Commit 080effa6 authored by Mark Caglienzi's avatar Mark Caglienzi
Browse files

Merge branch 't14152' into fuss/jessie

parents 18db2528 29b9447f
octonet (0.2.51.5-2) UNRELEASED; urgency=medium
octonet (0.2.51.6-1) unstable; urgency=medium
[ Elena Grandi ]
* Provide a (commented out) configuration to setup logging.
-- Elena Grandi <elena@truelite.it> Mon, 21 Oct 2019 10:35:35 +0200
[ Mark Caglienzi ]
* Disallow passwords that contain non-ASCII characters when creating or
editing users, because non-ASCII passwords cause problems to http
basic auth, that is used (for example) by squid.
-- Mark Caglienzi <mark@truelite.it> Wed, 11 Dec 2019 11:56:47 +0100
octonet (0.2.51.5-1) unstable; urgency=medium
......
......@@ -13,7 +13,7 @@ def list_locale_files():
setup(
name='octonet',
description='OctoNet',
version='0.2.51.5',
version='0.2.51.6',
license='GPL3',
author='Truelite S.r.l.',
author_email='info@truelite.it',
......
......@@ -346,11 +346,36 @@ class UserForm(FormControlClassMixin, forms.Form):
raise forms.ValidationError(_("The home directory must be a subdirectory of /home/"), code="home_outside_homes")
return val
# refs #14152
def is_ascii(self, password):
# Only accept standard ASCII characters
try:
# https://stackoverflow.com/a/32357552
password.encode("ascii")
return True
except UnicodeEncodeError:
return False
# refs #14152
def clean_password1(self):
password = self.cleaned_data['password1']
if not self.is_ascii(password):
raise forms.ValidationError(_("Password can contain ASCII characters only", code="non_ascii_password"))
return password
# refs #14152
def clean_password2(self):
password = self.cleaned_data['password2']
if not self.is_ascii(password):
raise forms.ValidationError(_("Password can contain ASCII characters only", code="non_ascii_password"))
return password
def clean(self):
password1 = self.cleaned_data["password1"]
password2 = self.cleaned_data["password2"]
password1 = self.cleaned_data.get("password1", None)
password2 = self.cleaned_data.get("password2", None)
if password1 and password1 != password2:
# refs #14152
if (password1 and password2) and (password1 != password2):
raise forms.ValidationError(_("Passwords don't match"), code="password_mismatch")
return self.cleaned_data
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment