Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

DOC Document using symfony/validator logic #590

Merged
merged 1 commit into from
Oct 2, 2024
Merged

DOC Document using symfony/validator logic #590

merged 1 commit into from
Oct 2, 2024

Conversation

GuySartorelli
Copy link
Member

@GuySartorelli GuySartorelli mentioned this pull request Sep 25, 2024
Closed
3 tasks
emteknetnz
emteknetnz requested changes Sep 27, 2024
View reviewed changes
en/02_Developer_Guides/09_Security/05_Secure_Coding.md Outdated
Comment on lines 592 to 596
You can also enforce that passwords are not repeated by setting the [`EntropyPasswordValidator.historic_count`](api:SilverStripe\Security\Validation\EntropyPasswordValidator->historic_count) configuration property:

```yml
SilverStripe\Security\Validation\EntropyPasswordValidator:
historic_count: 6
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
You can also enforce that passwords are not repeated by setting the [`EntropyPasswordValidator.historic_count`](api:SilverStripe\Security\Validation\EntropyPasswordValidator->historic_count) configuration property:
```yml
SilverStripe\Security\Validation\EntropyPasswordValidator:
historic_count: 6
You can also enforce that passwords are not repeated by setting the [`EntropyPasswordValidator.historic_count`](api:SilverStripe\Security\Validation\PasswordValidator->historic_count) configuration property:
```yml
SilverStripe\Security\Validation\PasswordValidator:
historic_count: 6

Configuration is defined on PasswordValidator, and also works if it password validator is changed to RulesPasswordValidator or a custom password validator

I assume this works if we set it on the abstract class?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It should work if set on the abstract class, yeah. Though IMO it makes more sense to set it on whichever validator is in use - i.e. you set the validation you want for the validator you want to use.

Given the sections are currently split up to discuss the individual validators, I'd like to keep the config being set for those validators - I think it'd read weirdly in a section about one validator you're setting config on its parent class.

All that said, I don't feel strongly so if you still want it changed I can change it.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'd say change it to the abstract class, as if people change the validator in the future they'll retain the historic password count config

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Done

en/08_Changelogs/6.0.0.md Show resolved Hide resolved
@GuySartorelli
Copy link
Member Author

Fixed lint failure

@emteknetnz emteknetnz merged commit 97d473e into silverstripe:6 Oct 2, 2024
3 checks passed
@emteknetnz emteknetnz deleted the pulls/6/symfony-validation branch October 2, 2024 01:38
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@emteknetnz emteknetnz emteknetnz approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@GuySartorelli @emteknetnz