Project:
| View Issue Details[ Jump to Notes ] | [ Issue History ] [ Print ] | |||||||
| ID | ||||||||
| 0038187 | ||||||||
| Type | Category | Severity | Reproducibility | Date Submitted | Last Update | |||
| feature request | [Openbravo ERP] A. Platform | minor | always | 2018-03-21 11:10 | 2018-05-09 19:29 | |||
| Reporter | jarmendariz | View Status | public | |||||
| Assigned To | jarmendariz | |||||||
| Priority | normal | Resolution | fixed | Fixed in Version | 3.0PR18Q3 | |||
| Status | closed | Fix in branch | Fixed in SCM revision | dfa56c984c8a | ||||
| Projection | none | ETA | none | Target Version | ||||
| OS | Any | Database | Any | Java version | ||||
| OS Version | Database version | Ant version | ||||||
| Product Version | SCM revision | |||||||
| Review Assigned To | caristu | |||||||
| Web browser | ||||||||
| Modules | Core | |||||||
| Regression level | ||||||||
| Regression date | ||||||||
| Regression introduced in release | ||||||||
| Regression introduced by commit | ||||||||
| Triggers an Emergency Pack | No | |||||||
| Summary | 0038187: Change password should enforce a minimum password strength policy | |||||||
| Description | Currently, when a user changes their password, any password will be accepted no matter it is secure enough or not. A minimum password strength rule should be implemented in the places where the user's password can be changed. See http://wiki.openbravo.com/wiki/Projects:Password_Policy [^] | |||||||
| Steps To Reproduce | See above | |||||||
| Tags | No tags attached. | |||||||
| Attached Files | ||||||||
 Relationships [ Relation Graph ]
[ Dependency Graph ]
|
|||||||||||||||||
|
|||||||||||||||||
 Relationships |
|
Notes |
|
|
(0103901) hgbot (developer) 2018-04-16 14:36 |
Repository: tools/automation/int Changeset: ee05aa228a7dd930ebc048b411c26139b9787fac Author: Javier Armendáriz <javier.armendariz <at> openbravo.com> Date: Thu Apr 05 09:59:32 2018 +0200 URL: http://code.openbravo.com/tools/automation/int/rev/ee05aa228a7dd930ebc048b411c26139b9787fac [^] Related to issue 38187: Adding test cases to test password policy checks Refactored code and created test cases to test either login and user widget page checks for password strength --- M src-test/com/openbravo/test/integration/erp/data/generalsetup/security/user/UserData.java M src-test/com/openbravo/test/integration/erp/gui/LoginPage.java M src-test/com/openbravo/test/integration/erp/modules/client/application/navigationbarcomponents/gui/UserProfile.java A src-test/com/openbravo/test/integration/erp/data/ChangeExpiredPasswordData.java A src-test/com/openbravo/test/integration/erp/modules/client/application/testscripts/change_password/CheckPasswordFromLoginPage.java A src-test/com/openbravo/test/integration/erp/modules/client/application/testscripts/change_password/CheckPasswordFromUserProfile.java A src-test/com/openbravo/test/integration/erp/modules/client/application/testscripts/change_password/CreateTemporaryUserTest.java --- |
|
(0103902) hgbot (developer) 2018-04-16 14:36 |
