jikimo/test
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

密码策略模块测试

Browse Source
This commit is contained in:
qihao.gong@jikimo.com
2023-07-10 17:33:06 +08:00
parent 1502336286
commit 3544c6a957
98 changed files with 25413 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

BIN
password_security/static/description/icon.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 9.2 KiB

523
password_security/static/description/index.html Normal file
View File

@@ -0,0 +1,523 @@
<?xml version="1.0" encoding="utf-8" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="generator" content="Docutils 0.15.1: http://docutils.sourceforge.net/" />
<title>Password Security</title>
<style type="text/css">
/*
:Author: David Goodger (goodger@python.org)
:Id: $Id: html4css1.css 7952 2016-07-26 18:15:59Z milde $
:Copyright: This stylesheet has been placed in the public domain.
Default cascading style sheet for the HTML output of Docutils.
See http://docutils.sf.net/docs/howto/html-stylesheets.html for how to
customize this style sheet.
*/
/* used to remove borders from tables and images */
.borderless, table.borderless td, table.borderless th {
border: 0 }
table.borderless td, table.borderless th {
/* Override padding for "table.docutils td" with "! important".
The right padding separates the table cells. */
padding: 0 0.5em 0 0 ! important }
.first {
/* Override more specific margin styles with "! important". */
margin-top: 0 ! important }
.last, .with-subtitle {
margin-bottom: 0 ! important }
.hidden {
display: none }
.subscript {
vertical-align: sub;
font-size: smaller }
.superscript {
vertical-align: super;
font-size: smaller }
a.toc-backref {
text-decoration: none ;
color: black }
blockquote.epigraph {
margin: 2em 5em ; }
dl.docutils dd {
margin-bottom: 0.5em }
object[type="image/svg+xml"], object[type="application/x-shockwave-flash"] {
overflow: hidden;
}
/* Uncomment (and remove this text!) to get bold-faced definition list terms
dl.docutils dt {
font-weight: bold }
*/
div.abstract {
margin: 2em 5em }
div.abstract p.topic-title {
font-weight: bold ;
text-align: center }
div.admonition, div.attention, div.caution, div.danger, div.error,
div.hint, div.important, div.note, div.tip, div.warning {
margin: 2em ;
border: medium outset ;
padding: 1em }
div.admonition p.admonition-title, div.hint p.admonition-title,
div.important p.admonition-title, div.note p.admonition-title,
div.tip p.admonition-title {
font-weight: bold ;
font-family: sans-serif }
div.attention p.admonition-title, div.caution p.admonition-title,
div.danger p.admonition-title, div.error p.admonition-title,
div.warning p.admonition-title, .code .error {
color: red ;
font-weight: bold ;
font-family: sans-serif }
/* Uncomment (and remove this text!) to get reduced vertical space in
compound paragraphs.
div.compound .compound-first, div.compound .compound-middle {
margin-bottom: 0.5em }
div.compound .compound-last, div.compound .compound-middle {
margin-top: 0.5em }
*/
div.dedication {
margin: 2em 5em ;
text-align: center ;
font-style: italic }
div.dedication p.topic-title {
font-weight: bold ;
font-style: normal }
div.figure {
margin-left: 2em ;
margin-right: 2em }
div.footer, div.header {
clear: both;
font-size: smaller }
div.line-block {
display: block ;
margin-top: 1em ;
margin-bottom: 1em }
div.line-block div.line-block {
margin-top: 0 ;
margin-bottom: 0 ;
margin-left: 1.5em }
div.sidebar {
margin: 0 0 0.5em 1em ;
border: medium outset ;
padding: 1em ;
background-color: #ffffee ;
width: 40% ;
float: right ;
clear: right }
div.sidebar p.rubric {
font-family: sans-serif ;
font-size: medium }
div.system-messages {
margin: 5em }
div.system-messages h1 {
color: red }
div.system-message {
border: medium outset ;
padding: 1em }
div.system-message p.system-message-title {
color: red ;
font-weight: bold }
div.topic {
margin: 2em }
h1.section-subtitle, h2.section-subtitle, h3.section-subtitle,
