Elgato_dark/fleet
1
0
Fork 0
mirror of https://github.com/fleetdm/fleet synced 2026-05-23 00:49:03 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 106
fleet/server/service/validation_users.go

203 lines
5.3 KiB
Go
Raw Normal View History

Organizing go code (#241)
2016-09-26 18:48:55 +00:00
package service
update user service (#101) - Added all required methods for a UserService - Added authentication handlers `/api/login` and `/api/logout` - Added authMiddleware for authentication for `/api/v1/kolide` path - Added authorization middleware for each endoint - Added validation middleware for validating API inputs - Began work on logging middleware
2016-09-01 04:51:38 +00:00
import (
Update go-kit to 0.4.0 (#1411) Notable refactoring: - Use stdlib "context" in place of "golang.org/x/net/context" - Go-kit no longer wraps errors, so we remove the unwrap in transport_error.go - Use MakeHandler when setting up endpoint tests (fixes test bug caught during this refactoring) Closes #1411.
2017-03-15 15:55:30 +00:00
"context"
Validate password requirements (#962) Add validation for user password creation/reset - at least 7 chars - 1 number - 1 symbol consolidated service errors to a single file.
2017-01-15 23:23:09 +00:00
"errors"
"unicode"
Allow with Logins with email address (#174) The Auth service now accepts emails in the username field The UserService now rejects user creation if the user has @ in the username.
2016-09-15 19:27:55 +00:00
Use new error handling approach in other packages (#2954)
2021-11-22 14:13:26 +00:00
"github.com/fleetdm/fleet/v4/server/contexts/ctxerr"
Add v4 suffix in go.mod (#1224)
2021-06-26 04:46:51 +00:00
"github.com/fleetdm/fleet/v4/server/contexts/viewer"
"github.com/fleetdm/fleet/v4/server/fleet"
update user service (#101) - Added all required methods for a UserService - Added authentication handlers `/api/login` and `/api/logout` - Added authMiddleware for authentication for `/api/v1/kolide` path - Added authorization middleware for each endoint - Added validation middleware for validating API inputs - Began work on logging middleware
2016-09-01 04:51:38 +00:00
)
Remove kolide types and packages from backend (#974) Generally renamed `kolide` -> `fleet`
2021-06-06 22:07:29 +00:00
func (mw validationMiddleware) CreateUserFromInvite(ctx context.Context, p fleet.UserPayload) (*fleet.User, error) {
invalid := &fleet.InvalidArgumentError{}
Remove username from UI (#1168) * Remove username from UI code * Remove username from tests * Remove username from database * Modify server endpoints for removing username * Implement backend aspects of removing username * Update API docs * Add name to fleetctl
2021-06-24 20:42:29 +00:00
if p.Name == nil {
invalid.Append("name", "Full name missing required argument")
Improve user endpoint validations (#642) - Add empty string checks for NewUser - Create validations for ModifyUser - Use GravatarURL when creating new user Fixes #620
2016-12-15 17:28:53 +00:00
} else {
Remove username from UI (#1168) * Remove username from UI code * Remove username from tests * Remove username from database * Modify server endpoints for removing username * Implement backend aspects of removing username * Update API docs * Add name to fleetctl
2021-06-24 20:42:29 +00:00
if *p.Name == "" {
invalid.Append("name", "Full name cannot be empty")
Improve user endpoint validations (#642) - Add empty string checks for NewUser - Create validations for ModifyUser - Use GravatarURL when creating new user Fixes #620
2016-12-15 17:28:53 +00:00
}
Allow with Logins with email address (#174) The Auth service now accepts emails in the username field The UserService now rejects user creation if the user has @ in the username.
2016-09-15 19:27:55 +00:00
}
Improve user endpoint validations (#642) - Add empty string checks for NewUser - Create validations for ModifyUser - Use GravatarURL when creating new user Fixes #620
2016-12-15 17:28:53 +00:00
Add SSO support to new user activation (#1504) Closes #1502. This PR adds support for SSO to the new user creation process. An admin now has the option to select SSO when creating a new user. When the confirmation form is submitted, the user is automatically authenticated with the IDP, and if successful, is redirected to the Kolide home page. Password authentication, password change and password reset are not allowed for an SSO user.
