From 024301ace13691893576c1899dd39e7203231a4f Mon Sep 17 00:00:00 2001
From: Guillermo Prandi <guillep2k@users.noreply.github.com>
Date: Tue, 19 Nov 2019 14:33:08 -0300
Subject: [PATCH 1/2] Fix password checks on admin create/edit user

---
 routers/admin/users.go | 17 ++++++++++++++---
 1 file changed, 14 insertions(+), 3 deletions(-)

diff --git a/routers/admin/users.go b/routers/admin/users.go
index 2284f21838c6a..bcc8479ffcc84 100644
--- a/routers/admin/users.go
+++ b/routers/admin/users.go
@@ -94,8 +94,14 @@ func NewUserPost(ctx *context.Context, form auth.AdminCreateUserForm) {
 			u.LoginName = form.LoginName
 		}
 	}
-	if u.LoginType == models.LoginPlain {
+	if u.LoginType == models.LoginNoType || u.LoginType == models.LoginPlain {
+		if len(strings.TrimSpace(form.Password)) > 0 && len(form.Password) < setting.MinPasswordLength {
+			ctx.Data["Err_Password"] = true
+			ctx.RenderWithErr(ctx.Tr("auth.password_too_short", setting.MinPasswordLength), tplUserNew, &form)
+			return
+		}
 		if !password.IsComplexEnough(form.Password) {
+			ctx.Data["Err_Password"] = true
 			ctx.RenderWithErr(ctx.Tr("form.password_complexity"), tplUserNew, &form)
 			return
 		}
@@ -203,14 +209,19 @@ func EditUserPost(ctx *context.Context, form auth.AdminEditUserForm) {
 
 	if len(form.Password) > 0 {
 		var err error
-		if u.Salt, err = models.GetUserSalt(); err != nil {
-			ctx.ServerError("UpdateUser", err)
+		if len(strings.TrimSpace(form.Password)) > 0 && len(form.Password) < setting.MinPasswordLength {
+			ctx.Data["Err_Password"] = true
+			ctx.RenderWithErr(ctx.Tr("auth.password_too_short", setting.MinPasswordLength), tplUserEdit, &form)
 			return
 		}
 		if !password.IsComplexEnough(form.Password) {
 			ctx.RenderWithErr(ctx.Tr("form.password_complexity"), tplUserEdit, &form)
 			return
 		}
+		if u.Salt, err = models.GetUserSalt(); err != nil {
+			ctx.ServerError("UpdateUser", err)
+			return
+		}
 		u.HashPassword(form.Password)
 	}
 

From 4388938eebb9da123b310a630eaced791d440fe9 Mon Sep 17 00:00:00 2001
From: Guillermo Prandi <guillep2k@users.noreply.github.com>
Date: Tue, 19 Nov 2019 19:51:54 -0300
Subject: [PATCH 2/2] Remove incorrect trimspace

---
 routers/admin/users.go | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/routers/admin/users.go b/routers/admin/users.go
index bcc8479ffcc84..881baa6c16f38 100644
--- a/routers/admin/users.go
+++ b/routers/admin/users.go
@@ -95,7 +95,7 @@ func NewUserPost(ctx *context.Context, form auth.AdminCreateUserForm) {
 		}
 	}
 	if u.LoginType == models.LoginNoType || u.LoginType == models.LoginPlain {
-		if len(strings.TrimSpace(form.Password)) > 0 && len(form.Password) < setting.MinPasswordLength {
+		if len(form.Password) < setting.MinPasswordLength {
 			ctx.Data["Err_Password"] = true
 			ctx.RenderWithErr(ctx.Tr("auth.password_too_short", setting.MinPasswordLength), tplUserNew, &form)
 			return
@@ -209,7 +209,7 @@ func EditUserPost(ctx *context.Context, form auth.AdminEditUserForm) {
 
 	if len(form.Password) > 0 {
 		var err error
-		if len(strings.TrimSpace(form.Password)) > 0 && len(form.Password) < setting.MinPasswordLength {
+		if len(form.Password) < setting.MinPasswordLength {
 			ctx.Data["Err_Password"] = true
 			ctx.RenderWithErr(ctx.Tr("auth.password_too_short", setting.MinPasswordLength), tplUserEdit, &form)
 			return