h4.section-subtitle, h5.section-subtitle, h6.section-subtitle {
margin-top: 0.4em }
h1.title {
text-align: center }
h2.subtitle {
text-align: center }
hr.docutils {
width: 75% }
img.align-left, .figure.align-left, object.align-left, table.align-left {
clear: left ;
float: left ;
margin-right: 1em }
img.align-right, .figure.align-right, object.align-right, table.align-right {
clear: right ;
float: right ;
margin-left: 1em }
img.align-center, .figure.align-center, object.align-center {
display: block;
margin-left: auto;
margin-right: auto;
}
table.align-center {
margin-left: auto;
margin-right: auto;
}
.align-left {
text-align: left }
.align-center {
clear: both ;
text-align: center }
.align-right {
text-align: right }
/* reset inner alignment in figures */
div.align-right {
text-align: inherit }
/* div.align-center * { */
/* text-align: left } */
.align-top {
vertical-align: top }
.align-middle {
vertical-align: middle }
.align-bottom {
vertical-align: bottom }
ol.simple, ul.simple {
margin-bottom: 1em }
ol.arabic {
list-style: decimal }
ol.loweralpha {
list-style: lower-alpha }
ol.upperalpha {
list-style: upper-alpha }
ol.lowerroman {
list-style: lower-roman }
ol.upperroman {
list-style: upper-roman }
p.attribution {
text-align: right ;
margin-left: 50% }
p.caption {
font-style: italic }
p.credits {
font-style: italic ;
font-size: smaller }
p.label {
white-space: nowrap }
p.rubric {
font-weight: bold ;
font-size: larger ;
color: maroon ;
text-align: center }
p.sidebar-title {
font-family: sans-serif ;
font-weight: bold ;
font-size: larger }
p.sidebar-subtitle {
font-family: sans-serif ;
font-weight: bold }
p.topic-title {
font-weight: bold }
pre.address {
margin-bottom: 0 ;
margin-top: 0 ;
font: inherit }
pre.literal-block, pre.doctest-block, pre.math, pre.code {
margin-left: 2em ;
margin-right: 2em }
pre.code .ln { color: grey; } /* line numbers */
pre.code, code { background-color: #eeeeee }
pre.code .comment, code .comment { color: #5C6576 }
pre.code .keyword, code .keyword { color: #3B0D06; font-weight: bold }
pre.code .literal.string, code .literal.string { color: #0C5404 }
pre.code .name.builtin, code .name.builtin { color: #352B84 }
pre.code .deleted, code .deleted { background-color: #DEB0A1}
pre.code .inserted, code .inserted { background-color: #A3D289}
span.classifier {
font-family: sans-serif ;
font-style: oblique }
span.classifier-delimiter {
font-family: sans-serif ;
font-weight: bold }
span.interpreted {
font-family: sans-serif }
span.option {
white-space: nowrap }
span.pre {
white-space: pre }
span.problematic {
color: red }
span.section-subtitle {
/* font-size relative to parent (h1..h6 element) */
font-size: 80% }
table.citation {
border-left: solid 1px gray;
margin-left: 1px }
table.docinfo {
margin: 2em 4em }
table.docutils {
margin-top: 0.5em ;
margin-bottom: 0.5em }
table.footnote {
border-left: solid 1px black;
margin-left: 1px }
table.docutils td, table.docutils th,
table.docinfo td, table.docinfo th {
padding-left: 0.5em ;
padding-right: 0.5em ;
vertical-align: top }
table.docutils th.field-name, table.docinfo th.docinfo-name {
font-weight: bold ;
text-align: left ;
white-space: nowrap ;
padding-left: 0 }
/* "booktabs" style (no vertical lines) */
table.docutils.booktabs {
border: 0px;
border-top: 2px solid;
border-bottom: 2px solid;
border-collapse: collapse;
}
table.docutils.booktabs * {
border: 0px;
}
table.docutils.booktabs th {
border-bottom: thin solid;
text-align: left;
}
h1 tt.docutils, h2 tt.docutils, h3 tt.docutils,
h4 tt.docutils, h5 tt.docutils, h6 tt.docutils {
font-size: 100% }
ul.auto-toc {
list-style-type: none }
</style>
</head>
<body>
<div class="document" id="password-security">
<h1 class="title">Password Security</h1>
<!-- !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!! This file is generated by oca-gen-addon-readme !!
