Merge pull request Checkmk#559 from Checkmk/user_roll_backwards

Removed check of pw_length
Mik3yZ · Feb 15, 2024 · c89a83d · c89a83d
2 parents 1b856a3 + acd7800
commit c89a83d
Show file tree

Hide file tree

Showing 3 changed files with 12 additions and 91 deletions.
diff --git a/plugins/modules/user.py b/plugins/modules/user.py
@@ -236,9 +236,6 @@
 from ansible_collections.checkmk.general.plugins.module_utils.utils import (
     result_as_dict,
 )
-from ansible_collections.checkmk.general.plugins.module_utils.version import (
-    CheckmkVersion,
-)
 
 USER = (
     "username",
@@ -409,19 +406,6 @@ def needs_editing(self):
                 return True
         return False
 
-    def shortpassword(self, data):
-        ver = self.getversion()
-        if ver >= CheckmkVersion("2.3.0") and "auth_option" in data:
-            if (
-                "password" in data["auth_option"]
-                and len(data["auth_option"]["password"]) < 12
-            ) or (
-                "secret" in data["auth_option"]
-                and len(data["auth_option"]["secret"]) < 10
-            ):
-                return True
-        return False
-
     def get(self):
         result = self._fetch(
             code_mapping=UserHTTPCodes.get,
@@ -442,44 +426,24 @@ def create(self):
         # in the Checkmk API...
         data.setdefault("fullname", data["username"])
 
-        if self.shortpassword(data):
-            result = RESULT(
-                http_code=0,
-                msg="Password too short. For 2.3 and higher, please provide at least 12 characters (automation min. 10).",
-                content="",
-                etag="",
-                failed=True,
-                changed=False,
-            )
-        else:
-            result = self._fetch(
-                code_mapping=UserHTTPCodes.create,
-                endpoint=UserEndpoints.create,
-                data=data,
-                method="POST",
-            )
+        result = self._fetch(
+            code_mapping=UserHTTPCodes.create,
+            endpoint=UserEndpoints.create,
+            data=data,
+            method="POST",
+        )
         return result
 
     def edit(self, etag):
         data = self._build_user_data()
         self.headers["if-Match"] = etag
 
-        if self.shortpassword(data):
-            result = RESULT(
-                http_code=0,
-                msg="Password too short. For 2.3 and higher, please provide at least 12 characters (automation min. 10).",
-                content="",
-                etag="",
-                failed=True,
-                changed=False,
-            )
-        else:
-            result = self._fetch(
-                code_mapping=UserHTTPCodes.edit,
-                endpoint=self._build_default_endpoint(),
-                data=data,
-                method="PUT",
-            )
+        result = self._fetch(
+            code_mapping=UserHTTPCodes.edit,
+            endpoint=self._build_default_endpoint(),
+            data=data,
+            method="PUT",
+        )
 
         return result
 

diff --git a/tests/integration/targets/user/tasks/test.yml b/tests/integration/targets/user/tasks/test.yml
@@ -203,44 +203,6 @@
   delegate_to: localhost
   run_once: true # noqa run-once[task]
 
-- name: "{{ outer_item.version }} - {{ outer_item.edition | upper }} - Test create with short pw for 2.3 (should fail)"
-  user: # noqa fqcn[action-core] # The FQCN lint makes no sense here, as we want to test our local module
-    server_url: "{{ checkmk_var_server_url }}"
-    site: "{{ outer_item.site }}"
-    automation_user: "{{ checkmk_var_automation_user }}"
-    automation_secret: "{{ checkmk_var_automation_secret }}"
-    customer: "{{ (customer != None) | ternary(customer, omit) }}"  # See PR #427
-    name: "autotest"
-    fullname: "autotest"
-    auth_type: "automation"
-    password: "2short"
-    roles:
-      - admin
-    state: "present"
-  delegate_to: localhost
-  run_once: true # noqa run-once[task]
-  when: "'2.3' in outer_item.version"
-  register: checkmk_shortpwcheck_create
-  failed_when: "'Password too short. For 2.3 and higher' not in checkmk_shortpwcheck_create.msg"
-
-- name: "{{ outer_item.version }} - {{ outer_item.edition | upper }} - Test reset with short pw for 2.3 (should fail)"
-  user: # noqa fqcn[action-core] # The FQCN lint makes no sense here, as we want to test our local module
-    server_url: "{{ checkmk_var_server_url }}"
-    site: "{{ outer_item.site }}"
-    automation_user: "{{ checkmk_var_automation_user }}"
-    automation_secret: "{{ checkmk_var_automation_secret }}"
-    customer: "{{ (customer != None) | ternary(customer, omit) }}"  # See PR #427
-    name: "{{ item.name }}"
-    password: "{{ item.password }}"
-    auth_type: "{{ item.auth_type }}"
-    state: "reset_password"
-  delegate_to: localhost
-  run_once: true # noqa run-once[task]
-  loop: "{{ checkmk_var_users_new_short_pw }}"
-  when: "'2.3' in outer_item.version"
-  register: checkmk_shortpwcheck_edit
-  failed_when: "'Password too short. For 2.3 and higher' not in checkmk_shortpwcheck_edit.msg"
-
 - name: "{{ outer_item.version }} - {{ outer_item.edition | upper }} - Delete users."
   user: # noqa fqcn[action-core] # The FQCN lint makes no sense here, as we want to test our local module
     server_url: "{{ checkmk_var_server_url }}"

diff --git a/tests/integration/targets/user/vars/main.yml b/tests/integration/targets/user/vars/main.yml
@@ -105,11 +105,6 @@ checkmk_var_users_newpw:
     password: "abcdefghij"
     auth_type: automation
 
-checkmk_var_users_new_short_pw:
-  - name: user3
-    password: "abcdefg"
-    auth_type: password
-
 checkmk_var_users_edit:
   - name: admin1
     fullname: Admin Eins