OpenStack Dashboard (Horizon)

Password requirement check on user create / change incomplete

Bug #1897253 reported by Walter
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
OpenStack Dashboard (Horizon)
In Progress
Undecided
Walter

Bug Description

Version: OpenStack Horizon stable/ussri (18.3.2-12-gc348787fa)

** Action **

When doing:
- create user, or
- change password
using a password that does not meet the keystone requirements.

** Expected behaviour **

- Horizon interface should print error with "password_regex_description" contents.
- Input field should not be closed, but left open, so user can fix the problem.
- Error logs should report the original warning.

** Actual behaviour **

- If there is a line feed in the description, the regex_description is not parsed (uses re.MULTILINE instead of re.DOTALL).
- The edit-window is closed instead of left open for editing (missing "return False").
- The log message is eaten by ignore=True, making it harder to debugging problems.
- The create-user window simply reported "Error: Unable to create user." without any further info, closing the edit-window.

** Related bugs **

- #1838003 - "Horizon hides password requirements"

** Fixes **

- https://github.com/ossobv/horizon/commit/4b9a0d8cf84e85e8b93092818b52c7fb859b310b

Cheers,
Walter Doekes
OSSO B.V.

Revision history for this message
Walter (wdoekes) wrote :
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to horizon (master)

Fix proposed to branch: master
Review: https://review.opendev.org/760302

Changed in horizon:
assignee: nobody → wdoekes (walter+ubuntu)
status: New → In Progress
Revision history for this message
Vishal Manchanda (vishalmanchanda) wrote :

branch: master
Hi, Could you add more details on how can I reproduce this bug?
I have tried the below steps:

1) I have enabled regular expression to validate in my local_settings.py file and added a regular expression acc. to which my password First letters need to be Capital and it would include a special character.
2) Change help_text in my local_settings.py file [0].
3) I tried to create a user with "test123" password and I am already getting an error in the Change Password Form (help_text in my case).
4) I have also tried it with "update password".

Question: What's the issue here, please let me know what I have missed?

[0] https://github.com/openstack/horizon/blob/4e0ee573db4561dc7e0c10835d31d73eddb12aca/openstack_dashboard/local/local_settings.py.example#L128

Revision history for this message
Walter (wdoekes) wrote :

Hi there Vishal,

1) password_regex_description is a Keystone configuration setting: if you add linefeeds there, then parsing the message in Horizon fails (that's what the DOTALL fixes).

2) help_text in local_settings is unrelated.

3) I'm using ussuri, so if you're reproducing this in victoria, things may be different.

4) see (1)

Revision history for this message
Walter (wdoekes) wrote :

correction: 4) see (1) and (3)

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Change abandoned on horizon (master)

Change abandoned by "Vishal Manchanda <email address hidden>" on branch: master
Review: https://review.opendev.org/c/openstack/horizon/+/760302
Reason: Abandoned

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.