add messaging keystore password validation

nasark · Jul 22, 2024 · 65ac35c · 65ac35c
1 parent 4aad2c9
commit 65ac35c
Show file tree

Hide file tree

Showing 4 changed files with 15 additions and 5 deletions.
diff --git a/lib/manageiq/appliance_console/message_configuration_client.rb b/lib/manageiq/appliance_console/message_configuration_client.rb
@@ -53,7 +53,7 @@ def ask_for_parameters
         @message_truststore_path_src = ask_for_string("Message Server Truststore Path", truststore_path)
         @message_ca_cert_path_src    = ask_for_string("Message Server CA Cert Path", ca_cert_path)
         @message_keystore_username   = ask_for_string("Message Keystore Username", message_keystore_username) if secure?
-        @message_keystore_password   = ask_for_password("Message Keystore Password") if secure?
+        @message_keystore_password   = ask_for_messaging_password("Message Keystore Password") if secure?
       end
 
       def show_parameters

diff --git a/lib/manageiq/appliance_console/message_configuration_server.rb b/lib/manageiq/appliance_console/message_configuration_server.rb
@@ -71,7 +71,7 @@ def ask_for_parameters
         @message_server_host       = ask_for_messaging_hostname("Message Server Hostname", message_server_host)
 
         @message_keystore_username = ask_for_string("Message Keystore Username", message_keystore_username)
-        @message_keystore_password = ask_for_new_password("Message Keystore Password")
+        @message_keystore_password = ask_for_messaging_password("Message Keystore Password")
         @message_persistent_disk   = ask_for_persistent_disk
       end
 

diff --git a/lib/manageiq/appliance_console/prompts.rb b/lib/manageiq/appliance_console/prompts.rb
@@ -15,6 +15,7 @@ module Prompts
     NONE_REGEXP   = /^('?NONE'?)?$/i.freeze
     HOSTNAME_REGEXP = /^(([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9])\.)*([A-Za-z0-9]|[A-Za-z0-9][A-Za-z0-9\-]*[A-Za-z0-9])$/.freeze
     MESSAGING_HOSTNAME_REGEXP = /^(?!.*localhost)(([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9])\.)*([A-Za-z0-9]|[A-Za-z0-9][A-Za-z0-9\-]*[A-Za-z0-9])$/.freeze
+    MESSAGING_PASSWORD_REGEXP = /\A[a-zA-Z0-9_\-\.\$\*]+\z/.freeze
 
     def ask_for_uri(prompt, expected_scheme, opts = {})
       require 'uri'
@@ -119,7 +120,7 @@ def ask_for_password(prompt, default = nil)
       pass == "********" ? (default || "") : pass
     end
 
-    def ask_for_new_password(prompt, default: nil, allow_empty: false, retry_limit: 1, confirm_password: true)
+    def ask_for_new_password(prompt, default: nil, allow_empty: false, retry_limit: 1, confirm_password: true, validation: nil, validation_err: nil)
       count = 0
       loop do
         password1 = ask_for_password(prompt, default)
@@ -128,6 +129,11 @@ def ask_for_new_password(prompt, default: nil, allow_empty: false, retry_limit:
           next
         end
 
+        if validation && password1 !~ validation
+          say("\nPassword is invalid: #{validation_err}, please try again")
+          next
+        end
+
         return password1 if password1 == default || !confirm_password
 
         password2 = ask_for_password(prompt)
@@ -140,6 +146,10 @@ def ask_for_new_password(prompt, default: nil, allow_empty: false, retry_limit:
       end
     end
 
+    def ask_for_messaging_password(prompt)
+      ask_for_new_password(prompt, :validation => MESSAGING_PASSWORD_REGEXP, :validation_err => "allowed characters are a-z, A-Z, 0-9, -, _, ., $, and *")
+    end
+
     def ask_for_string(prompt, default = nil)
       just_ask(prompt, default)
     end

diff --git a/spec/message_configuration_client_spec.rb b/spec/message_configuration_client_spec.rb
@@ -49,7 +49,7 @@
       expect(subject).to receive(:ask_for_messaging_hostname).with("Message Server Hostname").and_return("my-host-name.example.com")
       expect(subject).to receive(:ask_for_integer).with("Message Server Port number", (1..65_535), 9_093).and_return("9093")
       expect(subject).to receive(:ask_for_string).with("Message Keystore Username", message_keystore_username).and_return("admin")
-      expect(subject).to receive(:ask_for_password).with("Message Keystore Password").and_return("top_secret")
+      expect(subject).to receive(:ask_for_messaging_password).with("Message Keystore Password").and_return("top_secret")
       expect(subject).to receive(:ask_for_string).with("Message Server Truststore Path", subject.truststore_path)
       expect(subject).to receive(:ask_for_string).with("Message Server CA Cert Path", subject.ca_cert_path)
 
@@ -65,7 +65,7 @@
       allow(subject).to receive(:ask_for_messaging_hostname).with("Message Server Hostname").and_return("my-kafka-server.example.com")
       allow(subject).to receive(:ask_for_integer).with("Message Server Port number", (1..65_535), 9_093).and_return("9093")
       allow(subject).to receive(:ask_for_string).with("Message Keystore Username", message_keystore_username).and_return("admin")
-      allow(subject).to receive(:ask_for_password).with("Message Keystore Password").and_return("top_secret")
+      allow(subject).to receive(:ask_for_messaging_password).with("Message Keystore Password").and_return("top_secret")
       allow(subject).to receive(:ask_for_string).with("Message Server Truststore Path", subject.truststore_path)
       allow(subject).to receive(:ask_for_string).with("Message Server CA Cert Path", subject.ca_cert_path)