diff --git a/app/api/repp/api.rb b/app/api/repp/api.rb index 7858cd625..e5bda46f5 100644 --- a/app/api/repp/api.rb +++ b/app/api/repp/api.rb @@ -4,7 +4,7 @@ module Repp prefix :repp http_basic do |username, password| - @current_user ||= ApiUser.find_by(username: username, password: password) + @current_user ||= ApiUser.find_by(username: username, plain_text_password: password) if @current_user true else diff --git a/app/controllers/admin/api_users_controller.rb b/app/controllers/admin/api_users_controller.rb index 84344c2e9..7f6eb1a3d 100644 --- a/app/controllers/admin/api_users_controller.rb +++ b/app/controllers/admin/api_users_controller.rb @@ -32,7 +32,7 @@ module Admin end def update - params[:api_user].delete(:password) if params[:api_user][:password].blank? + params[:api_user].delete(:plain_text_password) if params[:api_user][:plain_text_password].blank? if @api_user.update(api_user_params) flash[:notice] = I18n.t('record_updated') redirect_to [:admin, @api_user] @@ -59,7 +59,7 @@ module Admin end def api_user_params - params.require(:api_user).permit(:username, :password, :active, + params.require(:api_user).permit(:username, :plain_text_password, :active, :registrar_id, :registrar_typeahead, :identity_code, { roles: [] }) end diff --git a/app/controllers/epp/sessions_controller.rb b/app/controllers/epp/sessions_controller.rb index e3e9f3114..05bbba9a8 100644 --- a/app/controllers/epp/sessions_controller.rb +++ b/app/controllers/epp/sessions_controller.rb @@ -81,7 +81,7 @@ class Epp::SessionsController < EppController if success if params[:parsed_frame].css('newPW').first - unless @api_user.update(password: params[:parsed_frame].css('newPW').first.text) + unless @api_user.update(plain_text_password: params[:parsed_frame].css('newPW').first.text) response.headers['X-EPP-Returncode'] = '2500' handle_errors(@api_user) and return end @@ -128,7 +128,7 @@ class Epp::SessionsController < EppController def login_params user = params[:parsed_frame].css('clID').first.text pw = params[:parsed_frame].css('pw').first.text - { username: user, password: pw } + { username: user, plain_text_password: pw } end private diff --git a/app/controllers/registrar/depp_controller.rb b/app/controllers/registrar/depp_controller.rb index 87269b160..70fb01c4a 100644 --- a/app/controllers/registrar/depp_controller.rb +++ b/app/controllers/registrar/depp_controller.rb @@ -22,7 +22,7 @@ class Registrar return nil unless current_registrar_user @depp_current_user ||= Depp::User.new( tag: current_registrar_user.username, - password: current_registrar_user.password + password: current_registrar_user.plain_text_password ) end diff --git a/app/controllers/registrar/domain_transfers_controller.rb b/app/controllers/registrar/domain_transfers_controller.rb index f65f3cece..71cbb306d 100644 --- a/app/controllers/registrar/domain_transfers_controller.rb +++ b/app/controllers/registrar/domain_transfers_controller.rb @@ -21,7 +21,7 @@ class Registrar uri = URI.parse("#{ENV['repp_url']}domain_transfers") request = Net::HTTP::Post.new(uri, 'Content-Type' => 'application/json') request.body = { data: { domainTransfers: domain_transfers } }.to_json - request.basic_auth(current_registrar_user.username, current_registrar_user.password) + request.basic_auth(current_registrar_user.username, current_registrar_user.plain_text_password) if Rails.env.test? diff --git a/app/controllers/registrar/nameservers_controller.rb b/app/controllers/registrar/nameservers_controller.rb index 31a047d2f..af2e00f7f 100644 --- a/app/controllers/registrar/nameservers_controller.rb +++ b/app/controllers/registrar/nameservers_controller.rb @@ -12,7 +12,7 @@ class Registrar attributes: { hostname: params[:new_hostname], ipv4: ipv4, ipv6: ipv6 } } }.to_json - request.basic_auth(current_registrar_user.username, current_registrar_user.password) + request.basic_auth(current_registrar_user.username, current_registrar_user.plain_text_password) if