
password:
Gitlab
::
Password
.
test_default
}
end
context
'allowed params'
do
...
...
ee/spec/services/merge_requests/approval_service_spec.rb
View file @
a5a3a41a
...
...
@@ -134,7 +134,7 @@ RSpec.describe MergeRequests::ApprovalService do
context
'when project requires force auth for approval'
do
before
do
project
.
update!
(
require_password_to_approve:
true
)
user
.
update!
(
password:
'password'
)
user
.
update!
(
password:
Gitlab
::
Password
.
test_default
)
end
context
'when password not specified'
do
it
'does not update the approvals'
do
...
...
@@ -144,7 +144,7 @@ RSpec.describe MergeRequests::ApprovalService do
context
'when incorrect password is specified'
do
let
(
:params
)
do
{
approval_password:
'incorrect'
}
{
approval_password:
"not"
+
Gitlab
::
Password
.
test_default
}
end
it
'does not update the approvals'
do
...
...
@@ -156,7 +156,7 @@ RSpec.describe MergeRequests::ApprovalService do
context
'when correct password is specified'
do
let
(
:params
)
do
{
approval_password:
'password'
}
{
approval_password:
Gitlab
::
Password
.
test_default
}
end
it
'approves the merge request'
do
...
...
lib/gitlab/auth/o_auth/user.rb
View file @
a5a3a41a
...
...
@@ -230,8 +230,8 @@ module Gitlab
name:
name
.
strip
.
presence
||
valid_username
,
username:
valid_username
,
email:
email
,
password:
auth_hash
.
password
,
password_confirmation:
auth_hash
.
password
,
password:
Gitlab
::
Password
.
test_default
(
21
)
,
password_confirmation:
Gitlab
::
Password
.
test_default
(
21
)
,
password_automatically_set:
true
}
end
...
...
lib/gitlab/password.rb
0 → 100644
View file @
a5a3a41a
# frozen_string_literal: true
# This module is used to return fake strong password for tests
module
Gitlab
module
Password
DEFAULT_LENGTH
=
12
TEST_DEFAULT
=
"123qweQWE!@#"
+
"0"
*
(
User
.
password_length
.
max
-
DEFAULT_LENGTH
)
def
self
.
test_default
(
length
=
12
)
password_length
=
[[
User
.
password_length
.
min
,
length
].
max
,
User
.
password_length
.
max
].
min
TEST_DEFAULT
[
...
password_length
]
end
end
end
lib/tasks/gitlab/seed/group_seed.rake
View file @
a5a3a41a
...
...
@@ -125,7 +125,7 @@ class GroupSeeder
name:
FFaker
::
Name
.
name
,
email:
FFaker
::
Internet
.
email
,
confirmed_at:
DateTime
.
now
,
password:
Devise
.
friendly_token
password:
Gitlab
::
Password
.
test_default
)
end
...
...
spec/controllers/admin/users_controller_spec.rb
View file @
a5a3a41a
...
...
@@ -612,8 +612,8 @@ RSpec.describe Admin::UsersController do
end
context
'when the new password does not match the password confirmation'
do
let
(
:password
)
{
'some_password'
}
let
(
:password_confirmation
)
{
'not_same_as_password'
}
let
(
:password
)
{
Gitlab
::
Password
.
test_default
}
let
(
:password_confirmation
)
{
"not"
+
Gitlab
::
Password
.
test_default
}
it
'shows the edit page again'
do
update_password
(
user
,
password
,
password_confirmation
)
...
...
spec/controllers/ldap/omniauth_callbacks_controller_spec.rb
View file @
a5a3a41a
...
...
@@ -58,7 +58,7 @@ RSpec.describe Ldap::OmniauthCallbacksController do
end
context
'sign up'
do
let
(
:user
)
{
double
(
email:
+
'new@example.com'
)
}
let
(
:user
)
{
create
(
:user
)
}
before
do
stub_omniauth_setting
(
block_auto_created_users:
false
)
...
...
spec/controllers/registrations_controller_spec.rb
View file @
a5a3a41a
...
...
