Re: [Spacewalk-devel] [PATCH] Adding a password placeholder check when editing a user.
On 01/29/2014 02:22 PM, Michael Mraka wrote:
I see :(, I was not aware of it. Anyway I'd still prefer not to use javascript
if not necessary. So in this particular case I'd replace html:password
with direct html input tag:
Hi Michael,
i changed the patch. So no additional javascript.
* I replaced the struts tag with the standard html input tag to use the
placeholder attribute
* Some changes to the logic in
spacewalk-pwstrength-handler.js:updateTickIcon()
* Johannes Renner helped me with the Java code changes.
The question is now in UserEditActionHelper:62 we use more or less the
same code for validation
as in UpdateUserCommand:132
As this is a small redundancy in code, I wanted to ask if it would make
sense to put that code into
a public function accessible by both classes, and where this function
should reside.
Do you think it is worth the extra work, or is the solution in the patch
acceptable?
Maximilian
--
--
Mit freundlichen Grüßen,
Maximilian Meister
Systems Management Department
SUSE LINUX Products GmbH
Maxfeldstr. 5
D-90409 Nuremberg, Germany
http://www.suse.com
GF: Jeff Hawn, Jennifer Guild, Felix Imendoerffer, HRB 21284 (AG Nuremberg)
>From 1a82e2e6dfd888d85451835e14b46f6576a54b6a Mon Sep 17 00:00:00 2001
From: Maximilian Meister
Date: Tue, 4 Feb 2014 10:40:19 +0100
Subject: [PATCH 1/4] removing obsolete code related to PLACEHOLDER_PASSWORD
---
.../src/com/redhat/rhn/frontend/action/user/UserActionHelper.java | 3 ---
.../src/com/redhat/rhn/frontend/action/user/UserEditSetupAction.java | 4
2 files changed, 7 deletions(-)
diff --git a/java/code/src/com/redhat/rhn/frontend/action/user/UserActionHelper.java b/java/code/src/com/redhat/rhn/frontend/action/user/UserActionHelper.java
index 3ff18e6..1510aa1 100644
--- a/java/code/src/com/redhat/rhn/frontend/action/user/UserActionHelper.java
+++ b/java/code/src/com/redhat/rhn/frontend/action/user/UserActionHelper.java
@@ -32,9 +32,6 @@ public class UserActionHelper {
private UserActionHelper() {
}
-/** placeholder string, package protected; so we don't transmit
- * the actual pw but the form doesn't look empty */
-static final String PLACEHOLDER_PASSWORD = "**";
public static final String DESIRED_PASS = "desiredpassword";
public static final String DESIRED_PASS_CONFIRM = "desiredpasswordConfirm";
diff --git a/java/code/src/com/redhat/rhn/frontend/action/user/UserEditSetupAction.java b/java/code/src/com/redhat/rhn/frontend/action/user/UserEditSetupAction.java
index f56df31..63f3bf5 100644
--- a/java/code/src/com/redhat/rhn/frontend/action/user/UserEditSetupAction.java
+++ b/java/code/src/com/redhat/rhn/frontend/action/user/UserEditSetupAction.java
@@ -77,10 +77,6 @@ public class UserEditSetupAction extends RhnAction {
form.set("lastName", targetUser.getLastName());
form.set("title", targetUser.getTitle());
form.set("prefix", targetUser.getPrefix());
-form.set(UserActionHelper.DESIRED_PASS,
-UserActionHelper.PLACEHOLDER_PASSWORD);
-form.set(UserActionHelper.DESIRED_PASS_CONFIRM,
-UserActionHelper.PLACEHOLDER_PASSWORD);
request.setAttribute("user", targetUser);
request.setAttribute("mailableAddress", targetUser.getEmail());
--
1.8.4.5
>From 06fffdff67cd791456bc5da1b3946b3bda1457ee Mon Sep 17 00:00:00 2001
From: Maximilian Meister
Date: Tue, 4 Feb 2014 10:41:13 +0100
Subject: [PATCH 2/4] perform password validation within the java class to
accept an empty password as no change
---
.../frontend/action/user/UserEditActionHelper.java | 26 ++
.../action/user/validation/userDetailsForm.xsd | 12 --
2 files changed, 22 insertions(+), 16 deletions(-)