Repository: tools/automation/int Changeset: a582f0cddc533eee5f109ec3346158490c1942f0 Author: Javier Armendáriz <javier.armendariz <at> openbravo.com> Date: Thu Apr 05 10:00:07 2018 +0200 URL: http://code.openbravo.com/tools/automation/int/rev/a582f0cddc533eee5f109ec3346158490c1942f0 [^] Related to issue 38187: Fixing change password test. Modified NAV0050 test to use a temporary user instead of the admin one and changed the new password to a more secure one in order to make it pass. --- M src-test/com/openbravo/test/integration/erp/modules/client/application/testscripts/navigationbarcomponents/userprofile/ChangePassword.java M src-test/com/openbravo/test/integration/erp/modules/client/application/testsuites/navigationbarcomponents/NAV0050_ChangePassword.java --- |
|
(0103926) hgbot (developer) 2018-04-17 08:51 |
Repository: erp/devel/pi Changeset: dfa56c984c8a52892a9791bdfe04de023a3b58a6 Author: Javier Armendáriz <javier.armendariz <at> openbravo.com> Date: Tue Apr 17 08:36:29 2018 +0200 URL: http://code.openbravo.com/erp/devel/pi/rev/dfa56c984c8a52892a9791bdfe04de023a3b58a6 [^] Fixes issue 38187: Enforce minimum password strength policy --- M modules/org.openbravo.client.application/src-db/database/sourcedata/AD_MESSAGE.xml M modules/org.openbravo.client.application/src/org/openbravo/client/application/navigationbarcomponents/UserInfoWidgetActionHandler.java M modules/org.openbravo.client.application/web/org.openbravo.client.application/js/navbar/ob-user-profile-widget.js M src-db/database/sourcedata/AD_MESSAGE.xml M src-test/src/org/openbravo/test/AllAntTaskTests.java M src-test/src/org/openbravo/test/AllQuickAntTaskTests.java M src-test/src/org/openbravo/test/AllTests.java M src-test/src/org/openbravo/test/AntTaskTests.java M src/org/openbravo/base/secureApp/LoginHandler.java M src/org/openbravo/erpCommon/security/Login.java A src-test/src/org/openbravo/test/security/PasswordStrengthCheckerTest.java A src/org/openbravo/authentication/ChangePasswordException.java A src/org/openbravo/service/password/PasswordStrengthChecker.java --- |
|
(0103927) hgbot (developer) 2018-04-17 08:52 |
Repository: erp/pmods/org.openbravo.mobile.core Changeset: 7831ad26106868d1132df60b4d874716a1a0ea0d Author: Javier Armendáriz <javier.armendariz <at> openbravo.com> Date: Tue Apr 17 08:43:31 2018 +0200 URL: http://code.openbravo.com/erp/pmods/org.openbravo.mobile.core/rev/7831ad26106868d1132df60b4d874716a1a0ea0d [^] Related to issue 38187: Enforce minimum password strength policy --- M src-db/database/sourcedata/AD_MESSAGE.xml M web/org.openbravo.mobile.core/assets/css/ob-login.css M web/org.openbravo.mobile.core/source/component/dialog/ob-expirationpassword.js M web/org.openbravo.mobile.core/source/model/ob-terminal-model.js --- |
|
(0103928) hgbot (developer) 2018-04-17 08:52 |
Repository: tools/automation/pi-mobile Changeset: 37b4d64b4f10c799cccf0e7f8f8762e44e1d7edd Author: Javier Armendáriz <javier.armendariz <at> openbravo.com> Date: Thu Apr 05 16:35:12 2018 +0200 URL: http://code.openbravo.com/tools/automation/pi-mobile/rev/37b4d64b4f10c799cccf0e7f8f8762e44e1d7edd [^] Related to issue 38187: Adding test case for Login screen. Adding a test case to verify that password policy is enforced in POS as well as the rest of the system. --- M src-test/org/openbravo/test/mobile/retail/mobilecore/selenium/TestIdCore.java M src-test/org/openbravo/test/mobile/retail/mobilecore/selenium/terminals/MobileCoreTerminalHelper.java M src-test/org/openbravo/test/mobile/retail/pack/selenium/tests/system/I31796_ChangePassword.java A src-test/org/openbravo/test/mobile/retail/pack/selenium/tests/loginout/ChangeExpiredPassword.java --- |