2017-05-10 16:26:05 +00:00
// we don't need a password for single sign on
General simplification in go part (#1658) * don't check if error is nil, return it * don't compare bool to bool, use it * don't supply capacity to make for slice when len is equal to cap
2017-12-04 14:43:43 +00:00
if p.SSOInvite == nil || !*p.SSOInvite {
Add SSO support to new user activation (#1504) Closes #1502. This PR adds support for SSO to the new user creation process. An admin now has the option to select SSO when creating a new user. When the confirmation form is submitted, the user is automatically authenticated with the IDP, and if successful, is redirected to the Kolide home page. Password authentication, password change and password reset are not allowed for an SSO user.
2017-05-10 16:26:05 +00:00
if p.Password == nil {
Remove username from UI (#1168) * Remove username from UI code * Remove username from tests * Remove username from database * Modify server endpoints for removing username * Implement backend aspects of removing username * Update API docs * Add name to fleetctl
2021-06-24 20:42:29 +00:00
invalid.Append("password", "Password missing required argument")
Add SSO support to new user activation (#1504) Closes #1502. This PR adds support for SSO to the new user creation process. An admin now has the option to select SSO when creating a new user. When the confirmation form is submitted, the user is automatically authenticated with the IDP, and if successful, is redirected to the Kolide home page. Password authentication, password change and password reset are not allowed for an SSO user.
2017-05-10 16:26:05 +00:00
} else {
if *p.Password == "" {
Remove username from UI (#1168) * Remove username from UI code * Remove username from tests * Remove username from database * Modify server endpoints for removing username * Implement backend aspects of removing username * Update API docs * Add name to fleetctl
2021-06-24 20:42:29 +00:00
invalid.Append("password", "Password cannot be empty")
Add SSO support to new user activation (#1504) Closes #1502. This PR adds support for SSO to the new user creation process. An admin now has the option to select SSO when creating a new user. When the confirmation form is submitted, the user is automatically authenticated with the IDP, and if successful, is redirected to the Kolide home page. Password authentication, password change and password reset are not allowed for an SSO user.
2017-05-10 16:26:05 +00:00
}
if err := validatePasswordRequirements(*p.Password); err != nil {
invalid.Append("password", err.Error())
}
Validate password requirements (#962) Add validation for user password creation/reset - at least 7 chars - 1 number - 1 symbol consolidated service errors to a single file.
2017-01-15 23:23:09 +00:00
}
update user service (#101) - Added all required methods for a UserService - Added authentication handlers `/api/login` and `/api/logout` - Added authMiddleware for authentication for `/api/v1/kolide` path - Added authorization middleware for each endoint - Added validation middleware for validating API inputs - Began work on logging middleware
2016-09-01 04:51:38 +00:00
}
Improve user endpoint validations (#642) - Add empty string checks for NewUser - Create validations for ModifyUser - Use GravatarURL when creating new user Fixes #620
2016-12-15 17:28:53 +00:00
update user service (#101) - Added all required methods for a UserService - Added authentication handlers `/api/login` and `/api/logout` - Added authMiddleware for authentication for `/api/v1/kolide` path - Added authorization middleware for each endoint - Added validation middleware for validating API inputs - Began work on logging middleware
2016-09-01 04:51:38 +00:00
if p.Email == nil {
Remove username from UI (#1168) * Remove username from UI code * Remove username from tests * Remove username from database * Modify server endpoints for removing username * Implement backend aspects of removing username * Update API docs * Add name to fleetctl
2021-06-24 20:42:29 +00:00
invalid.Append("email", "Email missing required argument")
Improve user endpoint validations (#642) - Add empty string checks for NewUser - Create validations for ModifyUser - Use GravatarURL when creating new user Fixes #620
2016-12-15 17:28:53 +00:00
} else {
if *p.Email == "" {
Remove username from UI (#1168) * Remove username from UI code * Remove username from tests * Remove username from database * Modify server endpoints for removing username * Implement backend aspects of removing username * Update API docs * Add name to fleetctl
2021-06-24 20:42:29 +00:00
invalid.Append("email", "Email cannot be empty")