diff --git a/java/code/src/com/redhat/rhn/frontend/action/user/UserEditActionHelper.java b/java/code/src/com/redhat/rhn/frontend/action/user/UserEditActionHelper.java
index 3056834..b6660c4 100644
--- a/java/code/src/com/redhat/rhn/frontend/action/user/UserEditActionHelper.java
+++ b/java/code/src/com/redhat/rhn/frontend/action/user/UserEditActionHelper.java
@@ -14,8 +14,11 @@
*/
package com.redhat.rhn.frontend.action.user;
+import java.util.regex.Pattern;
+
import com.redhat.rhn.common.conf.Config;
import com.redhat.rhn.common.conf.ConfigDefaults;
+import com.redhat.rhn.common.conf.UserDefaults;
import com.redhat.rhn.domain.role.RoleFactory;
import com.redhat.rhn.domain.user.User;
import com.redhat.rhn.frontend.struts.RhnAction;
@@ -53,11 +56,26 @@ public abstract class UserEditActionHelper extends RhnAction {
new ActionMessage("error.password_mismatch"));
}
-//Make sure password is not the placeholder
-if (!UserActionHelper.PLACEHOLDER_PASSWORD.equals(
-form.get(UserActionHelper.DESIRED_PASS))) {
+/
Re: [Spacewalk-devel] [PATCH] Adding a password placeholder check when editing a user.
On 01/29/2014 01:19 PM, Maximilian Meister wrote: Hi Michael, I have tried this in my first attempt, but the html:password struts tag doesn't accept the attribute "placeholder="**". to reformulate my statement a bit, the html:password struts tag doesn't know any placeholder attribute. See: http://struts.apache.org/release/1.3.x/struts-taglib/tlddoc/html/password.html org.apache.jasper.JasperException: /WEB-INF/pages/common/fragments/user/edit_user_table_rows.jspf (line: 51, column: 12) Attribute placeholder invalid for tag password according to TLD What do you suggest? -- -- Mit freundlichen Grüßen, Maximilian Meister Systems Management Department SUSE LINUX Products GmbH Maxfeldstr. 5 D-90409 Nuremberg, Germany http://www.suse.com GF: Jeff Hawn, Jennifer Guild, Felix Imendoerffer, HRB 21284 (AG Nuremberg) ___ Spacewalk-devel mailing list Spacewalk-devel@redhat.com https://www.redhat.com/mailman/listinfo/spacewalk-devel
Re: [Spacewalk-devel] [PATCH] Adding a password placeholder check when editing a user.
On 01/29/2014 10:35 AM, Michael Mraka wrote:
Hello Maximilian,
I think there's an easier way to do it in a plain html without new
javascript file. If you replace
with
(similar to e.g. search field on the page) there will be greyed out dots
and user have to type whole password and can't submit placeholder string
anymore. ('•' is unicode BULLET char U+2022.) Well, there's one more
step needed - UserEditActionHelper class have to be updated to accept empty
password as no change in password.
What do you think about this?
Hi Michael,
I have tried this in my first attempt, but the html:password struts tag
doesn't accept the attribute "placeholder="**".
org.apache.jasper.JasperException:
/WEB-INF/pages/common/fragments/user/edit_user_table_rows.jspf (line:
51, column: 12) Attribute placeholder invalid for tag password according
to TLD
What do you suggest?
--
--
Mit freundlichen Grüßen,
Maximilian Meister
Systems Management Department
SUSE LINUX Products GmbH
Maxfeldstr. 5
D-90409 Nuremberg, Germany
http://www.suse.com
GF: Jeff Hawn, Jennifer Guild, Felix Imendoerffer, HRB 21284 (AG Nuremberg)
___
Spacewalk-devel mailing list
Spacewalk-devel@redhat.com
https://www.redhat.com/mailman/listinfo/spacewalk-devel
[Spacewalk-devel] [PATCH] Adding a password placeholder check when editing a user.
Hi,
after the password strength meter went through, I have another enhancement
related to the password field.
On the edit user page, there are placeholders in the password fields.
