def _save_edit(self, id, context): try: data_dict = logic.clean_dict( unflatten( logic.tuplize_dict(logic.parse_params(request.params)))) context['message'] = data_dict.get('log_message', '') data_dict['id'] = id if data_dict['password1'] and data_dict['password2']: identity = { 'login': c.user, 'password': data_dict['old_password'] } auth = authenticator.UsernamePasswordAuthenticator() if auth.authenticate(request.environ, identity) != c.user: raise UsernamePasswordError # MOAN: Do I really have to do this here? if 'activity_streams_email_notifications' not in data_dict: data_dict['activity_streams_email_notifications'] = False #HO Change to implement a pattern form passwords if data_dict['password2']: if plugin.search_password(data_dict['password2']): print("Password matched") else: print("It didn't") abort( 400, _('Password does not match the required pattern, needs at least one lower case, one upper case, a number and one of ' + plugin.special_chars)) print("checking password fits regex" + data_dict['password2']) #End of HO Change user = get_action('user_update')(context, data_dict) h.flash_success(_('Profile updated')) h.redirect_to(controller='user', action='read', id=user['name']) except NotAuthorized: abort(401, _('Unauthorized to edit user %s') % id) except NotFound, e: abort(404, _('User not found'))
def _save_edit(self, id, context): try: data_dict = logic.clean_dict(unflatten(logic.tuplize_dict(logic.parse_params(request.params)))) context["message"] = data_dict.get("log_message", "") data_dict["id"] = id if data_dict["password1"] and data_dict["password2"]: identity = {"login": c.user, "password": data_dict["old_password"]} auth = authenticator.UsernamePasswordAuthenticator() if auth.authenticate(request.environ, identity) != c.user: raise UsernamePasswordError # MOAN: Do I really have to do this here? if "activity_streams_email_notifications" not in data_dict: data_dict["activity_streams_email_notifications"] = False # HO Change to implement a pattern form passwords if data_dict["password2"]: if plugin.search_password(data_dict["password2"]): print("Password matched") else: print("It didn't") abort( 400, _( "Password does not match the required pattern, needs at least one lower case, one upper case, a number and one of " + plugin.special_chars ), ) print("checking password fits regex" + data_dict["password2"]) # End of HO Change user = get_action("user_update")(context, data_dict) h.flash_success(_("Profile updated")) h.redirect_to(controller="user", action="read", id=user["name"]) except NotAuthorized: abort(401, _("Unauthorized to edit user %s") % id) except NotFound, e: abort(404, _("User not found"))
def test_pass(): password = "******" assert plugin.search_password(password) pass
def test_lower_upper_number_only(): password = "******" assert not plugin.search_password(password) pass
def test_lowercase_and_uppercase_only(): password = "******" assert not plugin.search_password(password) pass
def test_length_exact(): password = "******" assert plugin.search_password(password) pass
def test_length_short(): password = "******" assert not plugin.search_password(password) pass