Improve user endpoint validations (#642) - Add empty string checks for NewUser - Create validations for ModifyUser - Use GravatarURL when creating new user Fixes #620
2016-12-15 17:28:53 +00:00
}
nicer validation errors (#180)
2016-09-16 15:23:48 +00:00
}
Improve user endpoint validations (#642) - Add empty string checks for NewUser - Create validations for ModifyUser - Use GravatarURL when creating new user Fixes #620
2016-12-15 17:28:53 +00:00
Adds endpoints to invite new users to the application. (#235) User service checks that tokens are valid on new user signups. Closes #230
2016-09-29 02:44:05 +00:00
if p.InviteToken == nil {
Remove username from UI (#1168) * Remove username from UI code * Remove username from tests * Remove username from database * Modify server endpoints for removing username * Implement backend aspects of removing username * Update API docs * Add name to fleetctl
2021-06-24 20:42:29 +00:00
invalid.Append("invite_token", "Invite token missing required argument")
Improve user endpoint validations (#642) - Add empty string checks for NewUser - Create validations for ModifyUser - Use GravatarURL when creating new user Fixes #620
2016-12-15 17:28:53 +00:00
} else {
if *p.InviteToken == "" {
Remove username from UI (#1168) * Remove username from UI code * Remove username from tests * Remove username from database * Modify server endpoints for removing username * Implement backend aspects of removing username * Update API docs * Add name to fleetctl
2021-06-24 20:42:29 +00:00
invalid.Append("invite_token", "Invite token cannot be empty")
Improve user endpoint validations (#642) - Add empty string checks for NewUser - Create validations for ModifyUser - Use GravatarURL when creating new user Fixes #620
2016-12-15 17:28:53 +00:00
}
Adds endpoints to invite new users to the application. (#235) User service checks that tokens are valid on new user signups. Closes #230
2016-09-29 02:44:05 +00:00
}
Improve user endpoint validations (#642) - Add empty string checks for NewUser - Create validations for ModifyUser - Use GravatarURL when creating new user Fixes #620
2016-12-15 17:28:53 +00:00
Adds endpoints to invite new users to the application. (#235) User service checks that tokens are valid on new user signups. Closes #230
2016-09-29 02:44:05 +00:00
if invalid.HasErrors() {
Use new error handling approach in other packages (#2954)
2021-11-22 14:13:26 +00:00
return nil, ctxerr.Wrap(ctx, invalid)
update user service (#101) - Added all required methods for a UserService - Added authentication handlers `/api/login` and `/api/logout` - Added authMiddleware for authentication for `/api/v1/kolide` path - Added authorization middleware for each endoint - Added validation middleware for validating API inputs - Began work on logging middleware
2016-09-01 04:51:38 +00:00
}
Add authorization checks in service (#938) - Add policy.rego file defining authorization policies. - Add Go integrations to evaluate Rego policies (via OPA). - Add middleware to ensure requests without authorization check are rejected (guard against programmer error). - Add authorization checks to most service endpoints.
2021-06-03 23:24:15 +00:00
return mw.Service.CreateUserFromInvite(ctx, p)
Implement fleetctl user create (#9) - Allow user creation via `fleetctl user create` - Cleanup and rename existing methods for clarity Fixes https://github.com/kolide/fleet/issues/2306
2020-11-05 01:06:55 +00:00
}
Remove kolide types and packages from backend (#974) Generally renamed `kolide` -> `fleet`
2021-06-06 22:07:29 +00:00
func (mw validationMiddleware) CreateUser(ctx context.Context, p fleet.UserPayload) (*fleet.User, error) {
invalid := &fleet.InvalidArgumentError{}
Remove username from UI (#1168) * Remove username from UI code * Remove username from tests * Remove username from database * Modify server endpoints for removing username * Implement backend aspects of removing username * Update API docs * Add name to fleetctl
2021-06-24 20:42:29 +00:00
if p.Name == nil {
invalid.Append("name", "Full name missing required argument")
Implement fleetctl user create (#9) - Allow user creation via `fleetctl user create` - Cleanup and rename existing methods for clarity Fixes https://github.com/kolide/fleet/issues/2306
2020-11-05 01:06:55 +00:00
} else {
Remove username from UI (#1168) * Remove username from UI code * Remove username from tests * Remove username from database * Modify server endpoints for removing username * Implement backend aspects of removing username * Update API docs * Add name to fleetctl
2021-06-24 20:42:29 +00:00
if *p.Name == "" {
invalid.Append("name", "Full name cannot be empty")
Implement fleetctl user create (#9) - Allow user creation via `fleetctl user create` - Cleanup and rename existing methods for clarity Fixes https://github.com/kolide/fleet/issues/2306
