OpenStack Dashboard Charm

Charm Support for disable_password_reveal

Bug #1840251 reported by Mihaela Andronic on 2019-08-15

This bug affects 2 people

Affects		Status	Importance	Assigned to	Milestone
	OpenStack Dashboard Charm	Fix Released	Wishlist	Unassigned	OpenStack Dashboard Charm 20.05

Bug Description

Hi,

Our Customer needs to disable the reveal button for password fields, including on the login form for security reasons.

At a first inspection of the juju config parameters for the openstack-dashboard application on the cloud environment, we cannot see this option available within the charm.

Our Engineers managed to to MANUALLY add the option that was requested within a Juju deployed OpenStack lab, where they made the following changes to a test unit for the openstack-dashboard application.

#STEPS#

First, created the following settings snippet:

sudo su -c "cat > /usr/share/openstack-dashboard/openstack_dashboard/local/local_settings.d/_20_disable_password_reveal.py <<'EOF'
HORIZON_CONFIG['disable_password_reveal'] = True
EOF"

After restarting the OpenStack dashboard, on the dashboard login page, they could confirm that the reveal GUI option was now gone, as intended.

IMPORTANT NOTE: if we are to manually add this configuration to the openstack-dashboard units within the cloud environment, it will not survive an application redeploy. Also, as of yet we have not been able to confirm yet whether the charm will not overwrite this directory altogether, wiping away the changes made.

We are opening this BUG as a request to make the setting available from charm option.

Thanks in advance,
Kind Regards

See original description

Tags:

Chris MacNaughton (chris.macnaughton) on 2019-08-15

Changed in charm-openstack-dashboard:
status:	New → Confirmed
importance:	Undecided → Wishlist

Mihaela Andronic (mihaela) on 2019-08-19

description:

updated

Xav Paice (xavpaice) on 2019-08-27

Changed in charm-openstack-dashboard:
assignee:	nobody → Xav Paice (xavpaice)
status:	Confirmed → In Progress

Revision history for this message

Xav Paice (xavpaice) wrote on 2019-08-27:

https://review.opendev.org/#/c/678723/

Revision history for this message

Xav Paice (xavpaice) wrote on 2019-08-27:

subscribed field-medium, because this is blocking a customer's security audit.

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2020-03-12: Fix merged to charm-openstack-dashboard (master)

Reviewed: https://review.opendev.org/678723
Committed: https://git.openstack.org/cgit/openstack/charm-openstack-dashboard/commit/?id=957a6adc0351276f36dc48718aa6d233072caff6
Submitter: Zuul
Branch: master

commit 957a6adc0351276f36dc48718aa6d233072caff6
Author: Xav Paice <email address hidden>
Date: Tue Aug 27 16:56:16 2019 +1200

Add disable-password-reveal option

    Adds config item to add HORIZON_CONFIG['disable_password_reveal'] = True
    option to Horizon's local_settings.py, from Mitaka onwards. This
    prevents the reveal password button from being displayed.

Change-Id: I299f6a6388c3a2ab68cabaeb16e5104ec319e144
Closes-bug: #1840251

Changed in charm-openstack-dashboard:
status:	In Progress → Fix Committed

Xav Paice (xavpaice) on 2020-03-12

Changed in charm-openstack-dashboard:
assignee:	Xav Paice (xavpaice) → nobody

James Page (james-page) on 2020-05-19

Changed in charm-openstack-dashboard:
milestone:	none → 20.05

David Ames (thedac) on 2020-05-21

Changed in charm-openstack-dashboard:
status:	Fix Committed → Fix Released

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2020-05-27: Fix proposed to charm-openstack-dashboard (stable/19.07)

Fix proposed to branch: stable/19.07
Review: https://review.opendev.org/731083

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2020-05-27: Fix proposed to charm-openstack-dashboard (stable/19.10)

Fix proposed to branch: stable/19.10
Review: https://review.opendev.org/731084

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2020-05-27: Fix proposed to charm-openstack-dashboard (stable/20.02)

Fix proposed to branch: stable/20.02
Review: https://review.opendev.org/731086

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2021-12-16: Change abandoned on charm-openstack-dashboard (stable/19.07)

Change abandoned by "James Page <email address hidden>" on branch: stable/19.07
Review: https://review.opendev.org/c/openstack/charm-openstack-dashboard/+/731083
Reason: Review targets obsolete stable branch

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2021-12-16: Change abandoned on charm-openstack-dashboard (stable/19.10)

Change abandoned by "James Page <email address hidden>" on branch: stable/19.10
Review: https://review.opendev.org/c/openstack/charm-openstack-dashboard/+/731084
Reason: Review targets obsolete stable branch

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2022-01-04: Change abandoned on charm-openstack-dashboard (stable/20.02)

Change abandoned by "James Page <email address hidden>" on branch: stable/20.02
Review: https://review.opendev.org/c/openstack/charm-openstack-dashboard/+/731086
Reason: This review is > 12 weeks without comment and currently blocked by a core reviewer with a -2. We are abandoning this for now. Feel free to reactivate the review by pressing the restore button and contacting the reviewer with the -2 on this review to ensure you address their concerns.

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.