Bug 55393 - Do not ignore the password policy by default, only when generating passwords
Do not ignore the password policy by default, only when generating passwords
Product: UCS@school
Classification: Unclassified
Component: HTTP-API (Kelvin)
UCS@school 5.0
Other Linux
: P5 normal (vote)
: ---
Assigned To: Tobias Wenzel
Daniel Tröder
Depends on: 55392 55399 55400 55415
  Show dependency treegraph
Reported: 2022-11-07 09:37 CET by Tobias Wenzel
Modified: 2023-05-26 10:56 CEST (History)
2 users (show)

See Also:
What kind of report is it?: Feature Request
What type of bug is this?: ---
Who will be affected by this bug?: ---
How will those affected feel about the bug?: ---
User Pain:
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:
Bug group (optional):
Max CVSS v3 score:


Note You need to log in before you can comment on or make changes to this bug.
Description Tobias Wenzel univentionstaff 2022-11-07 09:37:21 CET
+++ This bug was initially created as a clone of Bug #55392 +++

As a developer using the UCS@school lib __in Kelvin__
I can expect UCS@school software to honor the set password policies,
so that the security of my domain is as expected.

-- Context/description ---

1. Adapt the UCS@school library __in Kelvin__ to not ignore password policies anymore when creating users.
2. It may still ignore password policies when generating password for new users, as generating passwords that adhere to the current policy is out of scope.
3. Add an option to the school library `User` object to ignore password policies when creating or modifying users.
Comment 1 Tobias Wenzel univentionstaff 2022-11-09 16:05:31 CET
As discussed merged 

[main] f744f42e Bug #55393: add option check password policies when creating or modifying users
Comment 2 Daniel Tröder univentionstaff 2022-11-09 16:45:00 CET
* OK: acceptance criteria
* OK: code review 5.0 & Kelvin
* OK: automatic test 5.0 & Kelvin
* OK: manual test (only done in 5.0)
* OK: advisory