2020-11-05 01:06:55 +00:00
}
}
// we don't need a password for single sign on
if (p.SSOInvite == nil || !*p.SSOInvite) && (p.SSOEnabled == nil || !*p.SSOEnabled) {
if p.Password == nil {
Remove username from UI (#1168) * Remove username from UI code * Remove username from tests * Remove username from database * Modify server endpoints for removing username * Implement backend aspects of removing username * Update API docs * Add name to fleetctl
2021-06-24 20:42:29 +00:00
invalid.Append("password", "Password missing required argument")
Implement fleetctl user create (#9) - Allow user creation via `fleetctl user create` - Cleanup and rename existing methods for clarity Fixes https://github.com/kolide/fleet/issues/2306
2020-11-05 01:06:55 +00:00
} else {
if *p.Password == "" {
Remove username from UI (#1168) * Remove username from UI code * Remove username from tests * Remove username from database * Modify server endpoints for removing username * Implement backend aspects of removing username * Update API docs * Add name to fleetctl
2021-06-24 20:42:29 +00:00
invalid.Append("password", "Password cannot be empty")
Implement fleetctl user create (#9) - Allow user creation via `fleetctl user create` - Cleanup and rename existing methods for clarity Fixes https://github.com/kolide/fleet/issues/2306
2020-11-05 01:06:55 +00:00
}
// Skip password validation in the case of admin created users
}
}
Update create user validation and documentation (#1285) Closes #1272
2021-07-02 15:35:26 +00:00
if p.SSOEnabled != nil && *p.SSOEnabled && p.Password != nil && len(*p.Password) > 0 {
invalid.Append("password", "not allowed for SSO users")
}
Implement fleetctl user create (#9) - Allow user creation via `fleetctl user create` - Cleanup and rename existing methods for clarity Fixes https://github.com/kolide/fleet/issues/2306
2020-11-05 01:06:55 +00:00
if p.Email == nil {
Remove username from UI (#1168) * Remove username from UI code * Remove username from tests * Remove username from database * Modify server endpoints for removing username * Implement backend aspects of removing username * Update API docs * Add name to fleetctl
2021-06-24 20:42:29 +00:00
invalid.Append("email", "Email missing required argument")
Implement fleetctl user create (#9) - Allow user creation via `fleetctl user create` - Cleanup and rename existing methods for clarity Fixes https://github.com/kolide/fleet/issues/2306
2020-11-05 01:06:55 +00:00
} else {
if *p.Email == "" {
Remove username from UI (#1168) * Remove username from UI code * Remove username from tests * Remove username from database * Modify server endpoints for removing username * Implement backend aspects of removing username * Update API docs * Add name to fleetctl
2021-06-24 20:42:29 +00:00
invalid.Append("email", "Email cannot be empty")
Implement fleetctl user create (#9) - Allow user creation via `fleetctl user create` - Cleanup and rename existing methods for clarity Fixes https://github.com/kolide/fleet/issues/2306
2020-11-05 01:06:55 +00:00
}
}
if p.InviteToken != nil {
Remove username from UI (#1168) * Remove username from UI code * Remove username from tests * Remove username from database * Modify server endpoints for removing username * Implement backend aspects of removing username * Update API docs * Add name to fleetctl
2021-06-24 20:42:29 +00:00
invalid.Append("invite_token", "Invite token should not be specified with admin user creation")
Implement fleetctl user create (#9) - Allow user creation via `fleetctl user create` - Cleanup and rename existing methods for clarity Fixes https://github.com/kolide/fleet/issues/2306
2020-11-05 01:06:55 +00:00
}
if invalid.HasErrors() {
Use new error handling approach in other packages (#2954)
2021-11-22 14:13:26 +00:00
return nil, ctxerr.Wrap(ctx, invalid)
Implement fleetctl user create (#9) - Allow user creation via `fleetctl user create` - Cleanup and rename existing methods for clarity Fixes https://github.com/kolide/fleet/issues/2306
2020-11-05 01:06:55 +00:00
}
return mw.Service.CreateUser(ctx, p)
update user service (#101) - Added all required methods for a UserService - Added authentication handlers `/api/login` and `/api/logout` - Added authMiddleware for authentication for `/api/v1/kolide` path - Added authorization middleware for each endoint - Added validation middleware for validating API inputs - Began work on logging middleware
2016-09-01 04:51:38 +00:00
}
Remove kolide types and packages from backend (#974) Generally renamed `kolide` -> `fleet`
2021-06-06 22:07:29 +00:00
func (mw validationMiddleware) ModifyUser(ctx context.Context, userID uint, p fleet.UserPayload) (*fleet.User, error) {