@@ -483,7 +483,7 @@ RSpec.describe RegistrationsController do
end
it
'succeeds if password is confirmed'
do
post
:destroy
,
params:
{
password:
'12345678'
}
post
:destroy
,
params:
{
password:
Gitlab
::
Password
.
test_default
}
expect_success
end
...
...
@@ -524,7 +524,7 @@ RSpec.describe RegistrationsController do
end
it
'fails'
do
delete
:destroy
,
params:
{
password:
'12345678'
}
delete
:destroy
,
params:
{
password:
Gitlab
::
Password
.
test_default
}
expect_failure
(
s_
(
'Profiles|You must transfer ownership or delete groups you are an owner of before you can delete your account'
))
end
...
...
spec/factories/users.rb
View file @
a5a3a41a
...
...
@@ -5,7 +5,7 @@ FactoryBot.define do
email
{
generate
(
:email
)
}
name
{
generate
(
:name
)
}
username
{
generate
(
:username
)
}
password
{
"12345678"
}
password
{
Gitlab
::
Password
.
test_default
}
role
{
'software_developer'
}
confirmed_at
{
Time
.
now
}
confirmation_token
{
nil
}
...
...
spec/features/password_reset_spec.rb
View file @
a5a3a41a
...
...
@@ -44,8 +44,8 @@ RSpec.describe 'Password reset' do
visit
(
edit_user_password_path
(
reset_password_token:
token
))
fill_in
'New password'
,
with:
'hello1234'
fill_in
'Confirm new password'
,
with:
'hello1234'
fill_in
'New password'
,
with:
"new"
+
Gitlab
::
Password
.
test_default
fill_in
'Confirm new password'
,
with:
"new"
+
Gitlab
::
Password
.
test_default
click_button
'Change your password'
...
...
spec/features/profile_spec.rb
View file @
a5a3a41a
...
...
@@ -29,7 +29,7 @@ RSpec.describe 'Profile account page', :js do
it
'deletes user'
,
:js
,
:sidekiq_might_not_need_inline
do
click_button
'Delete account'
fill_in
'password'
,
with:
'12345678'
fill_in
'password'
,
with:
Gitlab
::
Password
.
test_default
page
.
within
'.modal'
do
click_button
'Delete account'
...
...
spec/features/profiles/password_spec.rb
View file @
a5a3a41a
...
...
@@ -39,7 +39,7 @@ RSpec.describe 'Profile > Password' do
describe
'User puts the same passwords in the field and in the confirmation'
do
it
'shows a success message'
do
fill_passwords
(
'mypassword'
,
'mypassword'
)
fill_passwords
(
Gitlab
::
Password
.
test_default
,
Gitlab
::
Password
.
test_default
)
page
.
within
(
'.flash-notice'
)
do
expect
(
page
).
to
have_content
(
'Password was successfully updated. Please sign in again.'
)
...
...
@@ -79,7 +79,7 @@ RSpec.describe 'Profile > Password' do
end
context
'Change password'
do
let
(
:new_password
)
{
'22233344'
}
let
(
:new_password
)
{
"new"
+
Gitlab
::
Password
.
test_default
}
before
do
sign_in
(
user
)
...
...
@@ -170,8 +170,8 @@ RSpec.describe 'Profile > Password' do
expect
(
current_path
).
to
eq
new_profile_password_path
fill_in
:user_password
,
with:
user
.
password
fill_in
:user_new_password
,
with:
'12345678'
fill_in
:user_password_confirmation
,
with:
'12345678'
fill_in
:user_new_password
,
with:
Gitlab
::
Password
.
test_default
fill_in
:user_password_confirmation
,
with:
Gitlab
::
Password
.
test_default
click_button
'Set new password'
expect
(
current_path
).
to
eq
new_user_session_path
...
...
spec/features/users/anonymous_sessions_spec.rb
View file @
a5a3a41a
...
...
