Not sure if the title is proper, but Open Public will fail an install if the random password generated with provision_password() doesn't contain at least a capital letter, lowercase letter, and a number.

While this is a specific issue with OpenPublic's password requirements, I don't see the harm in updating the password function to always produce a password to meet more stringent requirements.

CommentFileSizeAuthor
#8 openpublic.patch567 bytesmemtkmcc

Comments

cashwilliams’s picture

cashwilliams commented
Title: provision_password doesn't generate password to meet OpenPublic standards » provision_password doesn't generate password to meet the password policy module standards

I guess that should be for any distribution that uses the password policy module.

cashwilliams’s picture

cashwilliams commented
Title: provision_password doesn't generate password to meet the password policy module standards » Generated user password does not meet the password policy module standards

I'm not sure if Aegir uses provision_password(), or user_password().

omega8cc’s picture

omega8cc commented

Not sure it is a problem? At least I never had any issue with provisioning Open Public sites. How you found it to be a problem?

anarcat’s picture

anarcat commented

aegir's provision_password() is the same as user_passwd() as things stand, so I would file this bug upstream.

in the meantime, i guess we could enhance the function... but it looks to me like the probability of generating a password that *doesn't* have a capital or a digit is actually quite low...

http://drupalcode.org/project/provision.git/blob/HEAD:/provision.inc#l256

cashwilliams’s picture

cashwilliams commented

Not sure if this is even a bug with Aegir/Drupal, but with Open Public? I suppose the argument can be made that Open Public doesn't support automated installs, and therefore the problem is on their end?

(Only reason I noticed this is because it failed on me the first time I tried to install it. Doesn't happen often, but it does happen :D

anarcat’s picture

anarcat commented
Title: Generated user password does not meet the password policy module standards » Make generated user passwords meet the password policy module standards
Category: bug » feature

Okay, well I think then that we could enhance our password generation algorithm, but frankly this is getting rather complex for a fairly simple thing to do, that has been done over and over again all over the place. :P I strongly encourage you to file a similar bug in D8 right now - but in the mean time i'll make this a feature request, as it's not really a bug, I believe.

omega8cc’s picture

omega8cc commented
Version: 6.x-1.0-rc2 » 6.x-1.1

Just to confirm that I also reproduced the issue, a few times already :/

But really, it is an upstream issue/compatibility problem, I think.

They should test their distro with Aegir! :)

memtkmcc’s picture

memtkmcc commented
Title: Make generated user passwords meet the password policy module standards » Allow Open Public to work as an Aegir platform
Project: Provision » OpenPublic
Version: 6.x-1.1 »
Category: feature » bug
Priority: Minor » Critical
Status: Active » Needs review
StatusFileSize
new openpublic.patch567 bytes

Here is the patch (attached) to fix this in the Open Public install profile.

I'm moving this issue to the Open Public queue as it belongs there, IMO.

jec006’s picture

jec006 commented
Status: Needs review » Fixed

Hey Octopus,
Thanks for the patch, I've committed it and the fix will be in the next release of openpublic.

Appreciate the work.

Status: Fixed » Closed (fixed)

Automatically closed -- issue fixed for 2 weeks with no activity.