Feature/password complexity on backend
What does this MR do and why?
related issue #354966 (closed) Also related: #348484 (closed)
This is the backend MR of adding minimum password complexity to application_settings, so we can let administrators to customize the password complexity. The chars used in a password can be covered by 4 types, uppercase letters, lowercase letters, numbers and symbols, so the the max value of this column should be 4.
The default value of this column is set to 1 to not change the default behaviors of password validations, the password can be set to any chars if the password complexity is 1.
Screenshots or screen recordings
The following images that shows that final stage of this feature, but the frontend part is not included in this MR.
| before | after | Validation from PW creation | failed validation |
|---|---|---|---|
 |
 |
 |
 |
How to set up and validate locally
bundle exec rspec ee/spec/features/users/signup_spec.rbDatabase
Migrations
rails db:migrate:up VERSION=20220329092245
== 20220329092245 AddPasswordCharsRequirementToApplicationSettings: migrating =
-- add_column(:application_settings, :password_uppercase_required, :boolean, {:default=>false, :null=>false})
-> 0.0042s
-- add_column(:application_settings, :password_lowercase_required, :boolean, {:default=>false, :null=>false})
-> 0.0013s
-- add_column(:application_settings, :password_number_required, :boolean, {:default=>false, :null=>false})
-> 0.0012s
-- add_column(:application_settings, :password_symbol_required, :boolean, {:default=>false, :null=>false})
-> 0.0015s
== 20220329092245 AddPasswordCharsRequirementToApplicationSettings: migrated (0.0084s)
rails db:migrate:down VERSION=20220329092245
== 20220329092245 AddPasswordCharsRequirementToApplicationSettings: reverting =
-- remove_column(:application_settings, :password_symbol_required, :boolean, {:default=>false, :null=>false})
-> 0.0032s
-- remove_column(:application_settings, :password_number_required, :boolean, {:default=>false, :null=>false})
-> 0.0012s
-- remove_column(:application_settings, :password_lowercase_required, :boolean, {:default=>false, :null=>false})
-> 0.0017s
-- remove_column(:application_settings, :password_uppercase_required, :boolean, {:default=>false, :null=>false})
-> 0.0013s
== 20220329092245 AddPasswordCharsRequirementToApplicationSettings: reverted (0.0097s)MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.