feature #30932 [Validator] Add an option to disable NotCompromisedPas…

…swordValidator (lyrixx) This PR was merged into the 4.3-dev branch. Discussion ---------- [Validator] Add an option to disable NotCompromisedPasswordValidator | Q | A | ------------- | --- | Branch? | master | Bug fix? | no | New feature? | yes | BC breaks? | no | Deprecations? | no | Tests pass? | yes | Fixed tickets | #30871 | License | MIT | Doc PR | symfony/symfony-docs#11327 EUFOSSA Commits ------- 9a2787e89a [Validator] Add an option to disable NotCompromisedPasswordValidator
symfony · Apr 6, 2019 · ded8491 · ded8491
2 parents b130d69 + 8452124
commit ded8491
Show file tree

Hide file tree

Showing 2 changed files with 18 additions and 1 deletion.
diff --git a/Constraints/NotCompromisedPasswordValidator.php b/Constraints/NotCompromisedPasswordValidator.php
@@ -32,15 +32,17 @@ class NotCompromisedPasswordValidator extends ConstraintValidator
 
     private $httpClient;
     private $charset;
+    private $disabled;
 
-    public function __construct(HttpClientInterface $httpClient = null, string $charset = 'UTF-8')
+    public function __construct(HttpClientInterface $httpClient = null, string $charset = 'UTF-8', bool $disabled = false)
     {
         if (null === $httpClient && !class_exists(HttpClient::class)) {
             throw new \LogicException(sprintf('The "%s" class requires the "HttpClient" component. Try running "composer require symfony/http-client".', self::class));
         }
 
         $this->httpClient = $httpClient ?? HttpClient::create();
         $this->charset = $charset;
+        $this->disabled = $disabled;
     }
 
     /**
@@ -54,6 +56,10 @@ public function validate($value, Constraint $constraint)
             throw new UnexpectedTypeException($constraint, NotCompromisedPassword::class);
         }
 
+        if ($this->disabled) {
+            return;
+        }
+
         if (null !== $value && !is_scalar($value) && !(\is_object($value) && method_exists($value, '__toString'))) {
             throw new UnexpectedTypeException($value, 'string');
         }

diff --git a/Tests/Constraints/NotCompromisedPasswordValidatorTest.php b/Tests/Constraints/NotCompromisedPasswordValidatorTest.php
@@ -60,6 +60,17 @@ public function testEmptyStringIsValid()
         $this->assertNoViolation();
     }
 
+    public function testInvalidPasswordButDisabled()
+    {
+        $r = new \ReflectionProperty($this->validator, 'disabled');
+        $r->setAccessible(true);
+        $r->setValue($this->validator, true);
+
+        $this->validator->validate(self::PASSWORD_LEAKED, new NotCompromisedPassword());
+
+        $this->assertNoViolation();
+    }
+
     public function testInvalidPassword()
     {
         $constraint = new NotCompromisedPassword();