Skip to content

Commit

Permalink
add password regex setting onto dashboardsinfo backend call (#2999)
Browse files Browse the repository at this point in the history
* add password regex setting onto dashboardsinfo backend call

Signed-off-by: Derek Ho <[email protected]>
  • Loading branch information
derek-ho authored Jul 18, 2023
1 parent 809aeda commit 744b5d4
Show file tree
Hide file tree
Showing 3 changed files with 14 additions and 1 deletion.
Original file line number Diff line number Diff line change
Expand Up @@ -27,6 +27,7 @@
import static org.hamcrest.Matchers.containsString;
import static org.hamcrest.Matchers.equalTo;
import static org.opensearch.security.rest.DashboardsInfoAction.DEFAULT_PASSWORD_MESSAGE;
import static org.opensearch.security.rest.DashboardsInfoAction.DEFAULT_PASSWORD_REGEX;
import static org.opensearch.test.framework.TestSecurityConfig.AuthcDomain.AUTHC_HTTPBASIC_INTERNAL;

@RunWith(com.carrotsearch.randomizedtesting.RandomizedRunner.class)
Expand All @@ -51,6 +52,8 @@ public void testDashboardsInfoValidationMessage() throws Exception {
assertThat(response.getStatusCode(), equalTo(HttpStatus.SC_OK));
assertThat(response.getBody(), containsString("password_validation_error_message"));
assertThat(response.getBody(), containsString(DEFAULT_PASSWORD_MESSAGE));
assertThat(response.getBody(), containsString("password_validation_regex"));
assertThat(response.getBody(), containsString(DEFAULT_PASSWORD_REGEX));
}
}
}
Original file line number Diff line number Diff line change
Expand Up @@ -41,14 +41,16 @@ public class DashboardsInfoWithSettingsTest {
private static final String CUSTOM_PASSWORD_MESSAGE =
"Password must be minimum 5 characters long and must contain at least one uppercase letter, one lowercase letter, one digit, and one special character.";

private static final String CUSTOM_PASSWORD_REGEX = "(?=.*[A-Z])(?=.*[^a-zA-Z\\d])(?=.*[0-9])(?=.*[a-z]).{5,}";

@ClassRule
public static LocalCluster cluster = new LocalCluster.Builder().clusterManager(ClusterManager.THREE_CLUSTER_MANAGERS)
.authc(AUTHC_HTTPBASIC_INTERNAL)
.users(DASHBOARDS_USER)
.nodeSettings(
Map.of(
ConfigConstants.SECURITY_RESTAPI_PASSWORD_VALIDATION_REGEX,
"(?=.*[A-Z])(?=.*[^a-zA-Z\\d])(?=.*[0-9])(?=.*[a-z]).{5,}",
CUSTOM_PASSWORD_REGEX,
ConfigConstants.SECURITY_RESTAPI_PASSWORD_VALIDATION_ERROR_MESSAGE,
CUSTOM_PASSWORD_MESSAGE
)
Expand All @@ -63,6 +65,8 @@ public void testDashboardsInfoValidationMessageWithCustomMessage() throws Except
assertThat(response.getStatusCode(), equalTo(HttpStatus.SC_OK));
assertThat(response.getBody(), containsString("password_validation_error_message"));
assertThat(response.getBody(), containsString(CUSTOM_PASSWORD_MESSAGE));
assertThat(response.getBody(), containsString("password_validation_regex"));
assertThat(response.getBody(), containsString(CUSTOM_PASSWORD_REGEX));
}
}
}
Original file line number Diff line number Diff line change
Expand Up @@ -68,6 +68,8 @@ public class DashboardsInfoAction extends BaseRestHandler {
public static final String DEFAULT_PASSWORD_MESSAGE = "Password should be at least 8 characters long and contain at least one "
+ "uppercase letter, one lowercase letter, one digit, and one special character.";

public static final String DEFAULT_PASSWORD_REGEX = "(?=.*[A-Z])(?=.*[^a-zA-Z\\d])(?=.*[0-9])(?=.*[a-z]).{8,}";

public DashboardsInfoAction(
final Settings settings,
final RestController controller,
Expand Down Expand Up @@ -110,6 +112,10 @@ public void accept(RestChannel channel) throws Exception {
"password_validation_error_message",
client.settings().get(ConfigConstants.SECURITY_RESTAPI_PASSWORD_VALIDATION_ERROR_MESSAGE, DEFAULT_PASSWORD_MESSAGE)
);
builder.field(
"password_validation_regex",
client.settings().get(ConfigConstants.SECURITY_RESTAPI_PASSWORD_VALIDATION_REGEX, DEFAULT_PASSWORD_REGEX)
);
builder.endObject();

response = new BytesRestResponse(RestStatus.OK, builder);
Expand Down

0 comments on commit 744b5d4

Please sign in to comment.