!! changes will be overwritten. !!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! -->
<p><a class="reference external" href="https://odoo-community.org/page/development-status"><img alt="Beta" src="https://img.shields.io/badge/maturity-Beta-yellow.png" /></a> <a class="reference external" href="http://www.gnu.org/licenses/lgpl-3.0-standalone.html"><img alt="License: LGPL-3" src="https://img.shields.io/badge/licence-LGPL--3-blue.png" /></a> <a class="reference external" href="https://github.com/OCA/server-auth/tree/15.0/password_security"><img alt="OCA/server-auth" src="https://img.shields.io/badge/github-OCA%2Fserver--auth-lightgray.png?logo=github" /></a> <a class="reference external" href="https://translation.odoo-community.org/projects/server-auth-15-0/server-auth-15-0-password_security"><img alt="Translate me on Weblate" src="https://img.shields.io/badge/weblate-Translate%20me-F47D42.png" /></a> <a class="reference external" href="https://runbot.odoo-community.org/runbot/251/15.0"><img alt="Try me on Runbot" src="https://img.shields.io/badge/runbot-Try%20me-875A7B.png" /></a></p>
<p>This module allows admin to set company-level password security requirements
and enforces them on the user.</p>
<p>It contains features such as</p>
<ul class="simple">
<li>Password expiration days</li>
<li>Password length requirement</li>
<li>Password minimum number of lowercase letters</li>
<li>Password minimum number of uppercase letters</li>
<li>Password minimum number of numbers</li>
<li>Password minimum number of special characters</li>
<li>Password strength estimation</li>
</ul>
<p><strong>Table of contents</strong></p>
<div class="contents local topic" id="contents">
<ul class="simple">
<li><a class="reference internal" href="#configuration" id="id1">Configuration</a></li>
<li><a class="reference internal" href="#usage" id="id2">Usage</a></li>
<li><a class="reference internal" href="#bug-tracker" id="id3">Bug Tracker</a></li>
<li><a class="reference internal" href="#credits" id="id4">Credits</a><ul>
<li><a class="reference internal" href="#authors" id="id5">Authors</a></li>
<li><a class="reference internal" href="#contributors" id="id6">Contributors</a></li>
<li><a class="reference internal" href="#maintainers" id="id7">Maintainers</a></li>
</ul>
</li>
</ul>
</div>
<div class="section" id="configuration">
<h1><a class="toc-backref" href="#id1">Configuration</a></h1>
<p>Navigate to General Settings under Configuration
Scroll down to the <tt class="docutils literal">Password Policy</tt> section
Set the policies to your liking.</p>
<p>Password complexity requirements will be enforced upon next password change for
any user in that company.</p>
<p><strong>Settings &amp; Defaults</strong></p>
<p>These are defined at the company level:</p>
<table border="1" class="docutils">
<colgroup>
<col width="26%" />
<col width="9%" />
<col width="66%" />
</colgroup>
<thead valign="bottom">
<tr><th class="head">Name</th>
<th class="head">Default</th>
<th class="head">Description</th>
</tr>
</thead>
<tbody valign="top">
<tr><td>password_expiration</td>
<td>60</td>
<td>Days until passwords expire</td>
</tr>
<tr><td>password_length</td>
<td>12</td>
<td>Minimum number of characters in password</td>
</tr>
<tr><td>password_lower</td>
<td>0</td>
<td>Minimum number of lowercase letter in password</td>
</tr>
<tr><td>password_upper</td>
<td>0</td>
<td>Minimum number of uppercase letters in password</td>
</tr>
<tr><td>password_numeric</td>
<td>0</td>
<td>Minimum number of number in password</td>
</tr>
<tr><td>password_special</td>
<td>0</td>
<td>Minimum number of unique special character in password</td>
</tr>
<tr><td>password_history</td>
<td>30</td>
<td>Disallow reuse of this many previous passwords</td>
</tr>
<tr><td>password_minimum</td>
<td>24</td>
<td>Amount of hours that must pass until another reset</td>
</tr>
<tr><td>password_estimate</td>
<td>3</td>
<td>Required score for the strength estimation.</td>