Rails.env.test? response = Net::HTTP.start(uri.hostname, uri.port, diff --git a/app/controllers/registrar/sessions_controller.rb b/app/controllers/registrar/sessions_controller.rb index d7a690752..a600869f8 100644 --- a/app/controllers/registrar/sessions_controller.rb +++ b/app/controllers/registrar/sessions_controller.rb @@ -26,7 +26,8 @@ class Registrar @depp_user.errors.add(:base, :webserver_client_cert_directive_should_be_required) end - @api_user = ApiUser.find_by(username: params[:depp_user][:tag], password: params[:depp_user][:password]) + @api_user = ApiUser.find_by(username: params[:depp_user][:tag], + plain_text_password: params[:depp_user][:password]) unless @api_user @depp_user.errors.add(:base, t(:no_such_user)) diff --git a/app/controllers/registrar/tech_contacts_controller.rb b/app/controllers/registrar/tech_contacts_controller.rb index fe3dd86da..22d667a41 100644 --- a/app/controllers/registrar/tech_contacts_controller.rb +++ b/app/controllers/registrar/tech_contacts_controller.rb @@ -8,7 +8,7 @@ class Registrar request = Net::HTTP::Patch.new(uri) request.set_form_data(current_contact_id: params[:current_contact_id], new_contact_id: params[:new_contact_id]) - request.basic_auth(current_registrar_user.username, current_registrar_user.password) + request.basic_auth(current_registrar_user.username, current_registrar_user.plain_text_password) if Rails.env.test? response = Net::HTTP.start(uri.hostname, uri.port, diff --git a/app/models/api_user.rb b/app/models/api_user.rb index 378292076..da3497dd8 100644 --- a/app/models/api_user.rb +++ b/app/models/api_user.rb @@ -7,7 +7,7 @@ class ApiUser < User def epp_code_map { '2306' => [ # Parameter policy error - [:password, :blank] + [:plain_text_password, :blank] ] } end @@ -20,8 +20,8 @@ class ApiUser < User belongs_to :registrar has_many :certificates - validates :username, :password, :registrar, :roles, presence: true - validates :password, length: { minimum: min_password_length } + validates :username, :plain_text_password, :registrar, :roles, presence: true + validates :plain_text_password, length: { minimum: min_password_length } validates :username, uniqueness: true delegate :code, :name, to: :registrar, prefix: true diff --git a/app/views/admin/api_users/_form.haml b/app/views/admin/api_users/_form.haml index 9a26b9fc8..2e837b22a 100644 --- a/app/views/admin/api_users/_form.haml +++ b/app/views/admin/api_users/_form.haml @@ -13,7 +13,7 @@ .col-md-4.control-label = f.label :password, nil, class: 'required' .col-md-7 - = f.text_field :password, required: true, class: 'form-control' + = f.text_field :plain_text_password, required: true, class: 'form-control' .form-group .col-md-4.control-label diff --git a/app/views/admin/api_users/show.haml b/app/views/admin/api_users/show.haml index 00e562c6d..2e13445d1 100644 --- a/app/views/admin/api_users/show.haml +++ b/app/views/admin/api_users/show.haml @@ -21,7 +21,7 @@ %dd= @api_user.username %dt= t(:password) - %dd= @api_user.password + %dd= @api_user.plain_text_password %dt= t(:registrar_name) %dd= link_to(@api_user.registrar, admin_registrar_path(@api_user.registrar)) diff --git a/db/migrate/20180713154915_rename_users_password_to_plain_text_password.rb b/db/migrate/20180713154915_rename_users_password_to_plain_text_password.rb new file mode 100644 index 000000000..9636d69bf --- /dev/null +++ b/db/migrate/20180713154915_rename_users_password_to_plain_text_password.rb @@ -0,0 +1,5 @@ +class RenameUsersPasswordToPlainTextPassword < ActiveRecord::Migration + def change + rename_column :users, :password, :plain_text_password + end +end diff --git a/db/structure.sql b/db/structure.sql index b07f08000..40ae46e6d 100644 --- a/db/structure.sql +++ b/db/structure.sql @@ -2282,7 +2282,7 @@ ALTER SEQUENCE public.settings_id_seq OWNED BY