From 306f29e72e3e286517eecd820939a5de4581d842 Mon Sep 17 00:00:00 2001 From: Christian Flothmann Date: Wed, 3 Apr 2024 20:43:45 +0200 Subject: [PATCH] set the password strength as a violation parameter --- src/Symfony/Component/Validator/CHANGELOG.md | 1 + .../Constraints/PasswordStrengthValidator.php | 1 + .../Constraints/PasswordStrengthValidatorTest.php | 10 ++++++++-- 3 files changed, 10 insertions(+), 2 deletions(-) diff --git a/src/Symfony/Component/Validator/CHANGELOG.md b/src/Symfony/Component/Validator/CHANGELOG.md index 72b08b710aa73..9cbc21d42bfdf 100644 --- a/src/Symfony/Component/Validator/CHANGELOG.md +++ b/src/Symfony/Component/Validator/CHANGELOG.md @@ -4,6 +4,7 @@ CHANGELOG 7.1 --- + * Add the calculated strength to violations in `PasswordStrengthValidator` * Add support for `Stringable` values when using the `Cidr`, `CssColor`, `ExpressionSyntax` and `PasswordStrength` constraints * Add `MacAddress` constraint * Add `*_NO_PUBLIC`, `*_ONLY_PRIVATE` and `*_ONLY_RESERVED` versions to `Ip` constraint diff --git a/src/Symfony/Component/Validator/Constraints/PasswordStrengthValidator.php b/src/Symfony/Component/Validator/Constraints/PasswordStrengthValidator.php index 72227b85af595..96a4a74f7287a 100644 --- a/src/Symfony/Component/Validator/Constraints/PasswordStrengthValidator.php +++ b/src/Symfony/Component/Validator/Constraints/PasswordStrengthValidator.php @@ -45,6 +45,7 @@ public function validate(#[\SensitiveParameter] mixed $value, Constraint $constr if ($strength < $constraint->minScore) { $this->context->buildViolation($constraint->message) ->setCode(PasswordStrength::PASSWORD_STRENGTH_ERROR) + ->setParameter('{{ strength }}', $strength) ->addViolation(); } } diff --git a/src/Symfony/Component/Validator/Tests/Constraints/PasswordStrengthValidatorTest.php b/src/Symfony/Component/Validator/Tests/Constraints/PasswordStrengthValidatorTest.php index e279843f30a04..78e7951a17c9c 100644 --- a/src/Symfony/Component/Validator/Tests/Constraints/PasswordStrengthValidatorTest.php +++ b/src/Symfony/Component/Validator/Tests/Constraints/PasswordStrengthValidatorTest.php @@ -40,6 +40,7 @@ public function testValidValues(string|\Stringable $value, int $expectedStrength $this->buildViolation('The password strength is too low. Please use a stronger password.') ->setCode(PasswordStrength::PASSWORD_STRENGTH_ERROR) + ->setParameter('{{ strength }}', $expectedStrength) ->assertRaised(); } @@ -55,13 +56,15 @@ public static function getValidValues(): iterable /** * @dataProvider provideInvalidConstraints */ - public function testThePasswordIsWeak(PasswordStrength $constraint, string $password, string $expectedMessage, string $expectedCode, array $parameters = []) + public function testThePasswordIsWeak(PasswordStrength $constraint, string $password, string $expectedMessage, string $expectedCode, string $strength) { $this->validator->validate($password, $constraint); $this->buildViolation($expectedMessage) ->setCode($expectedCode) - ->setParameters($parameters) + ->setParameters([ + '{{ strength }}' => $strength, + ]) ->assertRaised(); } @@ -72,18 +75,21 @@ public static function provideInvalidConstraints(): iterable 'password', 'The password strength is too low. Please use a stronger password.', PasswordStrength::PASSWORD_STRENGTH_ERROR, + '0', ]; yield [ new PasswordStrength(minScore: PasswordStrength::STRENGTH_VERY_STRONG), 'Good password?', 'The password strength is too low. Please use a stronger password.', PasswordStrength::PASSWORD_STRENGTH_ERROR, + '1', ]; yield [ new PasswordStrength(message: 'This password should be strong.'), 'password', 'This password should be strong.', PasswordStrength::PASSWORD_STRENGTH_ERROR, + '0', ]; } }