invalid := &fleet.InvalidArgumentError{}
Improve user endpoint validations (#642) - Add empty string checks for NewUser - Create validations for ModifyUser - Use GravatarURL when creating new user Fixes #620
2016-12-15 17:28:53 +00:00
if p.Name != nil {
if *p.Name == "" {
Remove username from UI (#1168) * Remove username from UI code * Remove username from tests * Remove username from database * Modify server endpoints for removing username * Implement backend aspects of removing username * Update API docs * Add name to fleetctl
2021-06-24 20:42:29 +00:00
invalid.Append("name", "Full name cannot be empty")
Improve user endpoint validations (#642) - Add empty string checks for NewUser - Create validations for ModifyUser - Use GravatarURL when creating new user Fixes #620
2016-12-15 17:28:53 +00:00
}
}
if p.Email != nil {
if *p.Email == "" {
Remove username from UI (#1168) * Remove username from UI code * Remove username from tests * Remove username from database * Modify server endpoints for removing username * Implement backend aspects of removing username * Update API docs * Add name to fleetctl
2021-06-24 20:42:29 +00:00
invalid.Append("email", "Email cannot be empty")
Improve user endpoint validations (#642) - Add empty string checks for NewUser - Create validations for ModifyUser - Use GravatarURL when creating new user Fixes #620
2016-12-15 17:28:53 +00:00
}
Allow user to change email with confirmation (#1102) * Change email functionality * Code review changes for @groob * Name change per @groob * Code review changes per @marpaia Also added addition non-happy path tests to satisfy concerns by @groob
2017-01-27 13:35:58 +00:00
// if the user is not an admin, or if an admin is changing their own email
// address a password is required,
if passwordRequiredForEmailChange(ctx, userID, invalid) {
if p.Password == nil {
Remove username from UI (#1168) * Remove username from UI code * Remove username from tests * Remove username from database * Modify server endpoints for removing username * Implement backend aspects of removing username * Update API docs * Add name to fleetctl
2021-06-24 20:42:29 +00:00
invalid.Append("password", "Password cannot be empty if email is changed")
Allow user to change email with confirmation (#1102) * Change email functionality * Code review changes for @groob * Name change per @groob * Code review changes per @marpaia Also added addition non-happy path tests to satisfy concerns by @groob
2017-01-27 13:35:58 +00:00
}
}
Improve user endpoint validations (#642) - Add empty string checks for NewUser - Create validations for ModifyUser - Use GravatarURL when creating new user Fixes #620
2016-12-15 17:28:53 +00:00
}
if invalid.HasErrors() {
Use new error handling approach in other packages (#2954)
2021-11-22 14:13:26 +00:00
return nil, ctxerr.Wrap(ctx, invalid)
Improve user endpoint validations (#642) - Add empty string checks for NewUser - Create validations for ModifyUser - Use GravatarURL when creating new user Fixes #620
2016-12-15 17:28:53 +00:00
}
return mw.Service.ModifyUser(ctx, userID, p)
}
Remove kolide types and packages from backend (#974) Generally renamed `kolide` -> `fleet`
2021-06-06 22:07:29 +00:00
func passwordRequiredForEmailChange(ctx context.Context, uid uint, invalid *fleet.InvalidArgumentError) bool {
Allow user to change email with confirmation (#1102) * Change email functionality * Code review changes for @groob * Name change per @groob * Code review changes per @marpaia Also added addition non-happy path tests to satisfy concerns by @groob
2017-01-27 13:35:58 +00:00
vc, ok := viewer.FromContext(ctx)
if !ok {
Remove username from UI (#1168) * Remove username from UI code * Remove username from tests * Remove username from database * Modify server endpoints for removing username * Implement backend aspects of removing username * Update API docs * Add name to fleetctl
2021-06-24 20:42:29 +00:00
invalid.Append("viewer", "Viewer not present")
Allow user to change email with confirmation (#1102) * Change email functionality * Code review changes for @groob * Name change per @groob * Code review changes per @marpaia Also added addition non-happy path tests to satisfy concerns by @groob
2017-01-27 13:35:58 +00:00
return false
}
// if a user is changing own email need a password no matter what
Clean up service and return license errors (#1097) - Expose license errors instead of permission errors by adding explicit skip authorization. - Remove pre-Teams authorization checks from service. Fixes #964
2021-06-16 17:55:41 +00:00
return vc.UserID() == uid