The placeholders are plain *'s, so if I add some characters after the
placeholder
like [**] my new password will contain the placeholder
instead
of my expectation [].
That could lead to locking out of a user.
This patch makes sure that you can't lock yourself out accidentally like
this.
--
--
Mit freundlichen Grüßen,
Maximilian Meister
Systems Management Department
SUSE LINUX Products GmbH
Maxfeldstr. 5
D-90409 Nuremberg, Germany
http://www.suse.com
GF: Jeff Hawn, Jennifer Guild, Felix Imendoerffer, HRB 21284 (AG Nuremberg)
>From ac8d7ce0ab1e5319ce822a76557c5097ba24f148 Mon Sep 17 00:00:00 2001
From: Maximilian Meister
Date: Tue, 28 Jan 2014 14:54:37 +0100
Subject: [PATCH] add placeholder check to not accidentally submit the
placeholder or parts of it as a password
---
.../fragments/user/edit_user_table_rows.jspf | 1 +
web/html/javascript/spacewalk-placeholder-check.js | 29 ++
2 files changed, 30 insertions(+)
create mode 100644 web/html/javascript/spacewalk-placeholder-check.js
diff --git a/java/code/webapp/WEB-INF/pages/common/fragments/user/edit_user_table_rows.jspf b/java/code/webapp/WEB-INF/pages/common/fragments/user/edit_user_table_rows.jspf
index e00b70b..51a3581 100644
--- a/java/code/webapp/WEB-INF/pages/common/fragments/user/edit_user_table_rows.jspf
+++ b/java/code/webapp/WEB-INF/pages/common/fragments/user/edit_user_table_rows.jspf
@@ -44,6 +44,7 @@
+
diff --git a/web/html/javascript/spacewalk-placeholder-check.js b/web/html/javascript/spacewalk-placeholder-check.js
new file mode 100644
index 000..d63486e
--- /dev/null
+++ b/web/html/javascript/spacewalk-placeholder-check.js
@@ -0,0 +1,29 @@
+// make sure not to submit the placeholder (or parts of it) as a password when editing a user
+$(document).ready(function () {
+// Return true if all password fields are empty
+function isPasswordFieldsEmpty() {
+var empty = true;
+$('input:password').each(function(index) {
+if ($(this).val() != '') {
+empty = false;
+return false;
+}
+});
+return empty;
+}
+
+// PLACEHOLDER needs to be in sync with PLACEHOLDER_PASSWORD
+// in the UserActionHelper Java class.
+var PLACEHOLDER = "**";
+$('input:password').focus(function() {
+if ($(this).val() == PLACEHOLDER) {
+$('input:password').val('');
+updateTickIcon();
+}
+}).blur(function() {
+if (isPasswordFieldsEmpty()) {
+$('input:password').val(PLACEHOLDER);
+updateTickIcon();
+}
+});
+});
--
1.8.4
___
Spacewalk-devel mailing list
Spacewalk-devel@redhat.com
https://www.redhat.com/mailman/listinfo/spacewalk-devel
Re: [Spacewalk-devel] [PATCH] Adding a password strength meter to spacewalk
On 01/24/2014 12:29 PM, Matej Kollar wrote:
Hi everybody,
here you can find the new patch with the following changes:
Hi Maximilian.
I see you have made some nice work there but there are still few things
that need to be fixed.
* Warning pop-up.
* Could it be moved to the right or bottom of the filed?
* It also blinks/flickers on change, is there a way to stop it?
* Colored progress bar/strength meter.
* It is connected with the password field in very strange way (visually).
Would it be possible to change it as per Michael's suggestion
to look like [1] or [2]? Personally I would prefer second option.
* progress bar now has its own named column
* Spec
* `jquery.pwstrength.bootstrap` is not good name for package. I suggest
`pwstrength-bootstrap` (the .spec is called such anyway).
* package name == filename
* `Source0` is defined in a bit complicated way. Using
[4] would not only be sufficient but will make it clearer and
easier to understand.
Source0 is now readable :) as in [4]
* Is there simple way to change rules that determine what is acceptable
password?
* E.g. various "character classes" reminded me
there are other ways to make good password :-). [3]
Thanks for the effort invested and keep up good work :-).
