Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix bad request when creating users without a password #30649

Closed

Conversation

kagmole
Copy link

@kagmole kagmole commented Jan 13, 2022

As requested in #30241, here is a pull-request containing the suggested
changes.


Commit summary:

When the minimal password length is set to 0, the generated password by
GenerateSecurePasswordEvent is '', which would bypass the fallback
password generation. UserManager would then throw an error since the
password is an empty string.

When the minimal password length is set to 0, the generated password by
`GenerateSecurePasswordEvent` is '', which would bypass the fallback
password generation. `UserManager` would then throw an error since the
password is an empty string.

Signed-off-by: Dany Jupille <dany.jupille@gmail.com>
@szaimen szaimen added the 3. to review Waiting for reviews label Jan 13, 2022
@szaimen szaimen added this to the Nextcloud 24 milestone Jan 13, 2022
@szaimen szaimen requested review from a team, nickvergessen, icewind1991 and CarlSchwan and removed request for a team January 13, 2022 14:44
@szaimen szaimen linked an issue Jan 13, 2022 that may be closed by this pull request
@nickvergessen
Copy link
Member

Could also fix the password policy app to generate a non-empty password when being asked

@CarlSchwan
Copy link
Member

Could also fix the password policy app to generate a non-empty password when being asked

I also think this is the best solution. Either not allow empty password policies or make an empty password policy still generate a password with a few characters

@skjnldsv skjnldsv mentioned this pull request Mar 24, 2022
@blizzz blizzz mentioned this pull request Mar 31, 2022
This was referenced Apr 7, 2022
@blizzz blizzz modified the milestones: Nextcloud 24, Nextcloud 25 Apr 21, 2022
@PVince81
Copy link
Member

fixed in the password policy app: nextcloud/password_policy#356

@PVince81 PVince81 closed this Jun 10, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
3. to review Waiting for reviews
Projects
None yet
Development

Successfully merging this pull request may close these issues.

Bad Request when creating a user without password
6 participants