From b5f01171ddba79ef920de7e50751f67bbd177135 Mon Sep 17 00:00:00 2001 From: Qiu Jian Date: Sat, 19 Sep 2020 00:48:53 +0800 Subject: [PATCH] fix: reset user password without check --- cmd/climc/shell/identity/users.go | 5 +++++ pkg/apis/identity/input.go | 2 ++ pkg/keystone/models/identitybase.go | 2 +- pkg/keystone/models/users.go | 3 ++- pkg/util/logclient/consts.go | 2 ++ 5 files changed, 12 insertions(+), 2 deletions(-) diff --git a/cmd/climc/shell/identity/users.go b/cmd/climc/shell/identity/users.go index 7725978dc4..57dc462719 100644 --- a/cmd/climc/shell/identity/users.go +++ b/cmd/climc/shell/identity/users.go @@ -262,6 +262,8 @@ func init() { // DefaultProject string `help:"Default project"` // Option []string `help:"User options"` + + SkipPasswordComplexityCheck bool `help:"skip_password_complexity_check"` } R(&UserUpdateOptions{}, "user-update", "Update a user", func(s *mcclient.ClientSession, args *UserUpdateOptions) error { query := jsonutils.NewDict() @@ -282,6 +284,9 @@ func init() { } if args.Password != nil { params.Add(jsonutils.NewString(*args.Password), "password") + if args.SkipPasswordComplexityCheck { + params.Add(jsonutils.JSONTrue, "skip_password_complexity_check") + } } if len(args.Displayname) > 0 { params.Add(jsonutils.NewString(args.Displayname), "displayname") diff --git a/pkg/apis/identity/input.go b/pkg/apis/identity/input.go index 19747d67b6..4a9ca72caa 100644 --- a/pkg/apis/identity/input.go +++ b/pkg/apis/identity/input.go @@ -429,6 +429,8 @@ type UserUpdateInput struct { EnableMfa *bool `json:"enable_mfa"` Password string `json:"password"` + + SkipPasswordComplexityCheck *bool `json:"skip_password_complexity_check"` } type UserCreateInput struct { diff --git a/pkg/keystone/models/identitybase.go b/pkg/keystone/models/identitybase.go index 20e9c48d81..2c31ebb3a1 100644 --- a/pkg/keystone/models/identitybase.go +++ b/pkg/keystone/models/identitybase.go @@ -432,7 +432,7 @@ func (model *SIdentityBaseResource) PostCreate(ctx context.Context, userCred mcc func (model *SIdentityBaseResource) PostUpdate(ctx context.Context, userCred mcclient.TokenCredential, query jsonutils.JSONObject, data jsonutils.JSONObject) { model.SStandaloneResourceBase.PostUpdate(ctx, userCred, query, data) - logclient.AddActionLogWithContext(ctx, model, logclient.ACT_UPDATE, data, userCred, true) + // logclient.AddActionLogWithContext(ctx, model, logclient.ACT_UPDATE, data, userCred, true) } func (model *SIdentityBaseResource) PostDelete(ctx context.Context, userCred mcclient.TokenCredential) { diff --git a/pkg/keystone/models/users.go b/pkg/keystone/models/users.go index 6192ce610f..39b081d87b 100644 --- a/pkg/keystone/models/users.go +++ b/pkg/keystone/models/users.go @@ -517,7 +517,7 @@ func (user *SUser) ValidateUpdateData(ctx context.Context, userCred mcclient.Tok } } } - if len(input.Password) > 0 { + if len(input.Password) > 0 && (input.SkipPasswordComplexityCheck == nil || *input.SkipPasswordComplexityCheck == false) { passwd := input.Password usrExt, err := UserManager.FetchUserExtended(user.Id, "", "", "") if err != nil { @@ -722,6 +722,7 @@ func (user *SUser) PostUpdate(ctx context.Context, userCred mcclient.TokenCreden log.Errorf("fail to set password %s", err) return } + logclient.AddActionLogWithContext(ctx, user, logclient.ACT_UPDATE_PASSWORD, nil, userCred, true) } } diff --git a/pkg/util/logclient/consts.go b/pkg/util/logclient/consts.go index 3b19f1083a..200787e940 100644 --- a/pkg/util/logclient/consts.go +++ b/pkg/util/logclient/consts.go @@ -190,6 +190,8 @@ const ( ACT_UPDATE_STATUS = "更新状态" + ACT_UPDATE_PASSWORD = "更新密码" + ACT_REMOVE_GUEST = "移除实例" ACT_CREATE_SCALING_POLICY = "创建伸缩策略" ACT_DELETE_SCALING_POLICY = "删除伸缩策略"