[1]
http://www.jqueryscript.net/demo/Simple-jQuery-Password-Strength-Indicator-Plugin-passMeter/
[2]
http://cdn1.freshdesignweb.com/wp-content/uploads/2011/09/jquery-password-strength-meter-005.jpg
[3] http://xkcd.com/936/
[4] https://github.com/ablanco/jquery.pwstrength.bootstrap/archive/1.0.2.tar.gz
please check it out, and tell me if I missed something.
Thank you
Maximilian
--
--
Mit freundlichen Grüßen,
Maximilian Meister
Systems Management Department
SUSE LINUX Products GmbH
Maxfeldstr. 5
D-90409 Nuremberg, Germany
http://www.suse.com
GF: Jeff Hawn, Jennifer Guild, Felix Imendoerffer, HRB 21284 (AG Nuremberg)
>From 9237a4157c666f8a78a65ef99098147b759e7a3d Mon Sep 17 00:00:00 2001
From: Maximilian Meister
Date: Tue, 28 Jan 2014 11:24:47 +0100
Subject: [PATCH 1/4] adding spec and patch to spec-tree
---
.../pwstrength/pwstrength-bootstrap-1.0.2.patch| 84 ++
spec-tree/pwstrength/pwstrength-bootstrap.spec | 41 +++
2 files changed, 125 insertions(+)
create mode 100644 spec-tree/pwstrength/pwstrength-bootstrap-1.0.2.patch
create mode 100644 spec-tree/pwstrength/pwstrength-bootstrap.spec
diff --git a/spec-tree/pwstrength/pwstrength-bootstrap-1.0.2.patch b/spec-tree/pwstrength/pwstrength-bootstrap-1.0.2.patch
new file mode 100644
index 000..f32efe5
--- /dev/null
+++ b/spec-tree/pwstrength/pwstrength-bootstrap-1.0.2.patch
@@ -0,0 +1,84 @@
+--- dist/pwstrength-bootstrap-1.0.2.js 2014-01-27 10:20:54.927264579 +0100
dist/pwstrength-bootstrap-1.0.2.js 2014-01-28 09:47:16.720675185 +0100
+@@ -47,7 +47,7 @@ try {
+ };
+
+ validation.wordSimilarToUsername = function (options, word, score) {
+-var username = $(options.common.usernameField).val();
++var username = $(options.common.usernameField).val() || $(options.common.usernameField).text();
+ if (username && word.toLowerCase().match(username.toLowerCase())) {
+ options.instances.errors.push(options.ui.spanError(options, "same_as_username"));
+ return score;
+@@ -288,7 +288,7 @@ var ui = {};
+
+ ui.initProgressBar = function (options, $el) {
+ var $container = ui.getContainer(options, $el),
+-progressbar = "";
+
+ if (options.ui.viewports.progress) {
+-$container.find(options.ui.viewports.progress).append(progressbar);
++$container.append(progressbar);
+ } else {
+-$(progressbar).insertAfter($el);
++$(progressbar).insertAfter('#desiredpassword-input-group');
+ }
+ };
+
+@@ -312,7 +312,7 @@ var ui = {};
+ };
+
+ ui.initVerdict = function (options, $el) {
+-ui.initHelper(options, $el, "",
++ui.initHelper(options, $el, "",
+ options.ui.viewports.verdict);
+ };
+
+@@ -334,7 +334,7 @@ var ui = {};
+ if (options.ui.showErrors) {
+ html += "";
+ $.each(options.instances.errors, function (idx, err) {
+-html += "" + err + "";
++html += err;
+ });
+ html += "";
+ }
+@@ -343,7 +343,7 @@ var ui = {};
+ $el.popover({
+ html: true,
+ placement: placement,
+-trigger: "manual",
++trigger: "focus",
+ content: html
+ });
+ $el.popover("show");
+@@ -364,7 +364,7 @@ var ui = {};
+
+ ui.updateProgressBar = function (options, $el, cssClass, percentage) {
+ var $progres
Re: [Spacewalk-devel] [PATCH] Adding a password strength meter to spacewalk
