Skip to content

Draft: Add random string factory

Brian Williams requested to merge bwill/password-factory into master

What does this MR do and why?

Describe in detail what your merge request does and why.

Currently, we use a lot of hard-coded passwords in specs. This is a problem because:

  1. A lot of these passwords are week, and we want to implement more stringent password requirements for users. !86310 (merged)
  2. We'd like to remove static passwords from our codebase. #360030 (closed)

This change adds a new :random_string factory, which can be used to generate random password to use in specs.

To test this, I tried adding this to a spec and then running it:

diff --git a/ee/spec/controllers/trial_registrations_controller_spec.rb b/ee/spec/controllers/trial_registrations_controller_spec.rb
index dfaba1391a2..76376810dfe 100644
--- a/ee/spec/controllers/trial_registrations_controller_spec.rb
+++ b/ee/spec/controllers/trial_registrations_controller_spec.rb
@@ -82,12 +82,13 @@
         last_name: 'Doe',
         email: 'johnd2019@local.dev',
         username: 'johnd',
-        password: 'abcd1234'
+        password: build(:random_string)
       }
     end
 
     before do
       stub_application_setting(send_user_confirmation_email: true)
+      puts user_params[:password]
     end
 
     subject(:post_create) { post :create, params: { user: user_params } }

Which results in the output:

$ bundle exec rspec ee/spec/controllers/trial_registrations_controller_spec.rb
Run options: include {:focus=>true}

All examples were filtered out; ignoring {:focus=>true}

Test environment set up in 4.737432 seconds
......x#!@pZ*^PEMziVgPhIf*udlkA1rW4rP%
.&EalsQ4ra6g6oF*OLBIrdu24K8@wxa4p
.QYdpDmG$YHDgY0PUr&9HTrMe9pLUQibQ
.D5W6X5PMr1Os6qZXoHtv9H4oLd*vZ8G4
.10zMevc$xdaeCM)oZVP&8hQ@BE^s7!iZ
.

Finished in 9.33 seconds (files took 9.94 seconds to load)
11 examples, 0 failures

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

Edited by Brian Williams

Merge request reports

Loading