</tr>
</tbody>
</table>
</div>
<div class="section" id="usage">
<h1><a class="toc-backref" href="#id2">Usage</a></h1>
<p>Configure using above instructions for each company that should have password
security mandates.</p>
</div>
<div class="section" id="bug-tracker">
<h1><a class="toc-backref" href="#id3">Bug Tracker</a></h1>
<p>Bugs are tracked on <a class="reference external" href="https://github.com/OCA/server-auth/issues">GitHub Issues</a>.
In case of trouble, please check there if your issue has already been reported.
If you spotted it first, help us smashing it by providing a detailed and welcomed
<a class="reference external" href="https://github.com/OCA/server-auth/issues/new?body=module:%20password_security%0Aversion:%2015.0%0A%0A**Steps%20to%20reproduce**%0A-%20...%0A%0A**Current%20behavior**%0A%0A**Expected%20behavior**">feedback</a>.</p>
<p>Do not contact contributors directly about support or help with technical issues.</p>
</div>
<div class="section" id="credits">
<h1><a class="toc-backref" href="#id4">Credits</a></h1>
<div class="section" id="authors">
<h2><a class="toc-backref" href="#id5">Authors</a></h2>
<ul class="simple">
<li>LasLabs</li>
<li>Kaushal Prajapati</li>
<li>Tecnativa</li>
<li>initOS GmbH</li>
<li>Omar Nasr</li>
</ul>
</div>
<div class="section" id="contributors">
<h2><a class="toc-backref" href="#id6">Contributors</a></h2>
<ul>
<li><p class="first">James Foster &lt;<a class="reference external" href="mailto:jfoster&#64;laslabs.com">jfoster&#64;laslabs.com</a>&gt;</p>
</li>
<li><p class="first">Dave Lasley &lt;<a class="reference external" href="mailto:dave&#64;laslabs.com">dave&#64;laslabs.com</a>&gt;</p>
</li>
<li><p class="first">Kaushal Prajapati &lt;<a class="reference external" href="mailto:kbprajapati&#64;live.com">kbprajapati&#64;live.com</a>&gt;</p>
</li>
<li><p class="first">Petar Najman &lt;<a class="reference external" href="mailto:petar.najman&#64;modoolar.com">petar.najman&#64;modoolar.com</a>&gt;</p>
</li>
<li><p class="first">Shepilov Vladislav &lt;<a class="reference external" href="mailto:shepilov.v&#64;protonmail.com">shepilov.v&#64;protonmail.com</a>&gt;</p>
</li>
<li><p class="first">Florian Kantelberg &lt;<a class="reference external" href="mailto:florian.kantelberg&#64;initos.com">florian.kantelberg&#64;initos.com</a>&gt;</p>
</li>
<li><p class="first">Dhara Solanki &lt;<a class="reference external" href="mailto:dhara.solanki&#64;initos.com">dhara.solanki&#64;initos.com</a>&gt;</p>
</li>
<li><p class="first"><a class="reference external" href="https://opensourceintegrators.com">Open Source Integrators</a></p>
<blockquote>
<ul class="simple">
<li>Chandresh Thakkar &lt;<a class="reference external" href="mailto:cthakkar&#64;opensourceintegrators.com">cthakkar&#64;opensourceintegrators.com</a>&gt;</li>
<li>Daniel Reis &lt;<a class="reference external" href="mailto:dreis&#64;opensourceintegrators.com">dreis&#64;opensourceintegrators.com</a>&gt;</li>
</ul>
</blockquote>
</li>
</ul>
</div>
<div class="section" id="maintainers">
<h2><a class="toc-backref" href="#id7">Maintainers</a></h2>
<p>This module is maintained by the OCA.</p>
<a class="reference external image-reference" href="https://odoo-community.org"><img alt="Odoo Community Association" src="https://odoo-community.org/logo.png" /></a>
<p>OCA, or the Odoo Community Association, is a nonprofit organization whose
mission is to support the collaborative development of Odoo features and
promote its widespread use.</p>
<p>This module is part of the <a class="reference external" href="https://github.com/OCA/server-auth/tree/15.0/password_security">OCA/server-auth</a> project on GitHub.</p>
<p>You are welcome to contribute. To learn how please visit <a class="reference external" href="https://odoo-community.org/page/Contribute">https://odoo-community.org/page/Contribute</a>.</p>
</div>
</div>
</div>
</body>
</html>

