Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Also limit the password length on reset #35965

Merged
merged 1 commit into from
Jan 4, 2023
Merged

Also limit the password length on reset #35965

merged 1 commit into from
Jan 4, 2023

Conversation

nickvergessen
Copy link
Member

Ref #33110

Checklist

@nickvergessen nickvergessen added this to the Nextcloud 26 milestone Jan 3, 2023
@nickvergessen nickvergessen requested a review from a team January 3, 2023 15:42
@nickvergessen nickvergessen self-assigned this Jan 3, 2023
@nickvergessen nickvergessen requested review from ArtificialOwl, icewind1991, blizzz, come-nc and PVince81 and removed request for a team January 3, 2023 15:42
@nickvergessen
Copy link
Member Author

/backport to stable25

come-nc
come-nc approved these changes Jan 3, 2023
View reviewed changes
core/Controller/LostController.php
@@ -240,6 +240,10 @@ public function setPassword(string $token, string $userId, string $password, boo
$this->eventDispatcher->dispatchTyped(new BeforePasswordResetEvent($user, $password));
\OC_Hook::emit('\OC\Core\LostPassword\Controller\LostController', 'pre_passwordReset', ['uid' => $userId, 'password' => $password]);

if (strlen($password) > 469) {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Magic number? We have no constant/config for this?

Copy link
Member Author

@nickvergessen nickvergessen Jan 3, 2023
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Magic number for now due to upcoming release and necessary backport.
But yeah it yields for a const.

Scheduled myself a todo for next week

Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good to me.
Is the issue fixed or can I collabrate to fix this issue?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

PR at #35981

PVince81
PVince81 approved these changes Jan 3, 2023
View reviewed changes
Copy link
Member

@PVince81 PVince81 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

👍

@PVince81 PVince81 added 4. to release Ready to be released and/or waiting for tests to finish and removed 3. to review Waiting for reviews labels Jan 3, 2023
Aditya-Karbhari
Aditya-Karbhari reviewed Jan 3, 2023
View reviewed changes
Copy link

@Aditya-Karbhari Aditya-Karbhari left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

New change in code is fine to me.👍

@nickvergessen nickvergessen merged commit ce50acd into master Jan 4, 2023
@nickvergessen nickvergessen deleted the bugfix/noid/limit-length-when-reseting-password branch January 4, 2023 08:51
@backportbot-nextcloud backportbot-nextcloud bot mentioned this pull request Jan 4, 2023
Merged
@nickvergessen nickvergessen mentioned this pull request Jan 4, 2023
Merged
4 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Aditya-Karbhari Aditya-Karbhari Aditya-Karbhari left review comments

@PVince81 PVince81 PVince81 approved these changes

@come-nc come-nc come-nc approved these changes

@ArtificialOwl ArtificialOwl Awaiting requested review from ArtificialOwl ArtificialOwl was automatically assigned from nextcloud/server-backend

@icewind1991 icewind1991 Awaiting requested review from icewind1991 icewind1991 was automatically assigned from nextcloud/server-backend

@blizzz blizzz Awaiting requested review from blizzz blizzz was automatically assigned from nextcloud/server-backend

Assignees

@nickvergessen nickvergessen

Labels
4. to release Ready to be released and/or waiting for tests to finish bug feature: users and groups
Projects
None yet
Milestone
Nextcloud 26
Development

Successfully merging this pull request may close these issues.
4 participants
@nickvergessen @PVince81 @come-nc @Aditya-Karbhari