@@ -9,7 +9,7 @@ RSpec.describe 'Session TTLs', :clean_gitlab_redis_shared_state do
visit
new_user_session_path
# The session key only gets created after a post
fill_in
'user_login'
,
with:
'non-existant@gitlab.org'
fill_in
'user_password'
,
with:
'12345678'
fill_in
'user_password'
,
with:
Gitlab
::
Password
.
test_default
click_button
'Sign in'
expect
(
page
).
to
have_content
(
'Invalid login or password'
)
...
...
spec/features/users/login_spec.rb
View file @
a5a3a41a
...
...
@@ -49,15 +49,15 @@ RSpec.describe 'Login', :clean_gitlab_redis_sessions do
expect
(
current_path
).
to
eq
edit_user_password_path
expect
(
page
).
to
have_content
(
'Please create a password for your new account.'
)
fill_in
'user_password'
,
with:
'password'
fill_in
'user_password_confirmation'
,
with:
'password'
fill_in
'user_password'
,
with:
Gitlab
::
Password
.
test_default
fill_in
'user_password_confirmation'
,
with:
Gitlab
::
Password
.
test_default
click_button
'Change your password'
expect
(
current_path
).
to
eq
new_user_session_path
expect
(
page
).
to
have_content
(
I18n
.
t
(
'devise.passwords.updated_not_active'
))
fill_in
'user_login'
,
with:
user
.
username
fill_in
'user_password'
,
with:
'password'
fill_in
'user_password'
,
with:
Gitlab
::
Password
.
test_default
click_button
'Sign in'
expect_single_session_with_authenticated_ttl
...
...
@@ -210,7 +210,7 @@ RSpec.describe 'Login', :clean_gitlab_redis_sessions do
end
it
'does not allow sign-in if the user password is updated before entering a one-time code'
do
user
.
update!
(
password:
'new_password'
)
user
.
update!
(
password:
"new"
+
Gitlab
::
Password
.
test_default
)
enter_code
(
user
.
current_otp
)
...
...
@@ -447,7 +447,7 @@ RSpec.describe 'Login', :clean_gitlab_redis_sessions do
visit
new_user_session_path
fill_in
'user_login'
,
with:
user
.
email
fill_in
'user_password'
,
with:
'12345678'
fill_in
'user_password'
,
with:
Gitlab
::
Password
.
test_default
click_button
'Sign in'
expect
(
current_path
).
to
eq
(
new_profile_password_path
)
...
...
@@ -456,7 +456,7 @@ RSpec.describe 'Login', :clean_gitlab_redis_sessions do
end
context
'with invalid username and password'
do
let
(
:user
)
{
create
(
:user
,
password:
'not-the-default'
)
}
let
(
:user
)
{
create
(
:user
,
password:
"not"
+
Gitlab
::
Password
.
test_default
)
}
it
'blocks invalid login'
do
expect
(
authentication_metrics
)
...
...
@@ -767,7 +767,7 @@ RSpec.describe 'Login', :clean_gitlab_redis_sessions do
visit
new_user_session_path
fill_in
'user_login'
,
with:
user
.
email
fill_in
'user_password'
,
with:
'12345678'
fill_in
'user_password'
,
with:
Gitlab
::
Password
.
test_default
click_button
'Sign in'
...
...
@@ -788,7 +788,7 @@ RSpec.describe 'Login', :clean_gitlab_redis_sessions do
visit
new_user_session_path
fill_in
'user_login'
,
with:
user
.
email
fill_in
'user_password'
,
with:
'12345678'
fill_in
'user_password'
,
with:
Gitlab
::
Password
.
test_default
click_button
'Sign in'
...
...
@@ -809,7 +809,7 @@ RSpec.describe 'Login', :clean_gitlab_redis_sessions do
visit
new_user_session_path
fill_in
'user_login'
,
with:
user
.
email
fill_in
'user_password'
,
with:
'12345678'
fill_in
'user_password'
,
with:
Gitlab
::
Password
.
test_default
click_button
'Sign in'
...
...
