Fixed #35693 -- Made password validators callable.

2024-12-22 17:16:24 +00:00 · 2024-12-01 10:33:37 +09:00 · 2024-12-01 10:33:37 +09:00 · 92f6a713d3
commit 92f6a713d3
parent 86661f2449
3 changed files with 66 additions and 0 deletions
--- a/django/contrib/auth/password_validation.py
+++ b/django/contrib/auth/password_validation.py
@ -104,6 +104,9 @@ class MinimumLengthValidator:
    def __init__(self, min_length=8):
        self.min_length = min_length
    def __call__(self, *args, **kwargs):
        return self.validate(*args, kwargs)
    def validate(self, password, user=None):
        if len(password) < self.min_length:
            raise ValidationError(self.get_error_message(), code="password_too_short")
@ -175,6 +178,9 @@ class UserAttributeSimilarityValidator:
            raise ValueError("max_similarity must be at least 0.1")
        self.max_similarity = max_similarity
    def __call__(self, *args, **kwargs):
        return self.validate(*args, **kwargs)
    def validate(self, password, user=None):
        if not user:
            return
@ -241,6 +247,9 @@ class CommonPasswordValidator:
            with open(password_list_path) as f:
                self.passwords = {x.strip() for x in f}
    def __call__(self, *args, **kwargs):
        return self.validate(*args, **kwargs)
    def validate(self, password, user=None):
        if password.lower().strip() in self.passwords:
            raise ValidationError(
@ -260,6 +269,9 @@ class NumericPasswordValidator:
    Validate that the password is not entirely numeric.
    """
    def __call__(self, *args, **kwargs):
        return self.validate(*args, **kwargs)
    def validate(self, password, user=None):
        if password.isdigit():
            raise ValidationError(
--- a/docs/releases/5.2.txt
+++ b/docs/releases/5.2.txt
@ -91,6 +91,10 @@ Minor features
  now have a new method ``get_error_message()``, which can be overridden in
  subclasses to customize the error messages.
 * The :ref:`password validator classes <included-password-validators>`
  now have a new method ``__call__()``, calling the password validator class
  object will perform ``validate()`` method.
 :mod:`django.contrib.contenttypes`
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
--- a/tests/auth_tests/test_validators.py
+++ b/tests/auth_tests/test_validators.py
@ -158,6 +158,19 @@ class MinimumLengthValidatorTest(SimpleTestCase):
        with self.assertRaisesMessage(ValidationError, expected_error % 3) as cm:
            CustomMinimumLengthValidator(min_length=3).validate("12")
    def test_callable_validate(self):
        expected_error = (
            "This password is too short. It must contain at least %d characters."
        )
        validator = MinimumLengthValidator()
        self.assertIsNone(validator("12345678"))
        with self.assertRaises(ValidationError) as cm:
            validator("1234567")
        self.assertEqual(cm.exception.messages, [expected_error % 8])
        self.assertEqual(cm.exception.error_list[0].code, "password_too_short")
 class UserAttributeSimilarityValidatorTest(TestCase):
    def test_validate(self):
@ -263,6 +276,24 @@ class UserAttributeSimilarityValidatorTest(TestCase):
        with self.assertRaisesMessage(ValidationError, expected_error):
            CustomUserAttributeSimilarityValidator().validate("testclient", user=user)
    def test_callable_validate(self):
        user = User.objects.create_user(
            username="testclient",
            password="password",
            email="testclient@example.com",
            first_name="Test",
            last_name="Client",
        )
        expected_error = "The password is too similar to the %s."
        validator = UserAttributeSimilarityValidator()
        self.assertIsNone(validator("testclient"))
        with self.assertRaises(ValidationError) as cm:
            validator("testclient", user=user)
        self.assertEqual(cm.exception.messages, [expected_error % "username"])
        self.assertEqual(cm.exception.error_list[0].code, "password_too_similar")
 class CommonPasswordValidatorTest(SimpleTestCase):
    def test_validate(self):
@ -307,6 +338,15 @@ class CommonPasswordValidatorTest(SimpleTestCase):
        with self.assertRaisesMessage(ValidationError, expected_error):
            CustomCommonPasswordValidator().validate("godzilla")
    def test_callable_validate(self):
        expected_error = "This password is too common."
        validator = CommonPasswordValidator()
        self.assertIsNone(validator("a-safe-password"))
        with self.assertRaises(ValidationError) as cm:
            validator("godzilla")
        self.assertEqual(cm.exception.messages, [expected_error])
 class NumericPasswordValidatorTest(SimpleTestCase):
    def test_validate(self):
@ -334,6 +374,16 @@ class NumericPasswordValidatorTest(SimpleTestCase):
        with self.assertRaisesMessage(ValidationError, expected_error):
            CustomNumericPasswordValidator().validate("42424242")
    def test_callable_validate(self):
        expected_error = "This password is entirely numeric."
        validator = NumericPasswordValidator()
        self.assertIsNone(validator("a-safe-password"))
        with self.assertRaises(ValidationError) as cm:
            validator("42424242")
        self.assertEqual(cm.exception.messages, [expected_error])
        self.assertEqual(cm.exception.error_list[0].code, "password_entirely_numeric")
 class UsernameValidatorsTests(SimpleTestCase):
    def test_unicode_validator(self):