fix lowercase error on password validator

SORMAS-Foundation · Aug 20, 2024 · b90d09e · b90d09e
1 parent fc1fcb7
commit b90d09e
Show file tree

Hide file tree

Showing 5 changed files with 56 additions and 20 deletions.
diff --git a/sormas-api/src/main/resources/strings.properties b/sormas-api/src/main/resources/strings.properties
@@ -1279,8 +1279,7 @@ messageExternalMessagesAssigned = The assignee has been changed for all selected
 messageLoginFailed = Please check your username and password and try again
 messageNewPasswordDoesNotMatchFailed = New password and Confirm password does not match
 messagePasswordFailed = Incorrect Password Please check your Password and try again
-messageWrongCurrentPassword = Wrong Current Password
-messageNewPasswordFailed = Password should contain some text, \n atleast one special character \n some numbers \n and should be more than 8 characters
+messageNewPasswordFailed = Password should contain some text, \n some numbers \n and should be more than 8 characters
 messageMissingCases = Please generate some cases before generating contacts
 messageMissingDateFilter = Please fill in both date filter fields
 messageMissingEpiWeekFilter = Please fill in both epi week filter fields

diff --git a/sormas-app/app/src/main/java/de/symeda/sormas/app/login/ChangePasswordActivity.java b/sormas-app/app/src/main/java/de/symeda/sormas/app/login/ChangePasswordActivity.java
@@ -52,8 +52,8 @@ public class ChangePasswordActivity extends BaseLocalizedActivity implements Act
     private boolean isAtLeast8 = false;
     private boolean hasUppercase = false;
     private boolean hasNumber = false;
-    private boolean hasSpecialCharacter = false;
-    private boolean isGood = false;    
+    private boolean hasLowerCaseCharacter = false;
+    private boolean isGood = false;
     private ActivityChangePasswordLayoutBinding binding;
     private ProgressBar preloader;
     private View fragmentFrame;
@@ -105,21 +105,22 @@ public void backToSettings(View view) {
     }
 
     @SuppressLint("ResourceType")
-    public void registrationDataCheck(View view) {
+    public void passwordValidationCheck(View view) {
         String newPassword = binding.changePasswordNewPassword.getValue();
 
         isAtLeast8 = newPassword.length() >= 8;
         hasUppercase = newPassword.matches("(.*[A-Z].*)");
         hasNumber = newPassword.matches("(.*[0-9].*)");
-        hasSpecialCharacter = newPassword.matches(".*[^a-zA-Z0-9\\s].*");
-        if (isAtLeast8 && hasNumber && hasUppercase && hasSpecialCharacter) {
+        hasLowerCaseCharacter = newPassword.matches(".*[a-z].*");
+        if (isAtLeast8 && hasNumber && hasUppercase && hasLowerCaseCharacter) {
             isGood = true;
             binding.actionPasswordStrength.setVisibility(view.getVisibility());
             binding.actionPasswordStrength.setText(R.string.message_password_strong);
             binding.actionPasswordStrength.setTextColor(Color.parseColor(getString(R.color.successBackground)));
         } else {
             binding.actionPasswordStrength.setVisibility(view.getVisibility());
             binding.actionPasswordStrength.setText(R.string.message_password_weak);
+            NotificationHelper.showNotification(binding, NotificationType.ERROR, R.string.additional_message_passord_weakk);
             binding.actionPasswordStrength.setTextColor(Color.parseColor(getString(R.color.errorBackground)));
         }
     }
@@ -302,7 +303,7 @@ public void savePassword(View view) {
         }
 
         if (isValid) {
-            registrationDataCheck(view);
+            passwordValidationCheck(view);
         }
 
         if (isValid && isGood) {

diff --git a/sormas-app/app/src/main/res/values/strings.xml b/sormas-app/app/src/main/res/values/strings.xml
@@ -758,5 +758,6 @@
     <string name="message_password_strong">Password Strength is strong</string>
     <string name="message_could_not_generate_password">Could not generate password</string>
     <string name="message_could_not_save_password">Could not save password</string>
+    <string name="additional_message_passord_weak">Password should contain some text, some numbers and should be more than 8 characters</string>
 
 </resources>
diff --git a/sormas-backend/src/main/java/de/symeda/sormas/backend/util/PasswordValidator.java b/sormas-backend/src/main/java/de/symeda/sormas/backend/util/PasswordValidator.java
@@ -17,7 +17,16 @@ public static String checkPasswordStrength(String password) {
     }
 
     public static boolean isStrongPassword(String password) {
-        return password.length() >= 8 && hasDigits(password) && hasCapitalLetter(password);
+        if (password == null) {
+            throw new IllegalArgumentException("Password cannot be null");
+        }
+
+        boolean isLengthValid = password.length() >= 8;
+        boolean hasDigit = hasDigits(password);
+        boolean hasCapitalLetter = hasCapitalLetter(password);
+        boolean hasLowercaseLetter = hasLowercaseLetter(password);
+
+        return isLengthValid && hasDigit && hasCapitalLetter && hasLowercaseLetter;
     }
 
     private static boolean hasDigits(String password) {
@@ -28,4 +37,8 @@ private static boolean hasCapitalLetter(String password) {
         return password.chars().anyMatch(Character::isUpperCase);
     }
 
