Merge pull request #14502 from marcusmoore/bug/sc-25004/pwd_secure_complexity-validation

Added validation around `pwd_secure_complexity`
This commit is contained in:
snipe 2024-03-26 20:05:04 +00:00 committed by GitHub
commit ae403da8c1
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
3 changed files with 24 additions and 2 deletions

View file

@ -20,6 +20,7 @@ use DB;
use enshrined\svgSanitize\Sanitizer;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Storage;
use Illuminate\Validation\Rule;
use Image;
use Input;
use Redirect;
@ -499,6 +500,19 @@ class SettingsController extends Controller
*/
public function postSecurity(Request $request)
{
$this->validate($request, [
'pwd_secure_complexity' => 'array',
'pwd_secure_complexity.*' => [
Rule::in([
'disallow_same_pwd_as_user_fields',
'letters',
'numbers',
'symbols',
'case_diff',
])
]
]);
if (is_null($setting = Setting::getSettings())) {
return redirect()->to('admin')->with('error', trans('admin/settings/message.update.error'));
}

View file

@ -153,4 +153,10 @@ return [
'attributes' => [],
/*
|--------------------------------------------------------------------------
| Generic Validation Messages
|--------------------------------------------------------------------------
*/
'invalid_value_in_field' => 'Invalid value included in this field',
];

View file

@ -74,12 +74,11 @@
<!-- Common Passwords -->
<div class="form-group">
<div class="form-group {{ $errors->has('pwd_secure_complexity.*') ? 'error' : '' }}">
<div class="col-md-3">
{{ Form::label('pwd_secure_complexity', trans('admin/settings/general.pwd_secure_complexity')) }}
</div>
<div class="col-md-9">
<label class="form-control">
<span class="sr-only">{{ trans('admin/settings/general.pwd_secure_uncommon') }}</span>
{{ Form::checkbox('pwd_secure_uncommon', '1', old('pwd_secure_uncommon', $setting->pwd_secure_uncommon),array( 'aria-label'=>'pwd_secure_uncommon')) }}
@ -106,6 +105,9 @@
{{ trans('admin/settings/general.pwd_secure_complexity_case_diff') }}
</label>
@if ($errors->has('pwd_secure_complexity.*'))
<span class="alert-msg">{{ trans('validation.invalid_value_in_field') }}</span>
@endif
<p class="help-block">
{{ trans('admin/settings/general.pwd_secure_complexity_help') }}
</p>