diff --git a/src/yunohost/app.py b/src/yunohost/app.py index db0bb1bee..3231c58ed 100644 --- a/src/yunohost/app.py +++ b/src/yunohost/app.py @@ -2252,8 +2252,8 @@ def _parse_action_args_in_yunohost_format(args, action_args, auth=None): m18n.n('app_argument_choice_invalid', name=arg_name, choices='yes, no, y, n, 1, 0')) elif arg_type == 'password': - from yunohost.utils.password import LoggerPasswordValidator - LoggerPasswordValidator('user').validate(arg_value) + from yunohost.utils.password import assert_password_is_strong_enough + assert_password_is_strong_enough('user', arg_value) args_dict[arg_name] = arg_value # END loop over action_args... diff --git a/src/yunohost/tools.py b/src/yunohost/tools.py index f18bdf8c9..f58a7880f 100644 --- a/src/yunohost/tools.py +++ b/src/yunohost/tools.py @@ -129,9 +129,10 @@ def tools_adminpw(auth, new_password): """ from yunohost.user import _hash_user_password - from yunohost.utils.password import LoggerPasswordValidator + from yunohost.utils.password import assert_password_is_strong_enough + + assert_password_is_strong_enough("admin", new_password) - LoggerPasswordValidator('admin').validate(new_password) try: auth.update("cn=admin", { "userPassword": _hash_user_password(new_password), @@ -152,8 +153,9 @@ def tools_validatepw(password): password """ - from yunohost.utils.password import LoggerPasswordValidator - LoggerPasswordValidator('user').validate(password) + + from yunohost.utils.password import assert_password_is_strong_enough + assert_password_is_strong_enough("user", password) @is_unit_operation() @@ -279,6 +281,8 @@ def tools_postinstall(operation_logger, domain, password, ignore_dyndns=False, password -- YunoHost admin password """ + from yunohost.utils.password import assert_password_is_strong_enough + dyndns_provider = "dyndns.yunohost.org" # Do some checks at first @@ -288,8 +292,7 @@ def tools_postinstall(operation_logger, domain, password, ignore_dyndns=False, # Check password if not force_password: - from yunohost.utils.password import LoggerPasswordValidator - LoggerPasswordValidator('admin').validate(password) + assert_password_is_strong_enough("admin", password) if not ignore_dyndns: # Check if yunohost dyndns can handle the given domain diff --git a/src/yunohost/user.py b/src/yunohost/user.py index d08e39e8c..083030bd4 100644 --- a/src/yunohost/user.py +++ b/src/yunohost/user.py @@ -117,10 +117,10 @@ def user_create(operation_logger, auth, username, firstname, lastname, mail, pas from yunohost.domain import domain_list, _get_maindomain from yunohost.hook import hook_callback from yunohost.app import app_ssowatconf + from yunohost.utils.password import assert_password_is_strong_enough # Ensure sufficiently complex password - from yunohost.utils.password import LoggerPasswordValidator - LoggerPasswordValidator('user').validate(password) + assert_password_is_strong_enough("user", password) # Validate uniqueness of username and mail in LDAP auth.validate_uniqueness({ @@ -284,6 +284,7 @@ def user_update(operation_logger, auth, username, firstname=None, lastname=None, """ from yunohost.domain import domain_list from yunohost.app import app_ssowatconf + from yunohost.utils.password import assert_password_is_strong_enough attrs_to_fetch = ['givenName', 'sn', 'mail', 'maildrop'] new_attr_dict = {} @@ -309,8 +310,7 @@ def user_update(operation_logger, auth, username, firstname=None, lastname=None, if change_password: # Ensure sufficiently complex password - from yunohost.utils.password import LoggerPasswordValidator - LoggerPasswordValidator('user').validate(change_password) + assert_password_is_strong_enough("user", password) new_attr_dict['userPassword'] = _hash_user_password(change_password) diff --git a/src/yunohost/utils/password.py b/src/yunohost/utils/password.py index 75fbf2d74..b1aa9050d 100644 --- a/src/yunohost/utils/password.py +++ b/src/yunohost/utils/password.py @@ -38,6 +38,8 @@ STRENGTH_LEVELS = [ (12, 1, 1, 1, 1), ] +def assert_password_is_strong_enough(profile, password): + PasswordValidator(profile).validate(password) class PasswordValidator(object):