From ce452f5240eb64601a6f3f84442a783a1b1f24b8 Mon Sep 17 00:00:00 2001
From: Roman Perekhod <rperekhod@owncloud.com>
Date: Thu, 14 Dec 2023 19:54:49 +0100
Subject: [PATCH] added the ability to disadle the password policy

---
 .../services/publicshareprovider/publicshareprovider.go    | 4 +++-
 internal/http/services/owncloud/ocs/data/capabilities.go   | 1 +
 .../owncloud/ocs/handlers/apps/sharing/shares/shares.go    | 3 ++-
 pkg/password/password_policies.go                          | 7 ++++++-
 pkg/password/password_policies_test.go                     | 2 ++
 5 files changed, 14 insertions(+), 3 deletions(-)

diff --git a/internal/grpc/services/publicshareprovider/publicshareprovider.go b/internal/grpc/services/publicshareprovider/publicshareprovider.go
index 8687a4da459..34d43618cca 100644
--- a/internal/grpc/services/publicshareprovider/publicshareprovider.go
+++ b/internal/grpc/services/publicshareprovider/publicshareprovider.go
@@ -67,6 +67,7 @@ type config struct {
 }
 
 type passwordPolicy struct {
+	Disabled               bool                `mapstructure:"disabled"`
 	MinCharacters          int                 `mapstructure:"min_characters"`
 	MinLowerCaseCharacters int                 `mapstructure:"min_lowercase_characters"`
 	MinUpperCaseCharacters int                 `mapstructure:"min_uppercase_characters"`
@@ -172,9 +173,10 @@ func New(m map[string]interface{}, ss *grpc.Server) (rgrpc.Service, error) {
 
 func newPasswordPolicy(c *passwordPolicy) password.Validator {
 	if c == nil {
-		return password.NewPasswordPolicy(0, 0, 0, 0, 0, nil)
+		return password.NewPasswordPolicy(true, 0, 0, 0, 0, 0, nil)
 	}
 	return password.NewPasswordPolicy(
+		c.Disabled,
 		c.MinCharacters,
 		c.MinLowerCaseCharacters,
 		c.MinUpperCaseCharacters,
diff --git a/internal/http/services/owncloud/ocs/data/capabilities.go b/internal/http/services/owncloud/ocs/data/capabilities.go
index 369ca231792..f6abda35b0c 100644
--- a/internal/http/services/owncloud/ocs/data/capabilities.go
+++ b/internal/http/services/owncloud/ocs/data/capabilities.go
@@ -117,6 +117,7 @@ type CapabilitiesGraph struct {
 
 // CapabilitiesPasswordPolicy hold the password policy capabilities
 type CapabilitiesPasswordPolicy struct {
+	Disabled               bool                `json:"disabled" xml:"disabled" mapstructure:"disabled"`
 	MinCharacters          int                 `json:"min_characters" xml:"min_characters" mapstructure:"min_characters"`
 	MaxCharacters          int                 `json:"max_characters" xml:"max_characters" mapstructure:"max_characters"`
 	MinLowerCaseCharacters int                 `json:"min_lowercase_characters" xml:"min_lowercase_characters" mapstructure:"min_lowercase_characters"`
diff --git a/internal/http/services/owncloud/ocs/handlers/apps/sharing/shares/shares.go b/internal/http/services/owncloud/ocs/handlers/apps/sharing/shares/shares.go
index a2552b69ea1..1af7571801d 100644
--- a/internal/http/services/owncloud/ocs/handlers/apps/sharing/shares/shares.go
+++ b/internal/http/services/owncloud/ocs/handlers/apps/sharing/shares/shares.go
@@ -1734,9 +1734,10 @@ func publicPwdEnforced(c *config.Config) passwordEnforced {
 
 func passwordPolicies(c *config.Config) password.Validator {
 	if c.Capabilities.Capabilities == nil || c.Capabilities.Capabilities.PasswordPolicy == nil {
-		return password.NewPasswordPolicy(0, 0, 0, 0, 0, nil)
+		return password.NewPasswordPolicy(true, 0, 0, 0, 0, 0, nil)
 	}
 	return password.NewPasswordPolicy(
+		c.Capabilities.Capabilities.PasswordPolicy.Disabled,
 		c.Capabilities.Capabilities.PasswordPolicy.MinCharacters,
 		c.Capabilities.Capabilities.PasswordPolicy.MinLowerCaseCharacters,
 		c.Capabilities.Capabilities.PasswordPolicy.MinUpperCaseCharacters,
diff --git a/pkg/password/password_policies.go b/pkg/password/password_policies.go
index ec98783d318..ac126c9e873 100644
--- a/pkg/password/password_policies.go
+++ b/pkg/password/password_policies.go
@@ -18,6 +18,7 @@ type Validator interface {
 
 // Policies represents a password validation rules
 type Policies struct {
+	disabled                bool
 	minCharacters           int
 	minLowerCaseCharacters  int
 	minUpperCaseCharacters  int
@@ -29,8 +30,9 @@ type Policies struct {
 }
 
 // NewPasswordPolicy returns a new NewPasswordPolicy instance
-func NewPasswordPolicy(minCharacters, minLowerCaseCharacters, minUpperCaseCharacters, minDigits, minSpecialCharacters int, bannedPasswordsList map[string]struct{}) Validator {
+func NewPasswordPolicy(disabled bool, minCharacters, minLowerCaseCharacters, minUpperCaseCharacters, minDigits, minSpecialCharacters int, bannedPasswordsList map[string]struct{}) Validator {
 	p := &Policies{
+		disabled:               disabled,
 		minCharacters:          minCharacters,
 		minLowerCaseCharacters: minLowerCaseCharacters,
 		minUpperCaseCharacters: minUpperCaseCharacters,
@@ -46,6 +48,9 @@ func NewPasswordPolicy(minCharacters, minLowerCaseCharacters, minUpperCaseCharac
 
 // Validate implements a password validation regarding the policy
 func (s Policies) Validate(str string) error {
+	if s.disabled {
+		return nil
+	}
 	var allErr error
 	if !utf8.ValidString(str) {
 		return fmt.Errorf("the password contains invalid characters")
diff --git a/pkg/password/password_policies_test.go b/pkg/password/password_policies_test.go
index fd8b4136ace..6faa3a9696b 100644
--- a/pkg/password/password_policies_test.go
+++ b/pkg/password/password_policies_test.go
@@ -75,6 +75,7 @@ func TestPolicies_Validate(t *testing.T) {
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
 			s := NewPasswordPolicy(
+				false,
 				tt.fields.minCharacters,
 				tt.fields.minLowerCaseCharacters,
 				tt.fields.minUpperCaseCharacters,
@@ -143,6 +144,7 @@ func TestPasswordPolicies_Count(t *testing.T) {
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
 			i := NewPasswordPolicy(
+				false,
 				tt.fields.wantCharacters,
 				tt.fields.wantLowerCaseCharacters,
 				tt.fields.wantUpperCaseCharacters,