On 01/24/2014 12:29 PM, Matej Kollar wrote: * Warning pop-up. * Could it be moved to the right or bottom of the filed? Yes. Though on the bottom it overlaps with the bar, and on the right it could end up being compressed, depending on the window size of your browser. I guess I could try to "hang" the popover on the bottom of the bar for example. Right now it's attached to the input field, which makes sense IMO. So I personally would keep it on top, what do you think? * It also blinks/flickers on change, is there a way to stop it? The popover needs to be destroyed and recreated to update it, otherwise it stacks up in the html output. That's where the flickering comes from. I am currently not aware of a workaround. The popover class has the methods show, hide, toggle and destroy. * Colored progress bar/strength meter. * It is connected with the password field in very strange way (visually). Would it be possible to change it as per Michael's suggestion to look like [1] or [2]? Personally I would prefer second option. I guess I could give it an extra column like in [2] and place it under the Confirm Password: field? * Spec * `jquery.pwstrength.bootstrap` is not good name for package. I suggest `pwstrength-bootstrap` (the .spec is called such anyway). I will rename it. * `Source0` is defined in a bit complicated way. Using [4] would not only be sufficient but will make it clearer and easier to understand. Agreed. I took a hint at https://fedoraproject.org/wiki/Packaging:SourceURL But I can change it as you said. * Is there simple way to change rules that determine what is acceptable password? * E.g. various "character classes" reminded me there are other ways to make good password :-). [3] [3] = Nice :) I couldn't imagine that yet... Yesterday the maintainer of that project also opened an issue: https://github.com/ablanco/jquery.pwstrength.bootstrap/issues/14 which points exactly to that illustration, so maybe soon there'll be support for that. -- -- Mit freundlichen Grüßen, Maximilian Meister Systems Management Department SUSE LINUX Products GmbH Maxfeldstr. 5 D-90409 Nuremberg, Germany http://www.suse.com GF: Jeff Hawn, Jennifer Guild, Felix Imendoerffer, HRB 21284 (AG Nuremberg) ___ Spacewalk-devel mailing list Spacewalk-devel@redhat.com https://www.redhat.com/mailman/listinfo/spacewalk-devel
Re: [Spacewalk-devel] [PATCH] Adding a password strength meter to spacewalk
On 01/23/2014 11:04 AM, Michael Mraka wrote:
Hi Maximilian,
that sounds great.
% Question is now do I need to package the second .js as well? Or can
% i simply add it to the git tree
% in web/html/javascript?
If it's spacewalk specific (I think so) then just put it to web/html/javascript
next to other spacewalk-*.js.
Hi,
here is the new patch with the
* recent release of jquery.pwstrength.bootstrap
* a spec file to build a package from it
* the patch to the sources during rpmbuild
* the customization/caller script + a function to generate the tick icon
* custom styles for the password strength meter
please have a look.
Thanks
--
--
Mit freundlichen Grüßen,
Maximilian Meister
Systems Management Department
SUSE LINUX Products GmbH
Maxfeldstr. 5
D-90409 Nuremberg, Germany
http://www.suse.com
GF: Jeff Hawn, Jennifer Guild, Felix Imendoerffer, HRB 21284 (AG Nuremberg)
>From 22b17b0cd96742dec6bc6488f95049fcf9a4c21a Mon Sep 17 00:00:00 2001
From: Maximilian Meister
Date: Thu, 23 Jan 2014 13:38:11 +0100
Subject: [PATCH 1/4] adding spec file for the spec tree and patch to the
original source
---
.../pwstrength/pwstrength-bootstrap-1.0.2.patch| 74 ++
spec-tree/pwstrength/pwstrength-bootstrap.spec | 43 +
2 files changed, 117 insertions(+)
create mode 100644 spec-tree/pwstrength/pwstrength-bootstrap-1.0.2.patch
create mode 100644 spec-tree/pwstrength/pwstrength-bootstrap.spec
diff --git a/spec-tree/pwstrength/pwstrength-bootstrap-1.0.2.patch b/spec-tree/pwstrength/pwstrength-bootstrap-1.0.2.patch
new file mode 100644
index 000..5867a97
--- /dev/null
+++ b/spec-tree/pwstrength/pwstrength-bootstrap-1.0.2.patch
@@ -0,0 +1,74 @@
+--- dist/pwstrength-bootstrap-1.0.2.js 2014-01-20 09:52:14.488289101 +0100
dist/pwstrength-bootstrap-1.0.2.js 2014-01-20 16:37:02.799052847 +0100
