fix(generation): Fix common-password check when we accidentally hit t…

…he same password length again Signed-off-by: Joas Schilling <[email protected]>
nextcloud · Oct 23, 2024 · 5cb1705 · 5cb1705
1 parent dd419ae
commit 5cb1705
Show file tree

Hide file tree

Showing 2 changed files with 6 additions and 2 deletions.
diff --git a/lib/Validator/CommonPasswordsValidator.php b/lib/Validator/CommonPasswordsValidator.php
@@ -28,7 +28,7 @@ public function validate(string $password): void {
 		$enforceNonCommonPassword = $this->config->getEnforceNonCommonPassword();
 		$passwordFile = __DIR__ . '/../../lists/list-'.strlen($password).'.php';
 		if ($enforceNonCommonPassword && file_exists($passwordFile)) {
-			$commonPasswords = require_once $passwordFile;
+			$commonPasswords = require $passwordFile;
 			if (isset($commonPasswords[strtolower($password)])) {
 				$message = 'Password is among the 1,000,000 most common ones. Please make it unique.';
 				$message_t = $this->l->t(

diff --git a/tests/lib/Validator/CommonPasswordsValidatorTest.php b/tests/lib/Validator/CommonPasswordsValidatorTest.php
@@ -72,11 +72,15 @@ public function testValidate(string $password, bool $enforced, bool $valid) {
 	}
 
 	public function dataValidate() {
-		return [
+		$attempts = [
 			['banana', false,  true],
 			['bananabananabananabanana', false,  true],
 			['banana',  true, false],
 			['bananabananabananabanana',  true,  true],
 		];
+		for ($i = 1; $i <= 39; $i++) {
+			$attempts[] = [str_repeat('$', $i), true, true];
+		}
+		return $attempts;
 	}
 }