@@ -844,7 +844,7 @@ RSpec.describe 'Login', :clean_gitlab_redis_sessions do
visit
new_user_session_path
fill_in
'user_login'
,
with:
user
.
email
fill_in
'user_password'
,
with:
'12345678'
fill_in
'user_password'
,
with:
Gitlab
::
Password
.
test_default
click_button
'Sign in'
fill_in
'user_otp_attempt'
,
with:
user
.
reload
.
current_otp
...
...
@@ -870,7 +870,7 @@ RSpec.describe 'Login', :clean_gitlab_redis_sessions do
visit
new_user_session_path
fill_in
'user_login'
,
with:
user
.
email
fill_in
'user_password'
,
with:
'12345678'
fill_in
'user_password'
,
with:
Gitlab
::
Password
.
test_default
click_button
'Sign in'
expect_to_be_on_terms_page
...
...
@@ -878,7 +878,7 @@ RSpec.describe 'Login', :clean_gitlab_redis_sessions do
expect
(
current_path
).
to
eq
(
new_profile_password_path
)
fill_in
'user_password'
,
with:
'12345678'
fill_in
'user_password'
,
with:
Gitlab
::
Password
.
test_default
fill_in
'user_new_password'
,
with:
'new password'
fill_in
'user_password_confirmation'
,
with:
'new password'
click_button
'Set new password'
...
...
spec/lib/gitlab/auth_spec.rb
View file @
a5a3a41a
...
...
@@ -87,7 +87,7 @@ RSpec.describe Gitlab::Auth, :use_clean_rails_memory_store_caching do
end
context
'when IP is already banned'
do
subject
{
gl_auth
.
find_for_git_client
(
'username'
,
'password'
,
project:
nil
,
ip:
'ip'
)
}
subject
{
gl_auth
.
find_for_git_client
(
'username'
,
Gitlab
::
Password
.
test_default
,
project:
nil
,
ip:
'ip'
)
}
before
do
expect_next_instance_of
(
Gitlab
::
Auth
::
IpRateLimiter
)
do
|
rate_limiter
|
...
...
@@ -204,16 +204,16 @@ RSpec.describe Gitlab::Auth, :use_clean_rails_memory_store_caching do
end
it
'recognizes master passwords'
do
user
=
create
(
:user
,
password:
'password'
)
user
=
create
(
:user
,
password:
Gitlab
::
Password
.
test_default
)
expect
(
gl_auth
.
find_for_git_client
(
user
.
username
,
'password'
,
project:
nil
,
ip:
'ip'
)).
to
have_attributes
(
actor:
user
,
project:
nil
,
type: :gitlab_or_ldap
,
authentication_abilities:
described_class
.
full_authentication_abilities
)
expect
(
gl_auth
.
find_for_git_client
(
user
.
username
,
Gitlab
::
Password
.
test_default
,
project:
nil
,
ip:
'ip'
)).
to
have_attributes
(
actor:
user
,
project:
nil
,
type: :gitlab_or_ldap
,
authentication_abilities:
described_class
.
full_authentication_abilities
)
end
include_examples
'user login operation with unique ip limit'
do
let
(
:user
)
{
create
(
:user
,
password:
'password'
)
}
let
(
:user
)
{
create
(
:user
,
password:
Gitlab
::
Password
.
test_default
)
}
def
operation
expect
(
gl_auth
.
find_for_git_client
(
user
.
username
,
'password'
,
project:
nil
,
ip:
'ip'
)).
to
have_attributes
(
actor:
user
,
project:
nil
,
type: :gitlab_or_ldap
,
authentication_abilities:
described_class
.
full_authentication_abilities
)
expect
(
gl_auth
.
find_for_git_client
(
user
.
username
,
Gitlab
::
Password
.
test_default
,
project:
nil
,
ip:
'ip'
)).
to
have_attributes
(
actor:
user
,
project:
nil
,
type: :gitlab_or_ldap
,
authentication_abilities:
described_class
.
full_authentication_abilities
)
end
end
...
...
@@ -477,7 +477,7 @@ RSpec.describe Gitlab::Auth, :use_clean_rails_memory_store_caching do
:user
,
:blocked
,
username:
'normal_user'
,
password:
'my-secret'
password:
Gitlab
::
Password
.
test_default
)
expect
(
gl_auth
.
find_for_git_client
(
user
.
username
,
user
.
password
,
project:
nil
,
ip:
'ip'
))
...
