fixup! [IMP] password_security: add flag to enable/disable password security policy

ajaniszewska-dev · ajaniszewska-dev · commit a3c10d292778 · 2023-03-20T15:20:42.000+01:00
diff --git a/password_security/models/res_company.py b/password_security/models/res_company.py
@@ -10,7 +10,7 @@ class ResCompany(models.Model):
     _inherit = "res.company"
 
     password_policy_enabled = fields.Boolean(default=False)
-
+    
     password_expiration = fields.Integer(
         "Days",
         default=60,
diff --git a/password_security/models/res_users.py b/password_security/models/res_users.py
@@ -46,7 +46,7 @@ def create(self, vals):
         return super(ResUsers, self).create(vals)
 
     def write(self, vals):
-        if vals.get("password"):
+        if vals.get("password") and self.env.user.company_id.password_policy_enabled:
             self._check_password(vals["password"])
             vals["password_write_date"] = fields.Datetime.now()
         return super(ResUsers, self).write(vals)
@@ -55,16 +55,17 @@ def write(self, vals):
     def get_password_policy(self):
         data = super(ResUsers, self).get_password_policy()
         company_id = self.env.user.company_id
-        data.update(
-            {
-                "password_lower": company_id.password_lower,
-                "password_upper": company_id.password_upper,
-                "password_numeric": company_id.password_numeric,
-                "password_special": company_id.password_special,
-                "password_length": company_id.password_length,
-                "password_estimate": company_id.password_estimate,
-            }
-        )
+        if company_id.password_policy_enabled:
+            data.update(
+                {
+                    "password_lower": company_id.password_lower,
+                    "password_upper": company_id.password_upper,
+                    "password_numeric": company_id.password_numeric,
+                    "password_special": company_id.password_special,
+                    "password_length": company_id.password_length,
+                    "password_estimate": company_id.password_estimate,
+                }
+            )
         return data
 
     def _check_password_policy(self, passwords):
@@ -124,20 +125,21 @@ def _check_password_rules(self, password):
         if not password:
             return True
         company_id = self.company_id
-        password_regex = [
-            "^",
-            "(?=.*?[a-z]){" + str(company_id.password_lower) + ",}",
-            "(?=.*?[A-Z]){" + str(company_id.password_upper) + ",}",
-            "(?=.*?\\d){" + str(company_id.password_numeric) + ",}",
-            r"(?=.*?[\W_]){" + str(company_id.password_special) + ",}",
-            ".{%d,}$" % int(company_id.password_length),
-        ]
-        if not re.search("".join(password_regex), password):
-            raise ValidationError(self.password_match_message())
-
-        estimation = self.get_estimation(password)
-        if estimation["score"] < company_id.password_estimate:
-            raise UserError(estimation["feedback"]["warning"])
+        if company_id.password_policy_enabled:
+            password_regex = [
+                "^",
+                "(?=.*?[a-z]){" + str(company_id.password_lower) + ",}",
+                "(?=.*?[A-Z]){" + str(company_id.password_upper) + ",}",
+                "(?=.*?\\d){" + str(company_id.password_numeric) + ",}",
+                r"(?=.*?[\W_]){" + str(company_id.password_special) + ",}",
+                ".{%d,}$" % int(company_id.password_length),
+            ]
+            if not re.search("".join(password_regex), password):
+                raise ValidationError(self.password_match_message())
+
+            estimation = self.get_estimation(password)
+            if estimation["score"] < company_id.password_estimate:
+                raise UserError(estimation["feedback"]["warning"])
 
         return True
 
diff --git a/password_security/tests/test_res_users.py b/password_security/tests/test_res_users.py
@@ -17,6 +17,7 @@ def setUpClass(cls):
         }
         cls.password = "asdQWE123$%^"
         cls.main_comp = cls.env.ref("base.main_company")
+        cls.main_comp.password_policy_enabled = True
         cls.vals = {
             "name": "User",
             "login": cls.login,
diff --git a/password_security/views/res_config_settings_views.xml b/password_security/views/res_config_settings_views.xml
@@ -26,17 +26,11 @@
                             <div class="mt16">
                                 <span>
                                     Password policy enabled
-                                    <field
-                                        name="password_policy_enabled"
-                                        class="oe_inline"
-                                    />
+                                    <field name="password_policy_enabled" class="oe_inline"/>
                                 </span>
                             </div>
                         </div>
-                        <div
-                            class="content-group"
-                            attrs="{'invisible': [('password_policy_enabled','=', False)]}"
-                        >
+                        <div class="content-group" attrs="{'invisible': [('password_policy_enabled','=', False)]}">
                             <div class="mt16">
                                 <span>
                                     Password expires in

Original file line number	Diff line number	Diff line change
`@@ -17,6 +17,7 @@ def setUpClass(cls):`
`17`	`17`	`}`
`18`	`18`	`cls.password = "asdQWE123$%^"`
`19`	`19`	`cls.main_comp = cls.env.ref("base.main_company")`
	`20`	`+ cls.main_comp.password_policy_enabled = True`
`20`	`21`	`cls.vals = {`
`21`	`22`	`"name": "User",`
`22`	`23`	`"login": cls.login,`