+@@ -47,7 +47,7 @@ try {
+ };
+
+ validation.wordSimilarToUsername = function (options, word, score) {
+-var username = $(options.common.usernameField).val();
++var username = $(options.common.usernameField).val() || $(options.common.usernameField).text();
+ if (username && word.toLowerCase().match(username.toLowerCase())) {
+ options.instances.errors.push(options.ui.spanError(options, "same_as_username"));
+ return score;
+@@ -288,7 +288,7 @@ var ui = {};
+
+ ui.initProgressBar = function (options, $el) {
+ var $container = ui.getContainer(options, $el),
+-progressbar = "",
++ui.initHelper(options, $el, "",
+ options.ui.viewports.verdict);
+ };
+
+@@ -334,7 +334,7 @@ var ui = {};
+ if (options.ui.showErrors) {
+ html += "";
+ $.each(options.instances.errors, function (idx, err) {
+-html += "" + err + "";
++html += err;
+ });
+ html += "";
+ }
+@@ -343,7 +343,7 @@ var ui = {};
+ $el.popover({
+ html: true,
+ placement: placement,
+-trigger: "manual",
++trigger: "focus",
+ content: html
+ });
+ $el.popover("show");
+@@ -364,7 +364,7 @@ var ui = {};
+
+ ui.updateProgressBar = function (options, $el, cssClass, percentage) {
+ var $progressbar = ui.getUIElements(options, $el).$progressbar,
+-$bar = $progressbar.find(".progress-bar"),
++$bar = $(".progress-bar"),
+ cssPrefix = "progress-";
+
+ if (options.ui.bootstrap2) {
+@@ -388,7 +388,7 @@ var ui = {};
+ var $errors = ui.getUIElements(options, $el).$errors,
+ html = "";
+ $.each(options.instances.errors, function (idx, err) {
+-html += "" + err + "";
++html += err;
+ });
+ $errors.html(html);
+ };
diff --git a/spec-tree/pwstrength/pwstrength-bootstrap.spec b/spec-tree/pwstrength/pwstrength-bootstrap.spec
new file mode 100644
index 000..8dd6546
--- /dev/null
+++ b/spec-tree/pwstrength/pwstrength-bootstrap.spec
@@ -0,0 +1,43 @@
+%global commit 97fbed14287890e55425eba0f557381334af5681
+%global shortcommit %(c=%{commit}; echo ${c:0:7})
+
+Name: jquery.pwstrength.bootstrap
+Version:1.0.2
+Release:0
+License:MIT and GPLv3
+Summary:Password quality Twitter Bootstrap Plugin
+Url:https://github.com/ablanco/jquery.pwstrength.bootstrap
+Group: Applications/Internet
+Source0:https://github.com/ablanco/jquery.pwstrength.bootstrap/archive/%{commit}/%{name}-%{version}-%{shortcommit}.tar.gz
+Patch1: pwstrength-bootstrap-%{version}.patch
+BuildArch: noarch
+BuildRoot: %(mktemp -ud %{_tmppath}/%{name}-%{version}-%{release}-XX)
+
+%description
+The jQuery Passwor
Re: [Spacewalk-devel] [PATCH] Adding a password strength meter to spacewalk
On 01/07/2014 12:04 PM, Michael Mraka wrote: Is it possible to keep original pwstrength-bootstrap*.js unmodified and put modification to the separate .js (call modified functions from the page and call original functions from them)? Hi Michael, I end up with 2 separate .js files now. First one is the original sources, packaged and patched through the spec file in spec-tree. Second one is a caller .js with the document.ready handler and some custom functions. Question is now do I need to package the second .js as well? Or can i simply add it to the git tree in web/html/javascript? -- -- Mit freundlichen Grüßen, Maximilian Meister Systems Management Department SUSE LINUX Products GmbH Maxfeldstr. 5 D-90409 Nuremberg, Germany http://www.suse.com GF: Jeff Hawn, Jennifer Guild, Felix Imendoerffer, HRB 21284 (AG Nuremberg) ___ Spacewalk-devel mailing list Spacewalk-devel@redhat.com https://www.redhat.com/mailman/listinfo/spacewalk-devel
Re: [Spacewalk-devel] [PATCH] Adding a password strength meter to spacewalk
