check password complexity in backend

2021-03-19 19:18:31 +01:00 · 2021-03-19 19:18:31 +01:00 · 8a837cdeef
commit 8a837cdeef
parent 656410c031
3 changed files with 8 additions and 2 deletions
--- a/hsarback/.classpath
+++ b/hsarback/.classpath
@ -37,6 +37,6 @@
 	<classpathentry kind="lib" path="lib/org.apache.bval.bundle-0.5.jar"/>
 	<classpathentry kind="lib" path="lib/serp-1.15.1.jar"/>
 	<classpathentry kind="lib" path="lib/xbean-asm6-shaded-4.8.jar"/>
-	<classpathentry kind="lib" path="lib/hsadmin-util-4.0.3-SNAPSHOT.jar"/>
+	<classpathentry kind="lib" path="lib/hsadmin-util-4.0.4-SNAPSHOT.jar"/>
 	<classpathentry kind="output" path="bin"/>
 </classpath>
--- a/hsarback/lib/hsadmin-util-4.0.4-SNAPSHOT.jar
+++ b/hsarback/lib/hsadmin-util-4.0.4-SNAPSHOT.jar
--- a/hsarback/src/de/hsadmin/mods/user/UnixUserModuleImpl.java
+++ b/hsarback/src/de/hsadmin/mods/user/UnixUserModuleImpl.java
@ -11,6 +11,7 @@ import de.hsadmin.core.model.AbstractModuleImpl;
 import de.hsadmin.core.model.AuthorisationException;
 import de.hsadmin.core.model.Transaction;
 import de.hsadmin.core.util.HSAdminException;
 import de.hsadmin.core.util.PasswordTool;
 import de.hsadmin.hostsharing.BasePacType;
 import de.hsadmin.hostsharing.MultiOption;
 import de.hsadmin.mods.pac.Pac;
@ -98,6 +99,7 @@ public class UnixUserModuleImpl extends AbstractModuleImpl {
 		if (passWord.indexOf(':') >= 0) {
 			throw new AuthorisationException(loginUser, "add", newUnixUser, "userId");
 		}
 		PasswordTool.checkPasswordComplexity(passWord);
 		Query qPac = em.createQuery("SELECT obj FROM Pacs obj WHERE obj.name = :pacName");
 		qPac.setParameter("pacName", userName.substring(0, 5));
 		Object singleResult = qPac.getSingleResult();
@ -164,7 +166,11 @@ public class UnixUserModuleImpl extends AbstractModuleImpl {
 		if (!attachedUnixUser.getName().equals(detachedUnixUser.getName())) {
 			throw new AuthorisationException(loginUser, "update", detachedUnixUser, "name");
 		}
-		attachedUnixUser.setPassword(detachedUnixUser.getPassword());
+		final String passWord = detachedUnixUser.getPassword();
 		if (passWord != null && passWord.length() > 0) {
 			PasswordTool.checkPasswordComplexity(passWord);
 			attachedUnixUser.setPassword(passWord);
 		}
 		if (hasFullAccessOnPacOf(attachedUnixUser)) {
 			attachedUnixUser.setComment(detachedUnixUser.getComment());
 			attachedUnixUser.setHomedir(detachedUnixUser.getHomedir());