forked from grafana/grafana
-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathpassword_test.go
93 lines (90 loc) · 4.24 KB
/
password_test.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
package user
import (
"testing"
"github.com/grafana/grafana/pkg/setting"
"github.com/stretchr/testify/assert"
)
func TestPasswowrdService_ValidatePasswordHardcodePolicy(t *testing.T) {
LOWERCASE := "lowercase"
UPPERCASE := "UPPERCASE"
NUMBER := "123"
SYMBOLS := "!@#$%"
testCases := []struct {
expectedError error
name string
passwordTest string
strongPasswordPolicyEnabled bool
}{
{
name: "should return error when the password has less than 4 characters and strong password policy is disabled",
passwordTest: NUMBER,
expectedError: ErrPasswordTooShort.Errorf("new password is too short"),
strongPasswordPolicyEnabled: false,
},
{name: "should not return error when the password has 4 characters and strong password policy is disabled",
passwordTest: "test",
expectedError: nil,
strongPasswordPolicyEnabled: false,
},
{
name: "should return error when the password has less than 12 characters and strong password policy is enabled",
passwordTest: NUMBER,
expectedError: ErrPasswordPolicyInfringe.Errorf("new password is too short for the strong password policy"),
strongPasswordPolicyEnabled: true,
},
{
name: "should return error when the password is missing an uppercase character and strong password policy is enabled",
passwordTest: LOWERCASE + NUMBER + SYMBOLS,
expectedError: ErrPasswordPolicyInfringe.Errorf("new password doesn't comply with the password policy"),
strongPasswordPolicyEnabled: true,
},
{
name: "should return error when the password is missing a lowercase character and strong password policy is enabled",
passwordTest: UPPERCASE + NUMBER + SYMBOLS,
expectedError: ErrPasswordPolicyInfringe.Errorf("new password doesn't comply with the password policy"),
strongPasswordPolicyEnabled: true,
},
{
name: "should return error when the password is missing a number character and strong password policy is enabled",
passwordTest: LOWERCASE + UPPERCASE + SYMBOLS,
expectedError: ErrPasswordPolicyInfringe.Errorf("new password doesn't comply with the password policy"),
strongPasswordPolicyEnabled: true,
},
{
name: "should return error when the password is missing a symbol characters and strong password policy is enabled",
passwordTest: LOWERCASE + UPPERCASE + NUMBER,
expectedError: ErrPasswordPolicyInfringe.Errorf("new password doesn't comply with the password policy"),
strongPasswordPolicyEnabled: true,
},
{
name: "should not return error when the password has lowercase, uppercase, number and symbol and strong password policy is enabled",
passwordTest: LOWERCASE + UPPERCASE + NUMBER + SYMBOLS,
expectedError: nil,
strongPasswordPolicyEnabled: true,
},
{
name: "should not return error when the password has uppercase, number, symbol and lowercase and strong password policy is enabled",
passwordTest: UPPERCASE + NUMBER + SYMBOLS + LOWERCASE,
expectedError: nil,
strongPasswordPolicyEnabled: true,
},
{
name: "should not return error when the password has number, symbol, lowercase and uppercase and strong password policy is enabled",
passwordTest: NUMBER + SYMBOLS + LOWERCASE + UPPERCASE,
expectedError: nil,
strongPasswordPolicyEnabled: true,
},
{
name: "should not return error when the password has symbol, lowercase, uppercase and number and strong password policy is enabled",
passwordTest: SYMBOLS + LOWERCASE + UPPERCASE + NUMBER,
expectedError: nil,
strongPasswordPolicyEnabled: true,
},
}
for _, tc := range testCases {
cfg := setting.NewCfg()
cfg.BasicAuthStrongPasswordPolicy = tc.strongPasswordPolicyEnabled
err := ValidatePassword(tc.passwordTest, cfg)
assert.Equal(t, tc.expectedError, err)
}
}