On 01/08/2014 02:34 PM, Michael Mraka wrote: As it's new feature in spacewalk I'd vote for using current latest version of pwstrength-bootstrap. Okay, I'll work out a new patch with the latest version in the following days. I understand it. In such cases where we need to modify upstream sources we put upstream package spec to spec-tree/ and create patches to it. This let's us easily keep our modifications and re-apply it on new upstream versions whenever wee need. See e.g. spec-tree/stringtree-json in spacewalk.git. I see. I'll also try to provide a spec file plus a patch to use for the sources then. Isn't https://github.com/ablanco/jquery.pwstrength.bootstrap/blob/master/dist/pwstrength-bootstrap-1.0.2.js all we need to distribute? Yes you are right, this is the one to use. -- -- Mit freundlichen Grüßen, Maximilian Meister SLE Systems Management SUSE LINUX Products GmbH Maxfeldstr. 5 D-90409 Nuremberg, Germany http://www.suse.com GF: Jeff Hawn, Jennifer Guild, Felix Imendoerffer, HRB 21284 (AG Nuremberg) ___ Spacewalk-devel mailing list Spacewalk-devel@redhat.com https://www.redhat.com/mailman/listinfo/spacewalk-devel
Re: [Spacewalk-devel] [PATCH] Adding a password strength meter to spacewalk
On 01/07/2014 12:04 PM, Michael Mraka wrote: I see. Then it should keep the original name so we can easily figure out where it came from and replace it with newer version in the future. Hi Michael, the original name would be pwstrength.js (in 0.5.0). We decided to use the spacewalk- prefix to distinguish it for all JavaScript related to the password strength meter in one single file. Which version of jquery.pwstrength.bootstrap was it? It doesn't match to any pwstrength-bootstrap-1.0.X.js. 0.5.0 Is it possible to keep original pwstrength-bootstrap*.js unmodified and put modification to the separate .js (call modified functions from the page and call original functions from them)? To keep the pwstrength.js library itself separate for easier update on a new version makes sense but has a few issues. I needed to change the library itself to make it work and look good for spacewalk. I had to change/add some generated html output (html tags, add css classes), some logic and css selectors. These are changes only make sense for spacewalk specific look and functionality. Furthermore in 1.0.2 the pwstrength.js is now separated into 4 different js files. Regards, -- Michael Mráka Satellite Engineering, Red Hat ___ Spacewalk-devel mailing list Spacewalk-devel@redhat.com https://www.redhat.com/mailman/listinfo/spacewalk-devel -- -- Mit freundlichen Grüßen, Maximilian Meister SLE Systems Management SUSE LINUX Products GmbH Maxfeldstr. 5 D-90409 Nuremberg, Germany http://www.suse.com GF: Jeff Hawn, Jennifer Guild, Felix Imendoerffer, HRB 21284 (AG Nuremberg) ___ Spacewalk-devel mailing list Spacewalk-devel@redhat.com https://www.redhat.com/mailman/listinfo/spacewalk-devel
[Spacewalk-devel] [PATCH] Adding a password strength meter to spacewalk
Hi everybody,
this patch would add a bootstrapified password strength meter
to all pages where
user details are being created or edited (create the initial admin user,
create/edit normal users and create organization).
There is also a tick icon on the side of the password input fields,
which checks if
the value in the desired password field will be accepted by the server
and if the
value in the confirm password field matches the value in the desired
password field.
We had this implemented in SUSE Manager before, and now completely
reworked it.
It would be useful due to spacewalk being a systems administrations tool
and
due to the security implications that come with it.
It is based on https://github.com/ablanco/jquery.pwstrength.bootstrap
where I also contributed to during the process.