Allow user to change email with confirmation (#1102) * Change email functionality * Code review changes for @groob * Name change per @groob * Code review changes per @marpaia Also added addition non-happy path tests to satisfy concerns by @groob
2017-01-27 13:35:58 +00:00
}
Add change password endpoint (#628)
2016-12-14 18:11:43 +00:00
func (mw validationMiddleware) ChangePassword(ctx context.Context, oldPass, newPass string) error {
Remove kolide types and packages from backend (#974) Generally renamed `kolide` -> `fleet`
2021-06-06 22:07:29 +00:00
invalid := &fleet.InvalidArgumentError{}
Add change password endpoint (#628)
2016-12-14 18:11:43 +00:00
if oldPass == "" {
Remove username from UI (#1168) * Remove username from UI code * Remove username from tests * Remove username from database * Modify server endpoints for removing username * Implement backend aspects of removing username * Update API docs * Add name to fleetctl
2021-06-24 20:42:29 +00:00
invalid.Append("old_password", "Old password cannot be empty")
Add change password endpoint (#628)
2016-12-14 18:11:43 +00:00
}
if newPass == "" {
Remove username from UI (#1168) * Remove username from UI code * Remove username from tests * Remove username from database * Modify server endpoints for removing username * Implement backend aspects of removing username * Update API docs * Add name to fleetctl
2021-06-24 20:42:29 +00:00
invalid.Append("new_password", "New password cannot be empty")
Add change password endpoint (#628)
2016-12-14 18:11:43 +00:00
}
Validate password requirements (#962) Add validation for user password creation/reset - at least 7 chars - 1 number - 1 symbol consolidated service errors to a single file.
2017-01-15 23:23:09 +00:00
if err := validatePasswordRequirements(newPass); err != nil {
invalid.Append("new_password", err.Error())
}
Add change password endpoint (#628)
2016-12-14 18:11:43 +00:00
if invalid.HasErrors() {
Use new error handling approach in other packages (#2954)
2021-11-22 14:13:26 +00:00
return ctxerr.Wrap(ctx, invalid)
Add change password endpoint (#628)
2016-12-14 18:11:43 +00:00
}
return mw.Service.ChangePassword(ctx, oldPass, newPass)
}
Update users service (#156) Closes #144 #145 #160 Implements PATCH method on user and endpoint middleware for authnz Implements `reset_password` (with token) and `forgot_password` endpoints Added godoc comments for UserService interface Shift to using testify/assert in test code Multiple fixes/changes to the UserService API
2016-09-15 14:52:17 +00:00
func (mw validationMiddleware) ResetPassword(ctx context.Context, token, password string) error {
Remove kolide types and packages from backend (#974) Generally renamed `kolide` -> `fleet`
2021-06-06 22:07:29 +00:00
invalid := &fleet.InvalidArgumentError{}
Update users service (#156) Closes #144 #145 #160 Implements PATCH method on user and endpoint middleware for authnz Implements `reset_password` (with token) and `forgot_password` endpoints Added godoc comments for UserService interface Shift to using testify/assert in test code Multiple fixes/changes to the UserService API
2016-09-15 14:52:17 +00:00
if token == "" {
Remove username from UI (#1168) * Remove username from UI code * Remove username from tests * Remove username from database * Modify server endpoints for removing username * Implement backend aspects of removing username * Update API docs * Add name to fleetctl
2021-06-24 20:42:29 +00:00
invalid.Append("token", "Token cannot be empty field")
update user service (#101) - Added all required methods for a UserService - Added authentication handlers `/api/login` and `/api/logout` - Added authMiddleware for authentication for `/api/v1/kolide` path - Added authorization middleware for each endoint - Added validation middleware for validating API inputs - Began work on logging middleware
2016-09-01 04:51:38 +00:00
}
Update users service (#156) Closes #144 #145 #160 Implements PATCH method on user and endpoint middleware for authnz Implements `reset_password` (with token) and `forgot_password` endpoints Added godoc comments for UserService interface Shift to using testify/assert in test code Multiple fixes/changes to the UserService API
2016-09-15 14:52:17 +00:00
if password == "" {
Remove username from UI (#1168) * Remove username from UI code * Remove username from tests * Remove username from database * Modify server endpoints for removing username * Implement backend aspects of removing username * Update API docs * Add name to fleetctl
2021-06-24 20:42:29 +00:00
invalid.Append("new_password", "New password cannot be empty field")
nicer validation errors (#180)
2016-09-16 15:23:48 +00:00
}
Validate password requirements (#962) Add validation for user password creation/reset - at least 7 chars - 1 number - 1 symbol consolidated service errors to a single file.
