Imported ValidatedPasswordSetting instead of aliasing to existing ValidatedPassword

andsel · andsel · commit 6ca07fb92911 · 2025-09-18T13:20:27.000+02:00
diff --git a/logstash-core/lib/logstash/settings.rb b/logstash-core/lib/logstash/settings.rb
@@ -437,50 +437,7 @@ def validate(value)
 
     java_import org.logstash.settings.NullableStringSetting
     java_import org.logstash.settings.PasswordSetting
-    ValidatedPassword = org.logstash.settings.ValidatedPasswordSetting
-
-    # class ValidatedPassword < Setting::PasswordSetting
-    #   def initialize(name, value, password_policies)
-    #     @password_policies = password_policies
-    #     super(name, value, true)
-    #   end
-    #
-    #   def coerce(password)
-    #     if password && !password.kind_of?(::LogStash::Util::Password)
-    #       raise(ArgumentError, "Setting `#{name}` could not coerce LogStash::Util::Password value to password")
-    #     end
-    #
-    #     policies = build_password_policies
-    #     validatedResult = LogStash::Util::PasswordValidator.new(policies).validate(password.value)
-    #     if validatedResult.length() > 0
-    #       if @password_policies.fetch(:mode).eql?("WARN")
-    #         logger.warn("Password #{validatedResult}.")
-    #       else
-    #         raise(ArgumentError, "Password #{validatedResult}.")
-    #       end
-    #     end
-    #     password
-    #   end
-    #
-    #   def build_password_policies
-    #     policies = {}
-    #     policies[Util::PasswordPolicyType::EMPTY_STRING] = Util::PasswordPolicyParam.new
-    #     policies[Util::PasswordPolicyType::LENGTH] = Util::PasswordPolicyParam.new("MINIMUM_LENGTH", @password_policies.dig(:length, :minimum).to_s)
-    #     if @password_policies.dig(:include, :upper).eql?("REQUIRED")
-    #       policies[Util::PasswordPolicyType::UPPER_CASE] = Util::PasswordPolicyParam.new
-    #     end
-    #     if @password_policies.dig(:include, :lower).eql?("REQUIRED")
-    #       policies[Util::PasswordPolicyType::LOWER_CASE] = Util::PasswordPolicyParam.new
-    #     end
-    #     if @password_policies.dig(:include, :digit).eql?("REQUIRED")
-    #       policies[Util::PasswordPolicyType::DIGIT] = Util::PasswordPolicyParam.new
-    #     end
-    #     if @password_policies.dig(:include, :symbol).eql?("REQUIRED")
-    #       policies[Util::PasswordPolicyType::SYMBOL] = Util::PasswordPolicyParam.new
-    #     end
-    #     policies
-    #   end
-    # end
+    java_import org.logstash.settings.ValidatedPasswordSetting
 
     # The CoercibleString allows user to enter any value which coerces to a String.
     # For example for true/false booleans; if the possible_strings are ["foo", "true", "false"]
diff --git a/logstash-core/lib/logstash/webserver.rb b/logstash-core/lib/logstash/webserver.rb
@@ -150,7 +150,7 @@ def initialize(logger, agent, options = {})
         username = options[:auth_basic].fetch(:username)
         password = options[:auth_basic].fetch(:password)
         password_policies = options[:auth_basic].fetch(:password_policies)
-        validated_password = Setting::ValidatedPassword.new("api.auth.basic.password", password, password_policies).freeze
+        validated_password = Setting::ValidatedPasswordSetting.new("api.auth.basic.password", password, password_policies).freeze
         app = Rack::Auth::Basic.new(app, "logstash-api") { |u, p| u == username && p == validated_password.value.value }
       end
 
diff --git a/logstash-core/spec/logstash/settings_spec.rb b/logstash-core/spec/logstash/settings_spec.rb
@@ -283,20 +283,20 @@
     context "when running PasswordValidator coerce" do
       it "raises an error when supplied value is not LogStash::Util::Password" do
         expect {
-          LogStash::Setting::ValidatedPassword.new("test.validated.password", "testPassword", password_policies)
+          LogStash::Setting::ValidatedPasswordSetting.new("test.validated.password", "testPassword", password_policies)
         }.to raise_error(IllegalArgumentException, a_string_including("Setting `test.validated.password` could not coerce LogStash::Util::Password value to password"))
       end
 
       it "fails on validation" do
         password = LogStash::Util::Password.new("Password!")
         expect {
-          LogStash::Setting::ValidatedPassword.new("test.validated.password", password, password_policies)
+          LogStash::Setting::ValidatedPasswordSetting.new("test.validated.password", password, password_policies)
         }.to raise_error(IllegalArgumentException, a_string_including("Password must contain at least one digit between 0 and 9."))
       end
 
       it "validates the password successfully" do
         password = LogStash::Util::Password.new("Password123!")
-        expect(LogStash::Setting::ValidatedPassword.new("test.validated.password", password, password_policies)).to_not be_nil
+        expect(LogStash::Setting::ValidatedPasswordSetting.new("test.validated.password", password, password_policies)).to_not be_nil
       end
     end
   end