...
@@ -486,7 +486,7 @@ RSpec.describe Gitlab::Auth, :use_clean_rails_memory_store_caching do
context
'when 2fa is enabled globally'
do
let_it_be
(
:user
)
do
create
(
:user
,
username:
'normal_user'
,
password:
'my-secret'
,
otp_grace_period_started_at:
1
.
day
.
ago
)
create
(
:user
,
username:
'normal_user'
,
password:
Gitlab
::
Password
.
test_default
,
otp_grace_period_started_at:
1
.
day
.
ago
)
end
before
do
...
...
@@ -510,7 +510,7 @@ RSpec.describe Gitlab::Auth, :use_clean_rails_memory_store_caching do
context
'when 2fa is enabled personally'
do
let
(
:user
)
do
create
(
:user
,
:two_factor
,
username:
'normal_user'
,
password:
'my-secret'
,
otp_grace_period_started_at:
1
.
day
.
ago
)
create
(
:user
,
:two_factor
,
username:
'normal_user'
,
password:
Gitlab
::
Password
.
test_default
,
otp_grace_period_started_at:
1
.
day
.
ago
)
end
it
'fails'
do
...
...
@@ -523,7 +523,7 @@ RSpec.describe Gitlab::Auth, :use_clean_rails_memory_store_caching do
user
=
create
(
:user
,
username:
'normal_user'
,
password:
'my-secret'
password:
Gitlab
::
Password
.
test_default
)
expect
(
gl_auth
.
find_for_git_client
(
user
.
username
,
user
.
password
,
project:
nil
,
ip:
'ip'
))
...
...
@@ -534,7 +534,7 @@ RSpec.describe Gitlab::Auth, :use_clean_rails_memory_store_caching do
user
=
create
(
:user
,
username:
'oauth2'
,
password:
'my-secret'
password:
Gitlab
::
Password
.
test_default
)
expect
(
gl_auth
.
find_for_git_client
(
user
.
username
,
user
.
password
,
project:
nil
,
ip:
'ip'
))
...
...
@@ -609,7 +609,7 @@ RSpec.describe Gitlab::Auth, :use_clean_rails_memory_store_caching do
context
'when deploy token and user have the same username'
do
let
(
:username
)
{
'normal_user'
}
let
(
:user
)
{
create
(
:user
,
username:
username
,
password:
'my-secret'
)
}
let
(
:user
)
{
create
(
:user
,
username:
username
,
password:
Gitlab
::
Password
.
test_default
)
}
let
(
:deploy_token
)
{
create
(
:deploy_token
,
username:
username
,
read_registry:
false
,
projects:
[
project
])
}
it
'succeeds for the token'
do
...
...
@@ -622,7 +622,7 @@ RSpec.describe Gitlab::Auth, :use_clean_rails_memory_store_caching do
it
'succeeds for the user'
do
auth_success
=
{
actor:
user
,
project:
nil
,
type: :gitlab_or_ldap
,
authentication_abilities:
described_class
.
full_authentication_abilities
}
expect
(
gl_auth
.
find_for_git_client
(
username
,
'my-secret'
,
project:
project
,
ip:
'ip'
))
expect
(
gl_auth
.
find_for_git_client
(
username
,
Gitlab
::
Password
.
test_default
,
project:
project
,
ip:
'ip'
))
.
to
have_attributes
(
auth_success
)
end
end
...
...
@@ -816,7 +816,7 @@ RSpec.describe Gitlab::Auth, :use_clean_rails_memory_store_caching do
end
let
(
:username
)
{
'John'
}
# username isn't lowercase, test this
let
(
:password
)
{
'my-secret'
}
let
(
:password
)
{
Gitlab
::
Password
.
test_default
}
it
"finds user by valid login/password"
do
expect
(
gl_auth
.
find_with_user_password
(
username
,
password
)).
to
eql
user
...
...
