From: Volker Theile Date: Thu, 2 Jan 2020 09:11:14 +0000 (+0100) Subject: mgr/dashboard: Various fixes X-Git-Tag: v15.1.0~236^2 X-Git-Url: http://git-server-git.apps.pok.os.sepia.ceph.com/?a=commitdiff_plain;h=bf567f4308132f1072c42a454fe85c8743b1be33;p=ceph.git mgr/dashboard: Various fixes * Remove scope and permission check from UserPasswordPolicy controller again, otherwise the Angular UI validator can't be executed for users without that privilege. * Remobe obsolete QA test. Signed-off-by: Volker Theile --- diff --git a/qa/tasks/mgr/dashboard/test_user.py b/qa/tasks/mgr/dashboard/test_user.py index f3ee8863a67..83972d93a67 100644 --- a/qa/tasks/mgr/dashboard/test_user.py +++ b/qa/tasks/mgr/dashboard/test_user.py @@ -391,15 +391,10 @@ class UserTest(DashboardTestCase): self._ceph_cmd(['dashboard', 'set-user-pwd-expiration-span', '0']) def test_validate_password_weak(self): - data = self._post('/api/user/validate_password', { + self._post('/api/user/validate_password', { 'password': 'mypassword1' }) self.assertStatus(200) - self.assertSchema(data, JObj(sub_elems={ - 'valid': JLeaf(bool), - 'credits': JLeaf(int), - 'valuation': JLeaf(str) - })) self.assertJsonBody({ 'valid': True, 'credits': 11, @@ -473,11 +468,3 @@ class UserTest(DashboardTestCase): 'credits': 0, 'valuation': 'Password must not be the same as the previous one.' }) - - @DashboardTestCase.RunAs('test', 'test', [{'user': ['read', 'delete']}]) - def test_validate_password_invalid_permissions(self): - self._post('/api/user/validate_password', { - 'password': 'foo' - }) - self.assertStatus(403) - self.assertError(detail='You don\'t have permissions to access that resource') diff --git a/src/pybind/mgr/dashboard/controllers/user.py b/src/pybind/mgr/dashboard/controllers/user.py index dfafb4ff71f..688f6008244 100644 --- a/src/pybind/mgr/dashboard/controllers/user.py +++ b/src/pybind/mgr/dashboard/controllers/user.py @@ -7,7 +7,7 @@ import time import cherrypy -from . import BaseController, ApiController, RESTController, Endpoint, CreatePermission +from . import BaseController, ApiController, RESTController, Endpoint from .. import mgr from ..exceptions import DashboardException, UserAlreadyExists, \ UserDoesNotExist, PasswordPolicyException, PwdExpirationDateNotValid @@ -37,6 +37,7 @@ def validate_password_policy(password, username=None, old_password=None): @ApiController('/user', Scope.USER) class User(RESTController): + @staticmethod def _user_to_dict(user): result = user.to_dict() @@ -139,11 +140,10 @@ class User(RESTController): return User._user_to_dict(user) -@ApiController('/user', Scope.USER) +@ApiController('/user') class UserPasswordPolicy(RESTController): @Endpoint('POST') - @CreatePermission def validate_password(self, password, username=None, old_password=None): """ Check if the password meets the password policy. @@ -173,6 +173,7 @@ class UserPasswordPolicy(RESTController): @ApiController('/user/{username}') class UserChangePassword(BaseController): + @Endpoint('POST') def change_password(self, username, old_password, new_password): session_username = JwtManager.get_username()