+    private static boolean hasLowercaseLetter(String password) {
+        return password.chars().anyMatch(Character::isLowerCase);
+    }
+
 }
diff --git a/sormas-ui/src/main/java/de/symeda/sormas/ui/user/UserController.java b/sormas-ui/src/main/java/de/symeda/sormas/ui/user/UserController.java
@@ -417,32 +417,49 @@ public CommitDiscardWrapperComponent<UserSettingsForm> getUserSettingsComponent(
     public CommitDiscardWrapperComponent<UpdatePasswordForm> getUpdatePasswordComponent() {
         Label passwordStrengthDesc = new Label();
         UpdatePasswordForm form = new UpdatePasswordForm();
-        UserDto user = FacadeProvider.getUserFacade().getByUuid(UserProvider.getCurrent().getUuid());
+        UserDto user = FacadeProvider.getUserFacade().getByUuid(Objects.requireNonNull(UserProvider.getCurrent()).getUuid());
         form.setValue(user);
+
         final CommitDiscardWrapperComponent<UpdatePasswordForm> component = new CommitDiscardWrapperComponent<>(form, form.getFieldGroup());
-        form.newPassword.addTextChangeListener(event -> {
-            passwordStrengthDesc.setValue(FacadeProvider.getUserFacade().checkPasswordStrength(event.getText()));
-            if (FacadeProvider.getUserFacade().isPasswordStrong(event.getText())) {
-                passwordStrengthDesc.setStyleName(LABEL_POSITIVE);
-            } else {
-                passwordStrengthDesc.setStyleName(LABEL_CRITICAL);
+
+        form.newPassword.setValidationVisible(false);
+        form.confirmPassword.setValidationVisible(false);
+        form.currentPassword.setValidationVisible(false);
+
+        form.newPassword.addBlurListener(event -> {
+            String newPassword = form.newPassword.getValue();
+            if(Objects.nonNull(newPassword)) {
+                if (!FacadeProvider.getUserFacade().isPasswordStrong(newPassword)) {
+                    passwordStrengthDesc.setStyleName(LABEL_CRITICAL);
+                } else {
+                    passwordStrengthDesc.setStyleName(LABEL_POSITIVE);
+                }
+                passwordStrengthDesc.setValue(FacadeProvider.getUserFacade().checkPasswordStrength(newPassword));
             }
+            form.newPassword.setValidationVisible(true);
+        });
+
+        form.confirmPassword.addBlurListener(event -> {
+            form.confirmPassword.setValidationVisible(true);
+        });
+
+        form.currentPassword.addBlurListener(event -> {
+            form.currentPassword.setValidationVisible(true);
         });
+
         component.addDiscardListener(() -> popUpWindow.close());
 
         component.addCommitListener(() -> {
             if (!form.getFieldGroup().isModified()) {
                 UserDto changedUser = form.getValue();
                 if (!Objects.equals(changedUser.getConfirmPassword(), changedUser.getNewPassword())) {
-
                     Notification.show(I18nProperties.getString(Strings.messageNewPasswordDoesNotMatchFailed), Notification.Type.ERROR_MESSAGE);
                 } else if (!FacadeProvider.getUserFacade().validatePassword(user.getUuid(), changedUser.getCurrentPassword())) {
                     Notification.show(I18nProperties.getString(Strings.messageWrongCurrentPassword), Notification.Type.ERROR_MESSAGE);
-                } else if (passwordStrengthDesc.getValue().contains("Weak")) {
+                } else if (!FacadeProvider.getUserFacade().isPasswordStrong(changedUser.getNewPassword())) {
                     Notification.show(I18nProperties.getString(Strings.messageNewPasswordFailed), Notification.Type.ERROR_MESSAGE);
                 } else {
                     showUpdatePassword(user.getUuid(), user.getUserEmail(), changedUser.getNewPassword(), changedUser.getCurrentPassword());
-
                 }
             }
         });
@@ -452,13 +469,18 @@ public CommitDiscardWrapperComponent<UpdatePasswordForm> getUpdatePasswordCompon
             String generatedPassword = FacadeProvider.getUserFacade().generatePassword();
             form.newPassword.setValue(generatedPassword);
             form.confirmPassword.setValue(generatedPassword);
+
+            form.newPassword.setValidationVisible(true);
+            form.confirmPassword.setValidationVisible(true);
         });
-        component.getButtonsPanel().addComponent(generatePasswordButton, 0);
 
+        component.getButtonsPanel().addComponent(generatePasswordButton, 0);
         component.addComponent(passwordStrengthDesc, 1);
+
         return component;
     }
 
+
     public void setFlagIcons(ComboBox cbLanguage) {
         for (Language language : Language.values()) {
             cbLanguage.setItemIcon(language, new ThemeResource("img/flag-icons/" + language.name().toLowerCase() + ".png"));