HUE-7073 [backend] When user is login using LdapBackEnd, restrict certain characters from the Hue login name.

Review Request #11295 - Created Aug. 8, 2017 and updated

Information
Prakash Ranade
hue
master
HUE-7073
Reviewers
hue
enricoberti, jennykim, jgauthier, johan, krish, ranade, romain, subrata, weixia, yingc
commit f416dcc3049d7e89fe61928b3ef5421cfac2f73f
Author: Prakash Ranade <ranade@cloudera.com>
Date:   Mon Aug 14 13:41:30 2017 -0700

    HUE-7073 [backend] When user is login using LdapBackEnd, restrict certain characters from the Hue login name.
    
    When LDAPBackEnd is used we would like to prevents '(', ')' and '*' as character in login name.

:100644 100644 e4a1c69ad. d29cf06... M	desktop/core/src/desktop/auth/forms.py

  

Issues

  • 0
  • 1
  • 0
  • 1
Description From Last Updated
Romain Rigaux
Romain Rigaux
Prakash Ranade
Review request changed

Change Summary:

HUE-7073 [backend] When user is login using LdapBackEnd, restrict certain characters from the Hue login name.

Summary:

-HUE-7073 [backend] Restrict certain characters from the Hue login name.
+HUE-7073 [backend] When user is login using LdapBackEnd, restrict certain characters from the Hue login name.

Description:

~  

commit 9cd1ae3a62d860b5503e01f193868962f3e2df88

  ~

commit f416dcc3049d7e89fe61928b3ef5421cfac2f73f

    Author: Prakash Ranade ranade@cloudera.com
~   Date: Mon Aug 7 17:30:13 2017 -0700

  ~ Date: Mon Aug 14 13:41:30 2017 -0700

   
~  
HUE-7073 [backend] Restrict certain characters from the Hue login name.
  ~
HUE-7073 [backend] When user is login using LdapBackEnd, restrict certain characters from the Hue login name.
   
~  
Currently a user can login successfully with: username which contains ( or ) or * or < or > character.
  ~
When LDAPBackEnd is used we would like to prevents '(', ')' and '*' as character in login name.
-  
-  
Fix tested with hue test framework.
-  
-  
USERNAME_RE_RULE = "[^-:\s][^:\s]*" which accepts characters like <, >, (, ), / in username.
-  
change to
-  
USERNAME_RE_RULE = "[^-:<>()/\s][^:<>()*/\s]*" to block <, >, (, ), *, / in username.
-  
-  
$ ./build/env/bin/hue test specific useradmin.tests
-  
...
-  
----------------------------------------------------------------------
-  
Ran 12 tests in 9.450s
-  
-  
OK (SKIP=1)
-  
Destroying test database for alias 'default'...
-  
[07/Aug/2017 17:32:47 -0700] test         INFO     Tests (useradmin.tests) returned 0
   
   
~  

:100644 100644 b606e68... 9028b0d... M apps/useradmin/src/useradmin/forms.py

  ~

:100644 100644 e4a1c69ad. d29cf06... M desktop/core/src/desktop/auth/forms.py

-   :100644 100644 f8be1f4... eb7b7df... M apps/useradmin/src/useradmin/tests.py
-   :100644 100644 a8182b8... d693273... M desktop/core/src/desktop/lib/django_util.py

Diff:

Revision 2 (+3)

Show changes

Romain Rigaux

Nice!

Just add a test case to https://github.com/cloudera/hue/blob/master/desktop/core/src/desktop/auth/views_test.py#L134 ?

Loading...