fix weak password confirmation attempt#2

src/lib/users/widgets.rb

@@ -33,6 +33,12 @@ module Users
   # The widget contains 2 password input fields
   # to type and retype the password
   class PasswordWidget < CWM::CustomWidget
+
+    class << self
+      attr_accessor :approved_pwd
+    end
+
+
     # If `little_space` is `false` (the default), the widget will
     # use a vertical layout, and include a "don't forget this" label.
     #
@@ -113,15 +119,15 @@ def validate
       end
 
       # do not ask again if already approved (bsc#1025835)
-      return true if @already_approved == password1
+      return true if self.class.approved_pwd == password1
 
       passwd = ::Users::LocalPassword.new(username: "root", plain: password1)
       # User can confirm using "invalid" password confirming all the errors
       if !passwd.valid?
         errors = passwd.errors + [_("Really use this password?")]
         Yast::UI.SetFocus(Id(:pw1))
         return false unless Yast::Popup.YesNo(errors.join("\n\n"))
-        @already_approved = password1
+        self.class.approved_pwd = password1
       end
 
       return true

test/widgets_test.rb

@@ -84,6 +84,20 @@ def stub_widget_value(id, value)
       expect(subject.validate).to eq false
     end
 
+    it "asks for for confirmation only once for same password" do
+      stub_widget_value(:pw1, "a")
+      stub_widget_value(:pw2, "a")
+
+      allow(Yast::UsersSimple).to receive(:CheckPassword).and_return("")
+      allow(Users::LocalPassword).to receive(:new).and_return(double(valid?: false, errors: ["E"]))
+
+      expect(Yast::UI).to receive(:SetFocus).with(Id(:pw1))
+      expect(Yast::Popup).to receive(:YesNo).and_return(true).once
+
+      expect(subject.validate).to eq true
+      expect(subject.validate).to eq true
+    end
+
     it "is valid otherwise" do
       stub_widget_value(:pw1, "a")
       stub_widget_value(:pw2, "a")