166
password_security/static/src/js/password_gauge.js Normal file
View File

@@ -0,0 +1,166 @@
// Copyright 2018 Modoolar <info@modoolar.com>
// License LGPL-3.0 or later (http://www.gnu.org/licenses/lgpl.html).
odoo.define("password_security.policy", function (require) {
"use strict";
var core = require("web.core");
var _t = core._t;
var auth_password_policy = require("auth_password_policy");
var Policy = auth_password_policy.Policy;
var zxcvbn = window.zxcvbn;
Policy.include({
/**
*
* @param {Object} info
* @param {Number} [info.password_length=4]
* @param {Number} [info.password_lower]
* @param {Number} [info.password_upper]
* @param {Number} [info.password_numeric]
* @param {Number} [info.password_special]
* @param {Number} [info.password_estimate=3]
*/
init: function (info) {
this._super(info);
this._password_length = info.password_length || 4;
this._password_lower = info.password_lower;
this._password_upper = info.password_upper;
this._password_numeric = info.password_numeric;
this._password_special = info.password_special;
this._password_estimate = info.password_estimate || 3;
},
toString: function () {
var msgs = [];
if (this._password_length > 0) {
msgs.push(
_.str.sprintf(_t("at least %d characters"), this._password_length)
);
}
if (this._password_lower > 0) {
msgs.push(
_.str.sprintf(
_t("at least %d lower case characters"),
this._password_lower
)
);
}
if (this._password_upper > 0) {
msgs.push(
_.str.sprintf(
_t("at least %d upper case characters"),
this._password_upper
)
);
}
if (this._password_numeric > 0) {
msgs.push(
_.str.sprintf(
_t("at least %d numeric characters"),
this._password_numeric
)
);
}
if (this._password_special > 0) {
msgs.push(
_.str.sprintf(
_t("at least %d special characters"),
this._password_special
)
);
}
return msgs.join(", ");
},
_calculate_password_score: function (pattern, min_count, password) {
if (!min_count) {
return 1.0;
}
var matchMinCount = new RegExp(
"(.*" + pattern + ".*){" + min_count + ",}",
"g"
).exec(password);
if (matchMinCount === null) {
return 0;
}
var count = 0;
var regExp = new RegExp(pattern, "g");
while (regExp.exec(password) !== null) {
count++;
}
return Math.min(count / min_count, 1.0);
},
_estimate: function (password) {
return Math.min(zxcvbn(password).score / 4.0, 1.0);
},
score: function (password) {
var lengthscore = Math.min(password.length / this._password_length, 1.0);
var loverscore = this._calculate_password_score(
"[a-z]",
this._password_lower,
password
);
var upperscore = this._calculate_password_score(
"[A-Z]",
this._password_upper,
password
);
var numericscore = this._calculate_password_score(
"\\d",
this._password_numeric,
password
);
var specialscore = this._calculate_password_score(
"[\\W_]",
this._password_special,
password
);
var estimatescore = this._estimate(password);
return (
lengthscore *
loverscore *
upperscore *
numericscore *
specialscore *
estimatescore
);
},
});
var recommendations = {
score: auth_password_policy.recommendations.score,
policies: [
new Policy({
password_length: 12,
password_upper: 3,
password_lower: 3,
password_numeric: 3,
password_special: 3,
password_estimate: 3,
}),
new Policy({
password_length: 16,
password_upper: 4,
password_lower: 4,
password_numeric: 4,
password_special: 4,
password_estimate: 4,
}),
],
};
auth_password_policy.recommendations = recommendations;
});