@@ -941,13 +941,13 @@ RSpec.describe Gitlab::Auth, :use_clean_rails_memory_store_caching do
it
"does not find user by using ldap as fallback to for authentication"
do
expect
(
Gitlab
::
Auth
::
Ldap
::
Authentication
).
to
receive
(
:login
).
and_return
(
nil
)
expect
(
gl_auth
.
find_with_user_password
(
'ldap_user'
,
'password'
)).
to
be_nil
expect
(
gl_auth
.
find_with_user_password
(
'ldap_user'
,
Gitlab
::
Password
.
test_default
)).
to
be_nil
end
it
"find new user by using ldap as fallback to for authentication"
do
expect
(
Gitlab
::
Auth
::
Ldap
::
Authentication
).
to
receive
(
:login
).
and_return
(
user
)
expect
(
gl_auth
.
find_with_user_password
(
'ldap_user'
,
'password'
)).
to
eq
(
user
)
expect
(
gl_auth
.
find_with_user_password
(
'ldap_user'
,
Gitlab
::
Password
.
test_default
)).
to
eq
(
user
)
end
end
...
...
spec/mailers/emails/profile_spec.rb
View file @
a5a3a41a
...
...
@@ -49,7 +49,7 @@ RSpec.describe Emails::Profile do
describe
'for users that signed up, the email'
do
let
(
:example_site_path
)
{
root_path
}
let
(
:new_user
)
{
create
(
:user
,
email:
new_user_address
,
password:
"securePassword"
)
}
let
(
:new_user
)
{
create
(
:user
,
email:
new_user_address
,
password:
Gitlab
::
Password
.
test_default
)
}
subject
{
Notify
.
new_user_email
(
new_user
.
id
)
}
...
...
spec/models/hooks/system_hook_spec.rb
View file @
a5a3a41a
...
...
@@ -37,7 +37,7 @@ RSpec.describe SystemHook do
let
(
:project
)
{
create
(
:project
,
namespace:
user
.
namespace
)
}
let
(
:group
)
{
create
(
:group
)
}
let
(
:params
)
do
{
name:
'John Doe'
,
username:
'jduser'
,
email:
'jg@example.com'
,
password:
'mydummypass'
}
{
name:
'John Doe'
,
username:
'jduser'
,
email:
'jg@example.com'
,
password:
Gitlab
::
Password
.
test_default
}
end
before
do
...
...
spec/models/user_spec.rb
View file @
a5a3a41a
...
...
@@ -1672,9 +1672,9 @@ RSpec.describe User do
describe
'#generate_password'
do
it
'does not generate password by default'
do
user
=
create
(
:user
,
password:
'abcdefghe'
)
user
=
create
(
:user
,
password:
Gitlab
::
Password
.
test_default
)
expect
(
user
.
password
).
to
eq
(
'abcdefghe'
)
expect
(
user
.
password
).
to
eq
(
Gitlab
::
Password
.
test_default
)
end
end
...
...
spec/requests/api/users_spec.rb
View file @
a5a3a41a
...
...
@@ -1027,7 +1027,7 @@ RSpec.describe API::Users do
post
api
(
'/users'
,
admin
),
params:
{
email:
'invalid email'
,
password:
'password'
,
password:
Gitlab
::
Password
.
test_default
,
name:
'test'
}
expect
(
response
).
to
have_gitlab_http_status
(
:bad_request
)
...
...
@@ -1093,7 +1093,7 @@ RSpec.describe API::Users do
post
api
(
'/users'
,
admin
),
params:
{
email:
'test@example.com'
,
password:
'password'
,
password:
Gitlab
::
Password
.
test_default
,
username:
'test'
,
name:
'foo'
}
...
...
@@ -1105,7 +1105,7 @@ RSpec.describe API::Users do
params:
{
name:
'foo'
,
email:
'test@example.com'
,
password:
'password'
,
password:
Gitlab
::
Password
.
test_default
,
username:
'foo'
}
end
.
to
change
{
User
.
count
}.
by
(
0
)
...
...