|
(0103969) hgbot (developer) 2018-04-18 12:51 |
Repository: tools/automation/pi-mobile Changeset: 82fe485ff492d9ffde2999c16c304dfda13f6376 Author: Javier Armendáriz <javier.armendariz <at> openbravo.com> Date: Tue Apr 17 11:11:32 2018 +0200 URL: http://code.openbravo.com/tools/automation/pi-mobile/rev/82fe485ff492d9ffde2999c16c304dfda13f6376 [^] Related to issue 38187: Improved login with expired user test. Improved test case by removing the test user after the test finishes and leaving the terminal logged in. --- M src-test/org/openbravo/test/mobile/retail/mobilecore/selenium/TestIdCore.java M src-test/org/openbravo/test/mobile/retail/pack/selenium/tests/loginout/ChangeExpiredPassword.java --- |
|
(0104224) caristu (developer) 2018-05-03 10:21 |
Reviewed as part of the project. See[1]. [1] https://docs.google.com/spreadsheets/d/1VX7w33pevIRnQ20aT7Uy5gX3WgoKMIMXLS9IwhZMFY4/edit#gid=0 [^] |
|
(0104383) hudsonbot (developer) 2018-05-09 19:29 |
A changeset related to this issue has been promoted main and to the Central Repository, after passing a series of tests. Promotion changeset: https://code.openbravo.com/erp/devel/main/rev/2be7d3efe606 [^] Maturity status: Test |
|
Notes |
|
Issue History |
|||
| Date Modified | Username | Field | Change |
| 2018-03-21 11:10 | jarmendariz | New Issue | |
| 2018-03-21 11:10 | jarmendariz | Assigned To | => platform |
| 2018-03-21 11:10 | jarmendariz | Modules | => Core |
| 2018-03-21 11:10 | jarmendariz | Triggers an Emergency Pack | => No |
| 2018-03-21 11:12 | jarmendariz | Assigned To | platform => jarmendariz |
| 2018-03-21 11:12 | jarmendariz | Status | new => scheduled |
| 2018-03-23 10:15 | caristu | Relationship added | related to 0037838 |
| 2018-04-13 10:29 | jarmendariz | Relationship added | blocks 0038362 |
| 2018-04-16 14:36 | hgbot | Checkin | |
| 2018-04-16 14:36 | hgbot | Note Added: 0103901 | |
| 2018-04-16 14:36 | hgbot | Checkin | |
| 2018-04-16 14:36 | hgbot | Note Added: 0103902 | |
| 2018-04-17 08:51 | hgbot | Checkin | |
| 2018-04-17 08:51 | hgbot | Note Added: 0103926 | |
| 2018-04-17 08:51 | hgbot | Status | scheduled => resolved |
| 2018-04-17 08:51 | hgbot | Resolution | open => fixed |
| 2018-04-17 08:51 | hgbot | Fixed in SCM revision | => http://code.openbravo.com/erp/devel/pi/rev/dfa56c984c8a52892a9791bdfe04de023a3b58a6 [^] |
| 2018-04-17 08:52 | hgbot | Checkin | |
| 2018-04-17 08:52 | hgbot | Note Added: 0103927 | |
| 2018-04-17 08:52 | hgbot | Checkin | |
| 2018-04-17 08:52 | hgbot | Note Added: 0103928 | |
| 2018-04-18 12:51 | hgbot | Checkin | |
| 2018-04-18 12:51 | hgbot | Note Added: 0103969 | |
| 2018-04-27 13:25 | alostale | Review Assigned To | => caristu |
| 2018-05-03 10:21 | caristu | Note Added: 0104224 | |
| 2018-05-03 10:21 | caristu | Status | resolved => closed |
| 2018-05-03 10:21 | caristu | Fixed in Version | => 3.0PR18Q3 |
| 2018-05-09 19:29 | hudsonbot | Checkin | |
| 2018-05-09 19:29 | hudsonbot | Note Added: 0104383 | |
|
Issue History |
| Copyright © 2000 - 2009 MantisBT Group |
 |