Skip password verification for PAM users (bsc#1245398) #10523
Conversation
|
👋 Hello! Thanks for contributing to our project. You can see the progress at the end of this page and at https://github.com/uyuni-project/uyuni/pull/10523/checks If you are unsure the failing tests are related to your code, you can check the "reference jobs". These are jobs that run on a scheduled time with code from master. If they fail for the same reason as your build, it means the tests or the infrastructure are broken. If they do not fail, but yours do, it means it is related to your code. Reference tests: KNOWN ISSUES Sometimes the build can fail when pulling new jar files from download.opensuse.org . This is a known limitation. Given this happens rarely, when it does, all you need to do is rerun the test. Sorry for the inconvenience. For more tips on troubleshooting, see the troubleshooting guide. Happy hacking! |
aaannz
changed the title
This commit changes how PAM users password verification works. Instead of relying on additional variable, which was not correctly set, always rely on user PAM settings. Also use PAM settings only in the actual password set routine in order not to hide some potentional future errors.
aaannz
force-pushed
the
no-pass-validation-on-pam
branch
from
699f684 to
f816d2f
Compare
aaannz
requested review from
CDellaGiusta and
Serp1co
and removed request for
a team
| @@ -85,7 +86,7 @@ public CreateUserCommand() { | |||
| public ValidatorError[] validate() { | |||
| errors = new ArrayList<>(); //clear validation errors | |||
|
|
|||
| if (passwordErrors != null && !user.getUsePamAuthentication()) { | |||
There was a problem hiding this comment.
Shouldn't we still enforce this: !user.getUsePamAuthentication() ? (i think we already do it somewhere up the flow and here the passwordErrors array will always be null)
just a nitpick, not really needed i think.
There was a problem hiding this comment.
Indeed it is done in the setPassword below. So we should not have any passwordErrors in case of PAM auth and if we have, it is a bug and IMO validator should report it.
What does this PR change?
This commit changes how PAM users password verification works. Instead of relying on additional variable, which was not correctly set, always rely on user PAM settings.
Also use PAM settings only in the actual password set routine in order not to hide some potential future errors.
GUI diff
No difference.
Documentation
No documentation needed: only internal and user invisible changes
DONE
Test coverage
ℹ️ If a major new functionality is added, it is strongly recommended that tests for the new functionality are added to the Cucumber test suite
Unit tests were added
DONE
Links
Issue(s): https://github.com/SUSE/spacewalk/issues/27630
Port(s): https://github.com/SUSE/spacewalk/pull/27639
Changelogs
Make sure the changelogs entries you are adding are compliant with https://github.com/uyuni-project/uyuni/wiki/Contributing#changelogs and https://github.com/uyuni-project/uyuni/wiki/Contributing#uyuni-projectuyuni-repository
If you don't need a changelog check, please mark this checkbox:
If you uncheck the checkbox after the PR is created, you will need to re-run
changelog_test(see below)Re-run a test
If you need to re-run a test, please mark the related checkbox, it will be unchecked automatically once it has re-run:
Before you merge
Check How to branch and merge properly!