@@ -1119,7 +1119,7 @@ RSpec.describe API::Users do
params:
{
name:
'foo'
,
email:
'foo@example.com'
,
password:
'password'
,
password:
Gitlab
::
Password
.
test_default
,
username:
'test'
}
end
.
to
change
{
User
.
count
}.
by
(
0
)
...
...
@@ -1133,7 +1133,7 @@ RSpec.describe API::Users do
params:
{
name:
'foo'
,
email:
'foo@example.com'
,
password:
'password'
,
password:
Gitlab
::
Password
.
test_default
,
username:
'TEST'
}
end
.
to
change
{
User
.
count
}.
by
(
0
)
...
...
@@ -1478,8 +1478,8 @@ RSpec.describe API::Users do
context
"with existing user"
do
before
do
post
api
(
"/users"
,
admin
),
params:
{
email:
'test@example.com'
,
password:
'password'
,
username:
'test'
,
name:
'test'
}
post
api
(
"/users"
,
admin
),
params:
{
email:
'foo@bar.com'
,
password:
'password'
,
username:
'john'
,
name:
'john'
}
post
api
(
"/users"
,
admin
),
params:
{
email:
'test@example.com'
,
password:
Gitlab
::
Password
.
test_default
,
username:
'test'
,
name:
'test'
}
post
api
(
"/users"
,
admin
),
params:
{
email:
'foo@bar.com'
,
password:
Gitlab
::
Password
.
test_default
,
username:
'john'
,
name:
'john'
}
@user
=
User
.
all
.
last
end
...
...
spec/requests/git_http_spec.rb
View file @
a5a3a41a
...
...
@@ -319,7 +319,7 @@ RSpec.describe 'Git HTTP requests' do
context
'when user is using credentials with special characters'
do
context
'with password with special characters'
do
before
do
user
.
update!
(
password:
'RKszEwéC5kFnû∆f243fycGu§Gh9ftDj!U'
)
user
.
update!
(
password:
Gitlab
::
Password
.
test_default
)
end
it
'allows clones'
do
...
...
@@ -1670,7 +1670,7 @@ RSpec.describe 'Git HTTP requests' do
context
'when user is using credentials with special characters'
do
context
'with password with special characters'
do
before
do
user
.
update!
(
password:
'RKszEwéC5kFnû∆f243fycGu§Gh9ftDj!U'
)
user
.
update!
(
password:
Gitlab
::
Password
.
test_default
)
end
it
'allows clones'
do
...
...
spec/services/users/create_service_spec.rb
View file @
a5a3a41a
...
...
@@ -12,7 +12,7 @@ RSpec.describe Users::CreateService do
context
'when required parameters are provided'
do
let
(
:params
)
do
{
name:
'John Doe'
,
username:
'jduser'
,
email:
email
,
password:
'mydummypass'
}
{
name:
'John Doe'
,
username:
'jduser'
,
email:
email
,
password:
Gitlab
::
Password
.
test_default
}
end
it
'returns a persisted user'
do
...
...
@@ -82,13 +82,13 @@ RSpec.describe Users::CreateService do
context
'when force_random_password parameter is true'
do
let
(
:params
)
do
{
name:
'John Doe'
,
username:
'jduser'
,
email:
'jd@example.com'
,
password:
'mydummypass'
,
force_random_password:
true
}
{
name:
'John Doe'
,
username:
'jduser'
,
email:
'jd@example.com'
,
password:
Gitlab
::
Password
.
test_default
,
force_random_password:
true
}
end
it
'generates random password'
do
user
=
service
.
execute
expect
(
user
.
password
).
not_to
eq
'mydummypass'
expect
(
user
.
password
).
not_to
eq
Gitlab
::
Password
.
test_default
expect
(
user
.
password
).
to
be_present
end
end
...
...
@@ -99,7 +99,7 @@ RSpec.describe Users::CreateService do
name:
'John Doe'
,
username:
'jduser'
,
email:
'jd@example.com'
,
password:
'mydummypass'
,
password:
Gitlab
::
Password
.
test_default
,
password_automatically_set:
true
}
end
...
...