Thanks
Maximilian
--
--
Mit freundlichen Grüßen,
Maximilian Meister
Systems Management Department
SUSE LINUX Products GmbH
Maxfeldstr. 5
D-90409 Nuremberg, Germany
http://www.suse.com
GF: Jeff Hawn, Jennifer Guild, Felix Imendoerffer, HRB 21284 (AG Nuremberg)
>From 74756cc3d26ac4bb64f322eaf82d30376d69466c Mon Sep 17 00:00:00 2001
From: Maximilian Meister
Date: Thu, 19 Dec 2013 10:53:33 +0100
Subject: [PATCH 1/3] Styles for the password strength meter.
---
branding/css/spacewalk-tools.less | 5 +
branding/css/spacewalk.less | 2 ++
2 files changed, 7 insertions(+)
create mode 100644 branding/css/spacewalk-tools.less
diff --git a/branding/css/spacewalk-tools.less b/branding/css/spacewalk-tools.less
new file mode 100644
index 000..0383b3d
--- /dev/null
+++ b/branding/css/spacewalk-tools.less
@@ -0,0 +1,5 @@
+/* Progress Bar for the password strength check */
+.progress-pwstrength {
+margin-bottom: 0;
+margin-top: 4px;
+}
diff --git a/branding/css/spacewalk.less b/branding/css/spacewalk.less
index 3afa2f0..cb69e25 100644
--- a/branding/css/spacewalk.less
+++ b/branding/css/spacewalk.less
@@ -11,6 +11,8 @@
@import url(spacewalk-mixins.less);
/*Import of Tables style*/
@import url(spacewalk-tables.less);
+/* Import of spacewalk-tools */
+@import url(spacewalk-tools.less);
/* Import of the Theme */
@import url(spacewalk-theme.less);
--
1.8.4
>From 1b7dde2ec3b25c448cd5f6d050703e4ff3d03ae8 Mon Sep 17 00:00:00 2001
From: Maximilian Meister
Date: Thu, 19 Dec 2013 10:57:14 +0100
Subject: [PATCH 2/3] Adding modified pwstrength.js library. Adding
function to setup the password strength meter. Adding function to handle the
tick icon on the side of a password input field.
---
web/html/javascript/spacewalk-pwstrength.js | 477
1 file changed, 477 insertions(+)
create mode 100644 web/html/javascript/spacewalk-pwstrength.js
diff --git a/web/html/javascript/spacewalk-pwstrength.js b/web/html/javascript/spacewalk-pwstrength.js
new file mode 100644
index 000..e7837fb
--- /dev/null
+++ b/web/html/javascript/spacewalk-pwstrength.js
@@ -0,0 +1,477 @@
+/*jslint browser: true, regexp: true, unparam: true */
+/*global jQuery */
+
+/*
+* jQuery Password Strength plugin for Twitter Bootstrap
+*
+* Copyright (c) 2008-2013 Tane Piper
+* Copyright (c) 2013 Alejandro Blanco
+* Dual licensed under the MIT and GPL licenses.
+*
+*/
+
+(function ($) {
+"use strict";
+
+var options = {
+errors: [],
+// Options
+minChar: 8,
+bootstrap3: false,
+errorMessages: {
+password_too_short: 'The Password is too short',
+email_as_password: 'Do not use your email as your password',
+same_as_username: 'Your password cannot contain your username',
+repeated_character: 'The password should not contain repetitions',
+no_character_classes: 'Use different character classes'
+},
+scores: [17, 26, 40, 50],
+verdicts: ["Weak", "Normal", "Medium", "Strong", "Very Strong"],
+showVerdicts: true,
+showVerdictsInitially: false,
+raisePower: 1.4,
+usernameField: "#username",
+onLoad: undefined,
+onKeyUp: undefined,
+container: undefined,
+viewports: {
+progress: undefined,
+verdict: undefined,
+errors: undefined
+},
+// Rules stuff
+ruleScores: {
+wordNotEmail: -100,
+wordLength: -100,
+wordSimilarToUsername: -100,
+wordRepetition: -30,
+wordLowercase: 1,
+wordUppercase: 3,
+wordOneNumber: 3,
+wordThreeNumbers: 5,
+wordOneSpecialChar: 3,
+wordTwoSpecialChar: 5,
+wordUpperLowerCombo: 2,
+wordLetterNumberCombo: 2,
