From: Alfonso Martínez <almartin@redhat.com>
Date: Thu, 25 Feb 2021 14:55:06 +0000 (+0100)
Subject: nautilus: mgr/dashboard: python 2: error when setting user's non-ASCII password
X-Git-Tag: v14.2.17~26^2
X-Git-Url: http://git-server-git.apps.pok.os.sepia.ceph.com/?a=commitdiff_plain;h=865b30f3083305c5f2af46d0814bc44ee90b2b9f;p=ceph.git

nautilus: mgr/dashboard: python 2: error when setting user's non-ASCII password

Fixes: https://tracker.ceph.com/issues/49278
Signed-off-by: Alfonso Martínez <almartin@redhat.com>
---

diff --git a/src/pybind/mgr/dashboard/services/access_control.py b/src/pybind/mgr/dashboard/services/access_control.py
index 16a31285f49..9ea7a01cd44 100644
--- a/src/pybind/mgr/dashboard/services/access_control.py
+++ b/src/pybind/mgr/dashboard/services/access_control.py
@@ -7,6 +7,7 @@ import errno
 import json
 import threading
 import time
+import six
 
 import bcrypt
 
@@ -24,6 +25,8 @@ from ..exceptions import RoleAlreadyExists, RoleDoesNotExist, ScopeNotValid, \
 def password_hash(password, salt_password=None):
     if not password:
         return None
+    if six.PY2:
+        password = unicode(password, 'utf-8') if isinstance(password, str) else password
     if not salt_password:
         salt_password = bcrypt.gensalt()
     else:
diff --git a/src/pybind/mgr/dashboard/tests/test_access_control.py b/src/pybind/mgr/dashboard/tests/test_access_control.py
index edc36fb5aa6..34452267558 100644
--- a/src/pybind/mgr/dashboard/tests/test_access_control.py
+++ b/src/pybind/mgr/dashboard/tests/test_access_control.py
@@ -4,6 +4,7 @@ from __future__ import absolute_import
 
 import errno
 import json
+import tempfile
 import time
 import unittest
 
@@ -559,7 +560,7 @@ class AccessControlTest(unittest.TestCase, CLICommandTestMixin):
     def test_sanitize_password(self):
         self.test_create_user()
         password = 'myPass\\n\\r\\n'
-        with open('/tmp/test_sanitize_password.txt', 'w+') as pwd_file:
+        with tempfile.TemporaryFile(mode='w+') as pwd_file:
             # Add new line separators (like some text editors when a file is saved).
             pwd_file.write('{}{}'.format(password, '\n\r\n\n'))
             pwd_file.seek(0)
@@ -568,6 +569,17 @@ class AccessControlTest(unittest.TestCase, CLICommandTestMixin):
             pass_hash = password_hash(password, user['password'])
             self.assertEqual(user['password'], pass_hash)
 
+    def test_unicode_password(self):
+        self.test_create_user()
+        password = '章鱼不是密码'
+        with tempfile.TemporaryFile(mode='w+') as pwd_file:
+            pwd_file.write(password)
+            pwd_file.seek(0)
+            user = self.exec_cmd('ac-user-set-password', username='admin',
+                                 inbuf=pwd_file.read(), force_password=True)
+            pass_hash = password_hash(password, user['password'])
+            self.assertEqual(user['password'], pass_hash)
+
     def test_set_user_password_nonexistent_user(self):
         with self.assertRaises(CmdException) as ctx:
             self.exec_cmd('ac-user-set-password', username='admin',