Add unit test for MB_PASSWORD_LENGTH (#31690)

[Fixes #29884]

Add unit test for MB_PASSWORD_LENGTH (#31690)
48ba0aed · Tim Macdonald · GitHub · 1fb0b3d9 · 48ba0aed · 48ba0aed
Unverified Commit 48ba0aed authored 1 year ago by Tim Macdonald Committed by GitHub 1 year ago
--- a/src/metabase/util/password.clj
+++ b/src/metabase/util/password.clj
@@ -13,7 +13,7 @@
  "Return a map of the counts of each class of character for `password`.

    (count-occurrences \"GoodPw!!\")
-      -> {:total  8, :lower 4, :upper 2, :letter 6, :digit 0, :special 2}"
+      -> {:total 8, :lower 4, :upper 2, :letter 6, :digit 0, :special 2}"
  [password]
  (loop [[^Character c & more] password, counts {:total 0, :lower 0, :upper 0, :letter 0, :digit 0, :special 0}]
    (if-not c
@@ -46,10 +46,10 @@
  [char-type->min password]
  {:pre [(map? char-type->min)
         (string? password)]}
-  (let [occurances (count-occurrences password)]
+  (let [occurences (count-occurrences password)]
    (boolean (loop [[[char-type min-count] & more] (seq char-type->min)]
               (if-not char-type true
-                 (when (>= (occurances char-type) min-count)
+                 (when (>= (occurences char-type) min-count)
                   (recur more)))))))

 (defn active-password-complexity

--- a/test/metabase/util/password_test.clj
+++ b/test/metabase/util/password_test.clj
@@ -81,6 +81,19 @@
          (is (= expected
                 (u.password/is-valid? input))))))))

+(deftest passsword-length-test
+  (testing "Password length can be set by the env variable MB_PASSWORD_LENGTH"
+    (mt/with-temp-env-var-value [:mb-password-length 3
+                                 :mb-password-complexity "weak"] ;; Don't confuse the issue with other complexity requirements
+      (doseq [[input expected] {"A"     false
+                                "AB"    false
+                                "ABC"   true
+                                "ABCD"  true
+                                "ABCD1" true}]
+        (testing (pr-str (list 'is-valid? input))
+          (is (= expected
+                 (u.password/is-valid? input))))))))
+
 (deftest ^:parallel hash-bcrypt-tests
  ;; these functions were copied from cemerick/friend and just call out to org.mindrot.jbcrypt.BCrypt so these tests
  ;; are a bit perfunctory
@@ -89,4 +102,4 @@
        hashed   (u.password/hash-bcrypt password)]
    (is (not= password hashed))
    (testing "Can verify our hashed passwords"
-     (is (u.password/bcrypt-verify password hashed) "Password did not verify"))))
+      (is (u.password/bcrypt-verify password hashed) "Password did not verify"))))