2017-01-15 23:23:09 +00:00
if err := validatePasswordRequirements(password); err != nil {
invalid.Append("new_password", err.Error())
}
Adds endpoints to invite new users to the application. (#235) User service checks that tokens are valid on new user signups. Closes #230
2016-09-29 02:44:05 +00:00
if invalid.HasErrors() {
Use new error handling approach in other packages (#2954)
2021-11-22 14:13:26 +00:00
return ctxerr.Wrap(ctx, invalid)
update user service (#101) - Added all required methods for a UserService - Added authentication handlers `/api/login` and `/api/logout` - Added authMiddleware for authentication for `/api/v1/kolide` path - Added authorization middleware for each endoint - Added validation middleware for validating API inputs - Began work on logging middleware
2016-09-01 04:51:38 +00:00
}
Update users service (#156) Closes #144 #145 #160 Implements PATCH method on user and endpoint middleware for authnz Implements `reset_password` (with token) and `forgot_password` endpoints Added godoc comments for UserService interface Shift to using testify/assert in test code Multiple fixes/changes to the UserService API
2016-09-15 14:52:17 +00:00
return mw.Service.ResetPassword(ctx, token, password)
update user service (#101) - Added all required methods for a UserService - Added authentication handlers `/api/login` and `/api/logout` - Added authMiddleware for authentication for `/api/v1/kolide` path - Added authorization middleware for each endoint - Added validation middleware for validating API inputs - Began work on logging middleware
2016-09-01 04:51:38 +00:00
}
nicer validation errors (#180)
2016-09-16 15:23:48 +00:00
Validate password requirements (#962) Add validation for user password creation/reset - at least 7 chars - 1 number - 1 symbol consolidated service errors to a single file.
2017-01-15 23:23:09 +00:00
// Requirements for user password:
// at least 7 character length
// at least 1 symbol
// at least 1 number
func validatePasswordRequirements(password string) error {
var (
number bool
symbol bool
)
for _, s := range password {
switch {
case unicode.IsNumber(s):
number = true
case unicode.IsPunct(s) || unicode.IsSymbol(s):
symbol = true
}
update how permission errors are updated to the client (#187) Closes #152 allow batching of permission errors refactor some of the error handling in encodeError clean up some of the error messages
2016-09-23 02:41:58 +00:00
}
nicer validation errors (#180)
2016-09-16 15:23:48 +00:00
Validate password requirements (#962) Add validation for user password creation/reset - at least 7 chars - 1 number - 1 symbol consolidated service errors to a single file.
2017-01-15 23:23:09 +00:00
if len(password) >= 7 &&
number &&
symbol {
return nil
nicer validation errors (#180)
2016-09-16 15:23:48 +00:00
}
Validate password requirements (#962) Add validation for user password creation/reset - at least 7 chars - 1 number - 1 symbol consolidated service errors to a single file.
2017-01-15 23:23:09 +00:00
Remove username from UI (#1168) * Remove username from UI code * Remove username from tests * Remove username from database * Modify server endpoints for removing username * Implement backend aspects of removing username * Update API docs * Add name to fleetctl
2021-06-24 20:42:29 +00:00
return errors.New("Password does not meet validation requirements")
nicer validation errors (#180)
2016-09-16 15:23:48 +00:00
}
Reference in a new issue Copy permalink