41
password_security/static/src/js/signup_policy.js Normal file
View File

@@ -0,0 +1,41 @@
// Copyright 2018 Modoolar <info@modoolar.com>
// License LGPL-3.0 or later (http://www.gnu.org/licenses/lgpl.html).
odoo.define("password_security.signup.policy", function (require) {
"use strict";
var base = require("web_editor.base");
var policy = require("auth_password_policy");
var PasswordMeter = require("auth_password_policy.Meter");
base.ready().then(function () {
var $signupForm = $(".oe_signup_form, .oe_reset_password_form");
if (!$signupForm.length) {
return;
}
var $password = $signupForm.find("#password");
var password_length = Number($password.attr("password_length"));
var password_lower = Number($password.attr("password_lower"));
var password_upper = Number($password.attr("password_upper"));
var password_numeric = Number($password.attr("password_numeric"));
var password_special = Number($password.attr("password_special"));
var password_estimate = Number($password.attr("password_estimate"));
var meter = new PasswordMeter(
null,
new policy.Policy({
password_length: password_length,
password_lower: password_lower,
password_upper: password_upper,
password_numeric: password_numeric,
password_special: password_special,
password_estimate: password_estimate,
}),
policy.recommendations
);
meter.insertAfter($password);
$password.on("input", function () {
meter.update($password.val());
});
});
});

39
password_security/static/tests/auth_password_policy_tests.js Normal file
View File

@@ -0,0 +1,39 @@
odoo.define("password_security.auth_password_policy_tests", function (require) {
"use strict";
/* global QUnit */
var Policy = require("auth_password_policy").Policy;
QUnit.module("auth_password_policy", {}, function () {
QUnit.test("Policy.score", async function (assert) {
var info = {
password_length: 4,
password_upper: 1,
password_lower: 1,
password_numeric: 1,
password_special: 1,
password_estimate: 3,
};
var base = new Policy(info);
assert.ok(base.score("aB3!") > 0, "pass: " + base.toString());
var policy = new Policy(_.extend({}, info, {password_lower: 0}));
assert.ok(policy.score("AB3!") > 0, "pass: " + policy.toString());
assert.equal(base.score("AB3!"), 0, "fail: " + base.toString());
policy = new Policy(_.extend({}, info, {password_numeric: 0}));
assert.ok(policy.score("aBc!") > 0, "pass: " + policy.toString());
assert.equal(base.score("aBc!"), 0, "fail: " + base.toString());
policy = new Policy(_.extend({}, info, {password_special: 0}));
assert.ok(policy.score("aB3d") > 0, "pass: " + policy.toString());
assert.equal(base.score("aB3d"), 0, "fail: " + base.toString());
policy = new Policy(_.extend({}, info, {password_upper: 0}));
assert.ok(policy.score("ab3!") > 0, "pass: " + policy.toString());
assert.equal(base.score("ab3!"), 0, "fail: " + base.toString());
});
});
});