Bug 55408 - [Kelvin] Make ignoring the password policy an option
Summary: [Kelvin] Make ignoring the password policy an option
Status: CLOSED FIXED
Alias: None
Product: UCS@school
Classification: Unclassified
Component: HTTP-API (Kelvin)
Version: UCS@school 5.0
Hardware: Other Linux
: P5 normal
Target Milestone: ---
Assignee: Tobias Wenzel
QA Contact: Daniel Tröder
URL: https://git.knut.univention.de/univen...
Keywords:
Depends on:
Blocks:
 
Reported: 2022-11-10 09:03 CET by Tobias Wenzel
Modified: 2022-11-28 12:23 CET (History)
1 user (show)

See Also:
What kind of report is it?: Feature Request
What type of bug is this?: ---
Who will be affected by this bug?: ---
How will those affected feel about the bug?: ---
User Pain:
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:
Bug group (optional):
Customer ID:
Max CVSS v3 score:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Tobias Wenzel univentionstaff 2022-11-10 09:03:17 CET 
A configuration key exists that changes the behavior of the Kelvin REST API: when unset or false the password policy is not applied on new passwords, when true the password must meet the policies requirements.
Comment 1 Tobias Wenzel univentionstaff 2022-11-10 09:07:42 CET 
[twenzel/33_kelvin_password_policies] e842aba7 Bug #55408: disable password policy check in kelvin by default and add option to enable it


tests/test_route_user.py::test_user_create_password_policies[True-teacher] PASSED                                                 [  8%]
tests/test_route_user.py::test_user_create_password_policies[True-staff] PASSED                                                   [ 16%]
tests/test_route_user.py::test_user_create_password_policies[True-student] PASSED                                                 [ 25%]
tests/test_route_user.py::test_user_create_password_policies[True-teacher_and_staff] PASSED                                       [ 33%]
tests/test_route_user.py::test_user_create_password_policies[False-teacher] PASSED                                                [ 41%]
tests/test_route_user.py::test_user_create_password_policies[False-staff] PASSED                                                  [ 50%]
tests/test_route_user.py::test_user_create_password_policies[False-student] PASSED                                                [ 58%]
tests/test_route_user.py::test_user_create_password_policies[False-teacher_and_staff] PASSED                                      [ 66%]
tests/test_route_user.py::test_user_modify_password_policies[patch-True] PASSED                                                   [ 75%]
tests/test_route_user.py::test_user_modify_password_policies[patch-False] PASSED                                                  [ 83%]
tests/test_route_user.py::test_user_modify_password_policies[put-True] PASSED                                                     [ 91%]
tests/test_route_user.py::test_user_modify_password_policies[put-False] PASSED                                                    [100%]
Comment 2 Tobias Wenzel univentionstaff 2022-11-10 19:18:02 CET 
as discussed this is merged to main with 

[main] 094f72ef Bug #55408: Added a configuration option to enable the evaluation of password policies when creating UCS@school users