Merge branch 'master' into attach-user-to-spans

This commit is contained in:
Sam Rose 2024-01-05 14:46:53 +00:00 committed by GitHub
commit 26fd6b55cd
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
6 changed files with 26 additions and 10 deletions

View File

@ -26,7 +26,7 @@ services:
BB_ADMIN_USER_EMAIL: ${BB_ADMIN_USER_EMAIL}
BB_ADMIN_USER_PASSWORD: ${BB_ADMIN_USER_PASSWORD}
PLUGINS_DIR: ${PLUGINS_DIR}
OFFLINE_MODE: ${OFFLINE_MODE}
OFFLINE_MODE: ${OFFLINE_MODE:-}
depends_on:
- worker-service
- redis-service
@ -53,7 +53,7 @@ services:
INTERNAL_API_KEY: ${INTERNAL_API_KEY}
REDIS_URL: redis-service:6379
REDIS_PASSWORD: ${REDIS_PASSWORD}
OFFLINE_MODE: ${OFFLINE_MODE}
OFFLINE_MODE: ${OFFLINE_MODE:-}
depends_on:
- redis-service
- minio-service

View File

@ -166,6 +166,8 @@ const environment = {
DISABLE_JWT_WARNING: process.env.DISABLE_JWT_WARNING,
BLACKLIST_IPS: process.env.BLACKLIST_IPS,
SERVICE_TYPE: "unknown",
PASSWORD_MIN_LENGTH: process.env.PASSWORD_MIN_LENGTH,
PASSWORD_MAX_LENGTH: process.env.PASSWORD_MAX_LENGTH,
/**
* Enable to allow an admin user to login using a password.
* This can be useful to prevent lockout when configuring SSO.

View File

@ -1,7 +1,7 @@
import { env } from ".."
import env from "../environment"
export const PASSWORD_MIN_LENGTH = +(process.env.PASSWORD_MIN_LENGTH || 8)
export const PASSWORD_MAX_LENGTH = +(process.env.PASSWORD_MAX_LENGTH || 512)
export const PASSWORD_MIN_LENGTH = +(env.PASSWORD_MIN_LENGTH || 8)
export const PASSWORD_MAX_LENGTH = +(env.PASSWORD_MAX_LENGTH || 512)
export function validatePassword(
password: string

View File

@ -44,6 +44,12 @@ type GroupFns = {
getBulk: GroupGetFn
getGroupBuilderAppIds: GroupBuildersFn
}
type CreateAdminUserOpts = {
ssoId?: string
hashPassword?: boolean
requirePassword?: boolean
skipPasswordValidation?: boolean
}
type FeatureFns = { isSSOEnforced: FeatureFn; isAppBuildersEnabled: FeatureFn }
const bulkDeleteProcessing = async (dbUser: User) => {
@ -112,9 +118,11 @@ export class UserDB {
throw new HTTPError("Password change is disabled for this user", 400)
}
const passwordValidation = validatePassword(password)
if (!passwordValidation.valid) {
throw new HTTPError(passwordValidation.error, 400)
if (!opts.skipPasswordValidation) {
const passwordValidation = validatePassword(password)
if (!passwordValidation.valid) {
throw new HTTPError(passwordValidation.error, 400)
}
}
hashedPassword = opts.hashPassword ? await hash(password) : password
@ -489,7 +497,7 @@ export class UserDB {
email: string,
password: string,
tenantId: string,
opts?: { ssoId?: string; hashPassword?: boolean; requirePassword?: boolean }
opts?: CreateAdminUserOpts
) {
const user: User = {
email: email,
@ -513,6 +521,7 @@ export class UserDB {
return await UserDB.save(user, {
hashPassword: opts?.hashPassword,
requirePassword: opts?.requirePassword,
skipPasswordValidation: opts?.skipPasswordValidation,
})
}

View File

@ -138,7 +138,11 @@ export async function startup(app?: Koa, server?: Server) {
bbAdminEmail,
bbAdminPassword,
tenantId,
{ hashPassword: true, requirePassword: true }
{
hashPassword: true,
requirePassword: true,
skipPasswordValidation: true,
}
)
// Need to set up an API key for automated integration tests
if (env.isTest()) {

View File

@ -2,4 +2,5 @@ export interface SaveUserOpts {
hashPassword?: boolean
requirePassword?: boolean
currentUserId?: string
skipPasswordValidation?: boolean
}