public.settings.id; CREATE TABLE public.users ( id integer NOT NULL, username character varying, - password character varying, + plain_text_password character varying, created_at timestamp without time zone, updated_at timestamp without time zone, email character varying, @@ -4757,3 +4757,5 @@ INSERT INTO schema_migrations (version) VALUES ('20180613030330'); INSERT INTO schema_migrations (version) VALUES ('20180613045614'); +INSERT INTO schema_migrations (version) VALUES ('20180713154915'); + diff --git a/lib/tasks/import.rake b/lib/tasks/import.rake index 2fa67a827..a3b884935 100644 --- a/lib/tasks/import.rake +++ b/lib/tasks/import.rake @@ -145,7 +145,7 @@ namespace :import do if y.try(:cert) == 'idkaart' id_users << ApiUser.new({ username: y.try(:password) ? y.try(:password) : y.try(:password), - password: ('a'..'z').to_a.shuffle.first(8).join, + plain_text_password: ('a'..'z').to_a.shuffle.first(8).join, identity_code: y.try(:password) ? y.try(:password) : y.try(:password), registrar_id: Registrar.find_by(legacy_id: x.try(:id)).try(:id), roles: ['billing'], @@ -154,7 +154,7 @@ namespace :import do else temp << ApiUser.new({ username: x.handle.try(:strip), - password: y.try(:password) ? y.try(:password) : ('a'..'z').to_a.shuffle.first(8).join, + plain_text_password: y.try(:password) ? y.try(:password) : ('a'..'z').to_a.shuffle.first(8).join, registrar_id: Registrar.find_by(legacy_id: x.try(:id)).try(:id), roles: ['epp'], legacy_id: y.try(:id) diff --git a/spec/api/repp/contact_v1_spec.rb b/spec/api/repp/contact_v1_spec.rb index 716eb40cc..77ce38d2e 100644 --- a/spec/api/repp/contact_v1_spec.rb +++ b/spec/api/repp/contact_v1_spec.rb @@ -45,6 +45,6 @@ RSpec.describe Repp::ContactV1, db: true do end def http_auth_key - ActionController::HttpAuthentication::Basic.encode_credentials(user.username, user.password) + ActionController::HttpAuthentication::Basic.encode_credentials(user.username, user.plain_text_password) end end diff --git a/spec/factories/api_user.rb b/spec/factories/api_user.rb index a3f9623b6..01ba0f8da 100644 --- a/spec/factories/api_user.rb +++ b/spec/factories/api_user.rb @@ -1,7 +1,7 @@ FactoryBot.define do factory :api_user do sequence(:username) { |n| "test#{n}" } - password 'a' * ApiUser.min_password_length + plain_text_password 'a' * ApiUser.min_password_length roles ['super'] registrar diff --git a/spec/support/features/session_helpers.rb b/spec/support/features/session_helpers.rb index 70ebce981..1667db48c 100644 --- a/spec/support/features/session_helpers.rb +++ b/spec/support/features/session_helpers.rb @@ -13,7 +13,7 @@ module Features visit new_registrar_user_session_url fill_in 'depp_user_tag', with: user.username - fill_in 'depp_user_password', with: user.password + fill_in 'depp_user_password', with: user.plain_text_password click_button 'Login' end diff --git a/spec/support/requests/session_helpers.rb b/spec/support/requests/session_helpers.rb index 6c30c00c9..01e7ae674 100644 --- a/spec/support/requests/session_helpers.rb +++ b/spec/support/requests/session_helpers.rb @@ -5,7 +5,7 @@ module Requests end def sign_in_to_registrar_area(user: create(:api_user)) - post registrar_user_session_path, { depp_user: { tag: user.username, password: user.password } } + post registrar_user_session_path, { depp_user: { tag: user.username, password: user.plain_text_password } } end end end \ No newline at end of file diff --git a/test/fixtures/users.yml b/test/fixtures/users.yml index 494cadd24..034af0484 100644 --- a/test/fixtures/users.yml +++ b/test/fixtures/users.yml @@ -1,6 +1,6 @@ api_bestnames: username: test_bestnames - password: testtest + plain_text_password: testtest type: ApiUser registrar: bestnames active: true @@ -9,7 +9,7 @@ api_bestnames: api_goodnames: username: test_goodnames - password: testtest + plain_text_password: testtest type: ApiUser registrar: goodnames active: true