@@ -121,7 +121,7 @@ RSpec.describe Users::CreateService do
context
'when skip_confirmation parameter is true'
do
let
(
:params
)
do
{
name:
'John Doe'
,
username:
'jduser'
,
email:
'jd@example.com'
,
password:
'mydummypass'
,
skip_confirmation:
true
}
{
name:
'John Doe'
,
username:
'jduser'
,
email:
'jd@example.com'
,
password:
Gitlab
::
Password
.
test_default
,
skip_confirmation:
true
}
end
it
'confirms the user'
do
...
...
@@ -131,7 +131,7 @@ RSpec.describe Users::CreateService do
context
'when reset_password parameter is true'
do
let
(
:params
)
do
{
name:
'John Doe'
,
username:
'jduser'
,
email:
'jd@example.com'
,
password:
'mydummypass'
,
reset_password:
true
}
{
name:
'John Doe'
,
username:
'jduser'
,
email:
'jd@example.com'
,
password:
Gitlab
::
Password
.
test_default
,
reset_password:
true
}
end
it
'resets password even if a password parameter is given'
do
...
...
@@ -152,7 +152,7 @@ RSpec.describe Users::CreateService do
context
'with nil user'
do
let
(
:params
)
do
{
name:
'John Doe'
,
username:
'jduser'
,
email:
'jd@example.com'
,
password:
'mydummypass'
,
skip_confirmation:
true
}
{
name:
'John Doe'
,
username:
'jduser'
,
email:
'jd@example.com'
,
password:
Gitlab
::
Password
.
test_default
,
skip_confirmation:
true
}
end
let
(
:service
)
{
described_class
.
new
(
nil
,
params
)
}
...
...
spec/support/helpers/login_helpers.rb
View file @
a5a3a41a
...
...
@@ -95,7 +95,7 @@ module LoginHelpers
visit
new_user_session_path
fill_in
"user_login"
,
with:
user
.
email
fill_in
"user_password"
,
with:
"12345678"
fill_in
"user_password"
,
with:
Gitlab
::
Password
.
test_default
check
'user_remember_me'
if
remember
click_button
"Sign in"
...
...
spec/tasks/gitlab/password_rake_spec.rb
View file @
a5a3a41a
...
...
@@ -3,7 +3,7 @@
require
'rake_helper'
RSpec
.
describe
'gitlab:password rake tasks'
,
:silence_stdout
do
let_it_be
(
:user_1
)
{
create
(
:user
,
username:
'foobar'
,
password:
'initial_password'
)
}
let_it_be
(
:user_1
)
{
create
(
:user
,
username:
'foobar'
,
password:
Gitlab
::
Password
.
test_default
)
}
def
stub_username
(
username
)
allow
(
Gitlab
::
TaskHelpers
).
to
receive
(
:prompt
).
with
(
'Enter username: '
).
and_return
(
username
)
...
...
@@ -19,14 +19,14 @@ RSpec.describe 'gitlab:password rake tasks', :silence_stdout do
Rake
.
application
.
rake_require
'tasks/gitlab/password'
stub_username
(
'foobar'
)
stub_password
(
'secretpassword'
)
stub_password
(
Gitlab
::
Password
.
test_default
)
end
describe
':reset'
do
context
'when all inputs are correct'
do
it
'updates the password properly'
do
run_rake_task
(
'gitlab:password:reset'
,
user_1
.
username
)
expect
(
user_1
.
reload
.
valid_password?
(
'secretpassword'
)).
to
eq
(
true
)
expect
(
user_1
.
reload
.
valid_password?
(
Gitlab
::
Password
.
test_default
)).
to
eq
(
true
)
end
end
...
...
@@ -55,7 +55,7 @@ RSpec.describe 'gitlab:password rake tasks', :silence_stdout do
context
'when passwords do not match'
do
before
do
stub_password
(
'randompassword'
,
'differentpassword'
)
stub_password
(
Gitlab
::
Password
.
test_default
,
"different"
+
Gitlab
::
Password
.
test_default
)
end
it
'aborts with an error'
do
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment