diff --git a/db/fixtures/development/18_abuse_reports.rb b/db/fixtures/development/18_abuse_reports.rb
index b06beca35e981d16d3f955e9e5418f5dd0f46911..88d2f784852f1e878ce5af837ecf5fa0f71c47de 100644
--- a/db/fixtures/development/18_abuse_reports.rb
+++ b/db/fixtures/development/18_abuse_reports.rb
@@ -11,7 +11,7 @@ def self.seed
name: FFaker::Name.name,
email: FFaker::Internet.email,
confirmed_at: DateTime.now,
- password: Gitlab::Password.test_default
+ password: '12345678'
)
::AbuseReport.create(reporter: ::User.take, user: reported_user, message: 'User sends spam')
diff --git a/ee/spec/features/merge_request/user_approves_with_password_spec.rb b/ee/spec/features/merge_request/user_approves_with_password_spec.rb
index 005edb9889716610f2728e2f8710c2e4a057a451..03d1aa91d7d9ba7c917cbacce7c9477a40f2f234 100644
--- a/ee/spec/features/merge_request/user_approves_with_password_spec.rb
+++ b/ee/spec/features/merge_request/user_approves_with_password_spec.rb
@@ -16,7 +16,7 @@
end
it 'works, when user approves and enters correct password' do
- approve_with_password Gitlab::Password.test_default
+ approve_with_password '12345678'
page.within('.js-mr-approvals') do
expect(page).not_to have_button('Approve')
@@ -25,7 +25,7 @@
end
it 'does not need password to unapprove' do
- approve_with_password Gitlab::Password.test_default
+ approve_with_password '12345678'
unapprove
expect(page).to have_button('Approve')
diff --git a/ee/spec/features/trial_registrations/signin_spec.rb b/ee/spec/features/trial_registrations/signin_spec.rb
index 11a93efd884bb1596fb12351e5703f8ab299c539..9e45341c5715ba19e3b7c169525511e0a6e6f451 100644
--- a/ee/spec/features/trial_registrations/signin_spec.rb
+++ b/ee/spec/features/trial_registrations/signin_spec.rb
@@ -18,7 +18,7 @@
within('div#login-pane') do
fill_in 'user_login', with: user.email
- fill_in 'user_password', with: Gitlab::Password.test_default
+ fill_in 'user_password', with: '12345678'
click_button 'Sign in'
end
diff --git a/ee/spec/features/users/login_spec.rb b/ee/spec/features/users/login_spec.rb
index e4a9a2c5246aa648a3a4de9d2bdafed9fa189c66..7f0c02e6227e22f7310a0d1c453b5b2137e947c9 100644
--- a/ee/spec/features/users/login_spec.rb
+++ b/ee/spec/features/users/login_spec.rb
@@ -12,7 +12,7 @@
end
it 'creates a security event for an invalid password login' do
- user = create(:user, password: "not" + Gitlab::Password.test_default)
+ user = create(:user, password: 'not-the-default')
expect { gitlab_sign_in(user) }
.to change { AuditEvent.where(entity_id: -1).count }.from(0).to(1)
diff --git a/ee/spec/lib/ee/gitlab/scim/provisioning_service_spec.rb b/ee/spec/lib/ee/gitlab/scim/provisioning_service_spec.rb
index a19eedcbd4f2bd384e1503edf08f656265721abd..1bc1032f9bdef2c18c822ece47e9107f1e854f04 100644
--- a/ee/spec/lib/ee/gitlab/scim/provisioning_service_spec.rb
+++ b/ee/spec/lib/ee/gitlab/scim/provisioning_service_spec.rb
@@ -128,8 +128,7 @@ def user
email: 'work@example.com',
name: 'Test Name',
extern_uid: 'test_uid',
- username: 'username',
- password: Gitlab::Password.test_default
+ username: 'username'
}
end
diff --git a/ee/spec/lib/gitlab/auth/smartcard/certificate_spec.rb b/ee/spec/lib/gitlab/auth/smartcard/certificate_spec.rb
index e2d99adaa86e5bafe7f23803ad9332d69b86fd87..0dc6c0aeb73a921f04a81f315da5239dbfa5a1f7 100644
--- a/ee/spec/lib/gitlab/auth/smartcard/certificate_spec.rb
+++ b/ee/spec/lib/gitlab/auth/smartcard/certificate_spec.rb
@@ -142,7 +142,7 @@
context 'avoids conflicting namespaces' do
let(:subject_dn) { '/CN=Gitlab User/emailAddress=gitlab-user@random-corp.org' }
- let!(:existing_user) { create(:user, username: 'GitlabUser', password: Gitlab::Password.test_default) }
+ let!(:existing_user) { create(:user, username: 'GitlabUser') }
it 'creates user with correct usnername' do
expect { subject }.to change { User.count }.from(1).to(2)
diff --git a/ee/spec/lib/gitlab/auth_spec.rb b/ee/spec/lib/gitlab/auth_spec.rb
index 0827106476bcb4e6f4268f0bb3e6442b6de13b9e..427e3f02ac86d35c3d627130281df35bc75b9065 100644
--- a/ee/spec/lib/gitlab/auth_spec.rb
+++ b/ee/spec/lib/gitlab/auth_spec.rb
@@ -12,7 +12,7 @@
end
let(:username) { 'John' } # username isn't lowercase, test this
- let(:password) { Gitlab::Password.test_default }
+ let(:password) { 'my-secret' }
context 'with kerberos' do
before do
diff --git a/ee/spec/requests/api/merge_request_approvals_spec.rb b/ee/spec/requests/api/merge_request_approvals_spec.rb
index b5aac8b77442683ddd0e9446e40ad28efc8a2806..d6945fd09990d2c800764d35f8e9849929f78de6 100644
--- a/ee/spec/requests/api/merge_request_approvals_spec.rb
+++ b/ee/spec/requests/api/merge_request_approvals_spec.rb
@@ -405,7 +405,7 @@ def approve(extra_params = {})
context 'when project requires force auth for approval' do
before do
project.update!(require_password_to_approve: true)
- approver.update!(password: Gitlab::Password.test_default)
+ approver.update!(password: 'password')
end
it 'does not approve the merge request with no password' do
@@ -416,14 +416,14 @@ def approve(extra_params = {})
end
it 'does not approve the merge request with incorrect password' do
- approve(approval_password: "not" + Gitlab::Password.test_default)
+ approve(approval_password: 'incorrect')
expect(response).to have_gitlab_http_status(:unauthorized)
expect(merge_request.reload.approvals_left).to eq(2)
end
it 'approves the merge request with correct password' do
- approve(approval_password: Gitlab::Password.test_default)
+ approve(approval_password: 'password')
expect(response).to have_gitlab_http_status(:created)
expect(merge_request.reload.approvals_left).to eq(1)
diff --git a/ee/spec/requests/api/scim_spec.rb b/ee/spec/requests/api/scim_spec.rb
index ccd28f3e6a099cfb7452f70b4e66460064742fb6..f126ad23c012ae00d322a323851b2f9613b43292 100644
--- a/ee/spec/requests/api/scim_spec.rb
+++ b/ee/spec/requests/api/scim_spec.rb
@@ -7,7 +7,7 @@
let(:scim_token) { create(:scim_oauth_access_token, group: group) }
let(:group) { identity.group }
- let_it_be(:password) { Gitlab::Password.test_default }
+ let_it_be(:password) { 'secret_pass' }
let_it_be(:access_token) { 'secret_token' }
before do
diff --git a/ee/spec/requests/api/users_spec.rb b/ee/spec/requests/api/users_spec.rb
index ea09ccfd50cb5770067b3e55276d31761c851b6e..e352e5ce24e2e2c77b147d28caa6113c4c4a9670 100644
--- a/ee/spec/requests/api/users_spec.rb
+++ b/ee/spec/requests/api/users_spec.rb
@@ -71,7 +71,7 @@
describe "PUT /users/:id" do
it "creates audit event when updating user with new password" do
- put api("/users/#{user.id}", admin), params: { password: Gitlab::Password.test_default }
+ put api("/users/#{user.id}", admin), params: { password: '12345678' }
expect(AuditEvent.count).to eq(1)
end
diff --git a/ee/spec/services/ee/users/create_service_spec.rb b/ee/spec/services/ee/users/create_service_spec.rb
index 444d25c87220438f897cdd4db92913c37dff422b..e094f85d27773aad6fc01ddd255f98ad8bb55f41 100644
--- a/ee/spec/services/ee/users/create_service_spec.rb
+++ b/ee/spec/services/ee/users/create_service_spec.rb
@@ -10,7 +10,7 @@
name: 'John Doe',
username: 'jduser',
email: 'jd@example.com',
- password: Gitlab::Password.test_default
+ password: 'mydummypass'
}
end
diff --git a/ee/spec/services/ee/users/update_service_spec.rb b/ee/spec/services/ee/users/update_service_spec.rb
index 9676de31734d60ba308d696b72418c1b472fe090..a287bf06587fb9b020daa68b6c5c9fb2e9a07747 100644
--- a/ee/spec/services/ee/users/update_service_spec.rb
+++ b/ee/spec/services/ee/users/update_service_spec.rb
@@ -177,7 +177,7 @@
let(:service) { described_class.new(admin_user, ActionController::Parameters.new(params).permit!) }
let(:params) do
- { name: 'John Doe', username: 'jduser', email: 'jd@example.com', password: Gitlab::Password.test_default }
+ { name: 'John Doe', username: 'jduser', email: 'jd@example.com', password: 'mydummypass' }
end
context 'allowed params' do
diff --git a/ee/spec/services/merge_requests/approval_service_spec.rb b/ee/spec/services/merge_requests/approval_service_spec.rb
index 694039464cd8086c5fc92e093475a4fbf094b1db..6ffe47648297c1f65f191503858fc4ef430ea5ac 100644
--- a/ee/spec/services/merge_requests/approval_service_spec.rb
+++ b/ee/spec/services/merge_requests/approval_service_spec.rb
@@ -142,7 +142,7 @@
context 'when project requires force auth for approval' do
before do
project.update!(require_password_to_approve: true)
- user.update!(password: Gitlab::Password.test_default)
+ user.update!(password: 'password')
end
context 'when password not specified' do
it 'does not update the approvals' do
@@ -152,7 +152,7 @@
context 'when incorrect password is specified' do
let(:params) do
- { approval_password: "not" + Gitlab::Password.test_default }
+ { approval_password: 'incorrect' }
end
it 'does not update the approvals' do
@@ -164,7 +164,7 @@
context 'when correct password is specified' do
let(:params) do
- { approval_password: Gitlab::Password.test_default }
+ { approval_password: 'password' }
end
it 'approves the merge request' do
diff --git a/lib/gitlab/auth/o_auth/user.rb b/lib/gitlab/auth/o_auth/user.rb
index 200f1a843e692edff05fc93991e0d8735366d570..d9efb6b8d2db7d6909b7a1d077e327a4bc131f2b 100644
--- a/lib/gitlab/auth/o_auth/user.rb
+++ b/lib/gitlab/auth/o_auth/user.rb
@@ -239,8 +239,8 @@ def user_attributes
name: name.strip.presence || valid_username,
username: valid_username,
email: email,
- password: Gitlab::Password.test_default(21),
- password_confirmation: Gitlab::Password.test_default(21),
+ password: auth_hash.password,
+ password_confirmation: auth_hash.password,
password_automatically_set: true
}
end
diff --git a/lib/gitlab/password.rb b/lib/gitlab/password.rb
deleted file mode 100644
index 00aef8754d69712964dcd2534850ebe53aa6a609..0000000000000000000000000000000000000000
--- a/lib/gitlab/password.rb
+++ /dev/null
@@ -1,14 +0,0 @@
-# frozen_string_literal: true
-
-# This module is used to return fake strong password for tests
-
-module Gitlab
- module Password
- DEFAULT_LENGTH = 12
- TEST_DEFAULT = "123qweQWE!@#" + "0" * (User.password_length.max - DEFAULT_LENGTH)
- def self.test_default(length = 12)
- password_length = [[User.password_length.min, length].max, User.password_length.max].min
- TEST_DEFAULT[...password_length]
- end
- end
-end
diff --git a/lib/tasks/gitlab/seed/group_seed.rake b/lib/tasks/gitlab/seed/group_seed.rake
index 491cf78298545ff13f53d895ccdfde6e8cc36ab9..a9a350fb6c3cde26ef8e8f4bce0e611906f14d1d 100644
--- a/lib/tasks/gitlab/seed/group_seed.rake
+++ b/lib/tasks/gitlab/seed/group_seed.rake
@@ -125,7 +125,7 @@ class GroupSeeder
name: FFaker::Name.name,
email: FFaker::Internet.email,
confirmed_at: DateTime.now,
- password: Gitlab::Password.test_default
+ password: Devise.friendly_token
)
end
diff --git a/spec/controllers/admin/users_controller_spec.rb b/spec/controllers/admin/users_controller_spec.rb
index c52223d4758113372508a97cf26663471eca62c2..c46a12680a206e099579ba95b716e0bc5dcba42d 100644
--- a/spec/controllers/admin/users_controller_spec.rb
+++ b/spec/controllers/admin/users_controller_spec.rb
@@ -612,8 +612,8 @@ def update_password(user, password = User.random_password, password_confirmation
end
context 'when the new password does not match the password confirmation' do
- let(:password) { Gitlab::Password.test_default }
- let(:password_confirmation) { "not" + Gitlab::Password.test_default }
+ let(:password) { 'some_password' }
+ let(:password_confirmation) { 'not_same_as_password' }
it 'shows the edit page again' do
update_password(user, password, password_confirmation)
diff --git a/spec/controllers/registrations_controller_spec.rb b/spec/controllers/registrations_controller_spec.rb
index af34ae2f69bcb3a507a62d7c315e27b79ad90a8d..caff7bcfc7bf6ea091beb17a53b71f60a2fc5488 100644
--- a/spec/controllers/registrations_controller_spec.rb
+++ b/spec/controllers/registrations_controller_spec.rb
@@ -521,7 +521,7 @@ def expect_success
end
it 'succeeds if password is confirmed' do
- post :destroy, params: { password: Gitlab::Password.test_default }
+ post :destroy, params: { password: '12345678' }
expect_success
end
@@ -562,7 +562,7 @@ def expect_success
end
it 'fails' do
- delete :destroy, params: { password: Gitlab::Password.test_default }
+ delete :destroy, params: { password: '12345678' }
expect_failure(s_('Profiles|You must transfer ownership or delete groups you are an owner of before you can delete your account'))
end
diff --git a/spec/factories/users.rb b/spec/factories/users.rb
index eb89cb0a40aed6d0c24ed70f830a320eb39ce0bb..88ebe7ca606fc7ad6a4c30e817040ec1134e4ba7 100644
--- a/spec/factories/users.rb
+++ b/spec/factories/users.rb
@@ -5,7 +5,7 @@
email { generate(:email) }
name { generate(:name) }
username { generate(:username) }
- password { Gitlab::Password.test_default }
+ password { "12345678" }
role { 'software_developer' }
confirmed_at { Time.now }
confirmation_token { nil }
diff --git a/spec/features/password_reset_spec.rb b/spec/features/password_reset_spec.rb
index a4e167a3e75563fb2b5dca93728e1e9cd4e48db2..f89e19f53615b14e97cda9986a6ea496a26704bf 100644
--- a/spec/features/password_reset_spec.rb
+++ b/spec/features/password_reset_spec.rb
@@ -44,8 +44,8 @@
visit(edit_user_password_path(reset_password_token: token))
- fill_in 'New password', with: "new" + Gitlab::Password.test_default
- fill_in 'Confirm new password', with: "new" + Gitlab::Password.test_default
+ fill_in 'New password', with: 'hello1234'
+ fill_in 'Confirm new password', with: 'hello1234'
click_button 'Change your password'
diff --git a/spec/features/profile_spec.rb b/spec/features/profile_spec.rb
index 34eb07d78f1de545acbccb4b9e78ca99344f120e..36657406303cfb992585ed14c9a84e449f73c9e4 100644
--- a/spec/features/profile_spec.rb
+++ b/spec/features/profile_spec.rb
@@ -29,7 +29,7 @@
it 'deletes user', :js, :sidekiq_might_not_need_inline do
click_button 'Delete account'
- fill_in 'password', with: Gitlab::Password.test_default
+ fill_in 'password', with: '12345678'
page.within '.modal' do
click_button 'Delete account'
diff --git a/spec/features/profiles/password_spec.rb b/spec/features/profiles/password_spec.rb
index 2181285f7716d984fceafe1271c48b33574f7ff2..7eadb74d2d41cf784fa25da7c3964eb0168d76d0 100644
--- a/spec/features/profiles/password_spec.rb
+++ b/spec/features/profiles/password_spec.rb
@@ -39,7 +39,7 @@ def fill_passwords(password, confirmation)
describe 'User puts the same passwords in the field and in the confirmation' do
it 'shows a success message' do
- fill_passwords(Gitlab::Password.test_default, Gitlab::Password.test_default)
+ fill_passwords('mypassword', 'mypassword')
page.within('[data-testid="alert-info"]') do
expect(page).to have_content('Password was successfully updated. Please sign in again.')
@@ -79,7 +79,7 @@ def fill_passwords(password, confirmation)
end
context 'Change password' do
- let(:new_password) { "new" + Gitlab::Password.test_default }
+ let(:new_password) { '22233344' }
before do
sign_in(user)
@@ -170,8 +170,8 @@ def fill_passwords(password, confirmation)
expect(page).to have_current_path new_profile_password_path, ignore_query: true
fill_in :user_password, with: user.password
- fill_in :user_new_password, with: Gitlab::Password.test_default
- fill_in :user_password_confirmation, with: Gitlab::Password.test_default
+ fill_in :user_new_password, with: '12345678'
+ fill_in :user_password_confirmation, with: '12345678'
click_button 'Set new password'
expect(page).to have_current_path new_user_session_path, ignore_query: true
diff --git a/spec/features/users/anonymous_sessions_spec.rb b/spec/features/users/anonymous_sessions_spec.rb
index f9b23626397202e4c84136c5973604ce27a3cc07..6b21412ae3d3c125088038a34a1308466bf9a649 100644
--- a/spec/features/users/anonymous_sessions_spec.rb
+++ b/spec/features/users/anonymous_sessions_spec.rb
@@ -9,7 +9,7 @@
visit new_user_session_path
# The session key only gets created after a post
fill_in 'user_login', with: 'non-existant@gitlab.org'
- fill_in 'user_password', with: Gitlab::Password.test_default
+ fill_in 'user_password', with: '12345678'
click_button 'Sign in'
expect(page).to have_content('Invalid login or password')
diff --git a/spec/features/users/login_spec.rb b/spec/features/users/login_spec.rb
index 4d06415e203e2b3ba55b06cbb6f05d5634dd12d4..13d7078322e27d94dc3ac6a0198a01637b37330f 100644
--- a/spec/features/users/login_spec.rb
+++ b/spec/features/users/login_spec.rb
@@ -49,15 +49,15 @@
expect(page).to have_current_path edit_user_password_path, ignore_query: true
expect(page).to have_content('Please create a password for your new account.')
- fill_in 'user_password', with: Gitlab::Password.test_default
- fill_in 'user_password_confirmation', with: Gitlab::Password.test_default
+ fill_in 'user_password', with: 'password'
+ fill_in 'user_password_confirmation', with: 'password'
click_button 'Change your password'
expect(page).to have_current_path new_user_session_path, ignore_query: true
expect(page).to have_content(I18n.t('devise.passwords.updated_not_active'))
fill_in 'user_login', with: user.username
- fill_in 'user_password', with: Gitlab::Password.test_default
+ fill_in 'user_password', with: 'password'
click_button 'Sign in'
expect_single_session_with_authenticated_ttl
@@ -210,7 +210,7 @@ def enter_code(code)
end
it 'does not allow sign-in if the user password is updated before entering a one-time code' do
- user.update!(password: "new" + Gitlab::Password.test_default)
+ user.update!(password: 'new_password')
enter_code(user.current_otp)
@@ -447,7 +447,7 @@ def sign_in_using_saml!
visit new_user_session_path
fill_in 'user_login', with: user.email
- fill_in 'user_password', with: Gitlab::Password.test_default
+ fill_in 'user_password', with: '12345678'
click_button 'Sign in'
expect(page).to have_current_path(new_profile_password_path, ignore_query: true)
@@ -456,7 +456,7 @@ def sign_in_using_saml!
end
context 'with invalid username and password' do
- let(:user) { create(:user, password: "not" + Gitlab::Password.test_default) }
+ let(:user) { create(:user, password: 'not-the-default') }
it 'blocks invalid login' do
expect(authentication_metrics)
@@ -767,7 +767,7 @@ def sign_in_using_saml!
visit new_user_session_path
fill_in 'user_login', with: user.email
- fill_in 'user_password', with: Gitlab::Password.test_default
+ fill_in 'user_password', with: '12345678'
click_button 'Sign in'
@@ -788,7 +788,7 @@ def sign_in_using_saml!
visit new_user_session_path
fill_in 'user_login', with: user.email
- fill_in 'user_password', with: Gitlab::Password.test_default
+ fill_in 'user_password', with: '12345678'
click_button 'Sign in'
@@ -810,7 +810,7 @@ def sign_in_using_saml!
visit new_user_session_path
fill_in 'user_login', with: user.email
- fill_in 'user_password', with: Gitlab::Password.test_default
+ fill_in 'user_password', with: '12345678'
click_button 'Sign in'
@@ -845,7 +845,7 @@ def sign_in_using_saml!
visit new_user_session_path
fill_in 'user_login', with: user.email
- fill_in 'user_password', with: Gitlab::Password.test_default
+ fill_in 'user_password', with: '12345678'
click_button 'Sign in'
fill_in 'user_otp_attempt', with: user.reload.current_otp
@@ -871,7 +871,7 @@ def sign_in_using_saml!
visit new_user_session_path
fill_in 'user_login', with: user.email
- fill_in 'user_password', with: Gitlab::Password.test_default
+ fill_in 'user_password', with: '12345678'
click_button 'Sign in'
expect_to_be_on_terms_page
@@ -879,7 +879,7 @@ def sign_in_using_saml!
expect(page).to have_current_path(new_profile_password_path, ignore_query: true)
- fill_in 'user_password', with: Gitlab::Password.test_default
+ fill_in 'user_password', with: '12345678'
fill_in 'user_new_password', with: 'new password'
fill_in 'user_password_confirmation', with: 'new password'
click_button 'Set new password'
diff --git a/spec/lib/gitlab/auth_spec.rb b/spec/lib/gitlab/auth_spec.rb
index 706344831b8e7560a0b995f8e8c4be341f42143b..f5a7495617485627178f202d59efeb1233b338ce 100644
--- a/spec/lib/gitlab/auth_spec.rb
+++ b/spec/lib/gitlab/auth_spec.rb
@@ -87,7 +87,7 @@
end
context 'when IP is already banned' do
- subject { gl_auth.find_for_git_client('username', Gitlab::Password.test_default, project: nil, ip: 'ip') }
+ subject { gl_auth.find_for_git_client('username', 'password', project: nil, ip: 'ip') }
before do
expect_next_instance_of(Gitlab::Auth::IpRateLimiter) do |rate_limiter|
@@ -219,16 +219,16 @@
end
it 'recognizes master passwords' do
- user = create(:user, password: Gitlab::Password.test_default)
+ user = create(:user, password: 'password')
- expect(gl_auth.find_for_git_client(user.username, Gitlab::Password.test_default, project: nil, ip: 'ip')).to have_attributes(actor: user, project: nil, type: :gitlab_or_ldap, authentication_abilities: described_class.full_authentication_abilities)
+ expect(gl_auth.find_for_git_client(user.username, 'password', project: nil, ip: 'ip')).to have_attributes(actor: user, project: nil, type: :gitlab_or_ldap, authentication_abilities: described_class.full_authentication_abilities)
end
include_examples 'user login operation with unique ip limit' do
- let(:user) { create(:user, password: Gitlab::Password.test_default) }
+ let(:user) { create(:user, password: 'password') }
def operation
- expect(gl_auth.find_for_git_client(user.username, Gitlab::Password.test_default, project: nil, ip: 'ip')).to have_attributes(actor: user, project: nil, type: :gitlab_or_ldap, authentication_abilities: described_class.full_authentication_abilities)
+ expect(gl_auth.find_for_git_client(user.username, 'password', project: nil, ip: 'ip')).to have_attributes(actor: user, project: nil, type: :gitlab_or_ldap, authentication_abilities: described_class.full_authentication_abilities)
end
end
@@ -492,7 +492,7 @@ def operation
:user,
:blocked,
username: 'normal_user',
- password: Gitlab::Password.test_default
+ password: 'my-secret'
)
expect(gl_auth.find_for_git_client(user.username, user.password, project: nil, ip: 'ip'))
@@ -501,7 +501,7 @@ def operation
context 'when 2fa is enabled globally' do
let_it_be(:user) do
- create(:user, username: 'normal_user', password: Gitlab::Password.test_default, otp_grace_period_started_at: 1.day.ago)
+ create(:user, username: 'normal_user', password: 'my-secret', otp_grace_period_started_at: 1.day.ago)
end
before do
@@ -525,7 +525,7 @@ def operation
context 'when 2fa is enabled personally' do
let(:user) do
- create(:user, :two_factor, username: 'normal_user', password: Gitlab::Password.test_default, otp_grace_period_started_at: 1.day.ago)
+ create(:user, :two_factor, username: 'normal_user', password: 'my-secret', otp_grace_period_started_at: 1.day.ago)
end
it 'fails' do
@@ -538,7 +538,7 @@ def operation
user = create(
:user,
username: 'normal_user',
- password: Gitlab::Password.test_default
+ password: 'my-secret'
)
expect(gl_auth.find_for_git_client(user.username, user.password, project: nil, ip: 'ip'))
@@ -549,7 +549,7 @@ def operation
user = create(
:user,
username: 'oauth2',
- password: Gitlab::Password.test_default
+ password: 'my-secret'
)
expect(gl_auth.find_for_git_client(user.username, user.password, project: nil, ip: 'ip'))
@@ -624,7 +624,7 @@ def operation
context 'when deploy token and user have the same username' do
let(:username) { 'normal_user' }
- let(:user) { create(:user, username: username, password: Gitlab::Password.test_default) }
+ let(:user) { create(:user, username: username, password: 'my-secret') }
let(:deploy_token) { create(:deploy_token, username: username, read_registry: false, projects: [project]) }
it 'succeeds for the token' do
@@ -637,7 +637,7 @@ def operation
it 'succeeds for the user' do
auth_success = { actor: user, project: nil, type: :gitlab_or_ldap, authentication_abilities: described_class.full_authentication_abilities }
- expect(gl_auth.find_for_git_client(username, Gitlab::Password.test_default, project: project, ip: 'ip'))
+ expect(gl_auth.find_for_git_client(username, 'my-secret', project: project, ip: 'ip'))
.to have_attributes(auth_success)
end
end
@@ -831,7 +831,7 @@ def operation
end
let(:username) { 'John' } # username isn't lowercase, test this
- let(:password) { Gitlab::Password.test_default }
+ let(:password) { 'my-secret' }
it "finds user by valid login/password" do
expect(gl_auth.find_with_user_password(username, password)).to eql user
@@ -956,13 +956,13 @@ def operation
it "does not find user by using ldap as fallback to for authentication" do
expect(Gitlab::Auth::Ldap::Authentication).to receive(:login).and_return(nil)
- expect(gl_auth.find_with_user_password('ldap_user', Gitlab::Password.test_default)).to be_nil
+ expect(gl_auth.find_with_user_password('ldap_user', 'password')).to be_nil
end
it "find new user by using ldap as fallback to for authentication" do
expect(Gitlab::Auth::Ldap::Authentication).to receive(:login).and_return(user)
- expect(gl_auth.find_with_user_password('ldap_user', Gitlab::Password.test_default)).to eq(user)
+ expect(gl_auth.find_with_user_password('ldap_user', 'password')).to eq(user)
end
end
diff --git a/spec/mailers/emails/profile_spec.rb b/spec/mailers/emails/profile_spec.rb
index 88efdbd77be6d74209252d36224036dccf9f0cb5..f4483f7e8f5c7b3ef73e8110ea66b0e968d17c93 100644
--- a/spec/mailers/emails/profile_spec.rb
+++ b/spec/mailers/emails/profile_spec.rb
@@ -49,7 +49,7 @@
describe 'for users that signed up, the email' do
let(:example_site_path) { root_path }
- let(:new_user) { create(:user, email: new_user_address, password: Gitlab::Password.test_default) }
+ let(:new_user) { create(:user, email: new_user_address, password: "securePassword") }
subject { Notify.new_user_email(new_user.id) }
diff --git a/spec/models/hooks/system_hook_spec.rb b/spec/models/hooks/system_hook_spec.rb
index a3d36058b743b8f5f2383dc5581b543cf47369a6..bf69c7219a81bcb6995754779088c4aab2c83c2d 100644
--- a/spec/models/hooks/system_hook_spec.rb
+++ b/spec/models/hooks/system_hook_spec.rb
@@ -37,7 +37,7 @@
let(:project) { create(:project, namespace: user.namespace) }
let(:group) { create(:group) }
let(:params) do
- { name: 'John Doe', username: 'jduser', email: 'jg@example.com', password: Gitlab::Password.test_default }
+ { name: 'John Doe', username: 'jduser', email: 'jg@example.com', password: 'mydummypass' }
end
before do
diff --git a/spec/models/user_spec.rb b/spec/models/user_spec.rb
index b16a76211ebd32d9470efa59ecec9fad254bc73d..d4e82b5798fad435a1f13193da2af1c76691ae2c 100644
--- a/spec/models/user_spec.rb
+++ b/spec/models/user_spec.rb
@@ -1757,9 +1757,9 @@
describe '#generate_password' do
it 'does not generate password by default' do
- user = create(:user, password: Gitlab::Password.test_default)
+ user = create(:user, password: 'abcdefghe')
- expect(user.password).to eq(Gitlab::Password.test_default)
+ expect(user.password).to eq('abcdefghe')
end
end
diff --git a/spec/requests/api/users_spec.rb b/spec/requests/api/users_spec.rb
index 3bc33a820ebe84911add10a49f574296d9bfba97..ba422a390b5aa403cd29d697be60c7f8b40587ea 100644
--- a/spec/requests/api/users_spec.rb
+++ b/spec/requests/api/users_spec.rb
@@ -1053,7 +1053,7 @@
post api('/users', admin),
params: {
email: 'invalid email',
- password: Gitlab::Password.test_default,
+ password: 'password',
name: 'test'
}
expect(response).to have_gitlab_http_status(:bad_request)
@@ -1119,7 +1119,7 @@
post api('/users', admin),
params: {
email: 'test@example.com',
- password: Gitlab::Password.test_default,
+ password: 'password',
username: 'test',
name: 'foo'
}
@@ -1131,7 +1131,7 @@
params: {
name: 'foo',
email: 'test@example.com',
- password: Gitlab::Password.test_default,
+ password: 'password',
username: 'foo'
}
end.to change { User.count }.by(0)
@@ -1145,7 +1145,7 @@
params: {
name: 'foo',
email: 'foo@example.com',
- password: Gitlab::Password.test_default,
+ password: 'password',
username: 'test'
}
end.to change { User.count }.by(0)
@@ -1159,7 +1159,7 @@
params: {
name: 'foo',
email: 'foo@example.com',
- password: Gitlab::Password.test_default,
+ password: 'password',
username: 'TEST'
}
end.to change { User.count }.by(0)
@@ -1504,8 +1504,8 @@ def update_password(user, admin, password = User.random_password)
context "with existing user" do
before do
- post api("/users", admin), params: { email: 'test@example.com', password: Gitlab::Password.test_default, username: 'test', name: 'test' }
- post api("/users", admin), params: { email: 'foo@bar.com', password: Gitlab::Password.test_default, username: 'john', name: 'john' }
+ post api("/users", admin), params: { email: 'test@example.com', password: 'password', username: 'test', name: 'test' }
+ post api("/users", admin), params: { email: 'foo@bar.com', password: 'password', username: 'john', name: 'john' }
@user = User.all.last
end
diff --git a/spec/requests/git_http_spec.rb b/spec/requests/git_http_spec.rb
index 9f9e1cfd90ed4d7367140fd3893bdb6ef83a8bb5..38c8d43376e0a9ec628da0ed59b29da65b3fddc7 100644
--- a/spec/requests/git_http_spec.rb
+++ b/spec/requests/git_http_spec.rb
@@ -319,7 +319,7 @@
context 'when user is using credentials with special characters' do
context 'with password with special characters' do
before do
- user.update!(password: Gitlab::Password.test_default)
+ user.update!(password: 'RKszEwéC5kFnû∆f243fycGu§Gh9ftDj!U')
end
it 'allows clones' do
@@ -1716,7 +1716,7 @@ def attempt_login(include_password)
context 'when user is using credentials with special characters' do
context 'with password with special characters' do
before do
- user.update!(password: Gitlab::Password.test_default)
+ user.update!(password: 'RKszEwéC5kFnû∆f243fycGu§Gh9ftDj!U')
end
it 'allows clones' do
diff --git a/spec/services/users/create_service_spec.rb b/spec/services/users/create_service_spec.rb
index ab9da82e91cc8434c65a19775e8cd06e19d3d865..74340bac0550ce22328dcea36451a9cef3b89403 100644
--- a/spec/services/users/create_service_spec.rb
+++ b/spec/services/users/create_service_spec.rb
@@ -12,7 +12,7 @@
context 'when required parameters are provided' do
let(:params) do
- { name: 'John Doe', username: 'jduser', email: email, password: Gitlab::Password.test_default }
+ { name: 'John Doe', username: 'jduser', email: email, password: 'mydummypass' }
end
it 'returns a persisted user' do
@@ -82,13 +82,13 @@
context 'when force_random_password parameter is true' do
let(:params) do
- { name: 'John Doe', username: 'jduser', email: 'jd@example.com', password: Gitlab::Password.test_default, force_random_password: true }
+ { name: 'John Doe', username: 'jduser', email: 'jd@example.com', password: 'mydummypass', force_random_password: true }
end
it 'generates random password' do
user = service.execute
- expect(user.password).not_to eq Gitlab::Password.test_default
+ expect(user.password).not_to eq 'mydummypass'
expect(user.password).to be_present
end
end
@@ -99,7 +99,7 @@
name: 'John Doe',
username: 'jduser',
email: 'jd@example.com',
- password: Gitlab::Password.test_default,
+ password: 'mydummypass',
password_automatically_set: true
}
end
@@ -121,7 +121,7 @@
context 'when skip_confirmation parameter is true' do
let(:params) do
- { name: 'John Doe', username: 'jduser', email: 'jd@example.com', password: Gitlab::Password.test_default, skip_confirmation: true }
+ { name: 'John Doe', username: 'jduser', email: 'jd@example.com', password: 'mydummypass', skip_confirmation: true }
end
it 'confirms the user' do
@@ -131,7 +131,7 @@
context 'when reset_password parameter is true' do
let(:params) do
- { name: 'John Doe', username: 'jduser', email: 'jd@example.com', password: Gitlab::Password.test_default, reset_password: true }
+ { name: 'John Doe', username: 'jduser', email: 'jd@example.com', password: 'mydummypass', reset_password: true }
end
it 'resets password even if a password parameter is given' do
@@ -152,7 +152,7 @@
context 'with nil user' do
let(:params) do
- { name: 'John Doe', username: 'jduser', email: 'jd@example.com', password: Gitlab::Password.test_default, skip_confirmation: true }
+ { name: 'John Doe', username: 'jduser', email: 'jd@example.com', password: 'mydummypass', skip_confirmation: true }
end
let(:service) { described_class.new(nil, params) }
diff --git a/spec/support/helpers/login_helpers.rb b/spec/support/helpers/login_helpers.rb
index c0734bae375d49e3dcd62527790a1bfa988869e0..386988f6d523ae5d36895225eed5eeac0cacebe3 100644
--- a/spec/support/helpers/login_helpers.rb
+++ b/spec/support/helpers/login_helpers.rb
@@ -95,7 +95,7 @@ def gitlab_sign_in_with(user, remember: false, two_factor_auth: false)
visit new_user_session_path
fill_in "user_login", with: user.email
- fill_in "user_password", with: Gitlab::Password.test_default
+ fill_in "user_password", with: "12345678"
check 'user_remember_me' if remember
click_button "Sign in"
diff --git a/spec/tasks/gitlab/password_rake_spec.rb b/spec/tasks/gitlab/password_rake_spec.rb
index ec18d713351a06dba89c9f5c797e7ef04541216d..65bba836024dcf92c6989a387fc8e990c1f72c2d 100644
--- a/spec/tasks/gitlab/password_rake_spec.rb
+++ b/spec/tasks/gitlab/password_rake_spec.rb
@@ -3,7 +3,7 @@
require 'rake_helper'
RSpec.describe 'gitlab:password rake tasks', :silence_stdout do
- let_it_be(:user_1) { create(:user, username: 'foobar', password: Gitlab::Password.test_default) }
+ let_it_be(:user_1) { create(:user, username: 'foobar', password: 'initial_password') }
def stub_username(username)
allow(Gitlab::TaskHelpers).to receive(:prompt).with('Enter username: ').and_return(username)
@@ -19,14 +19,14 @@ def stub_password(password, confirmation = nil)
Rake.application.rake_require 'tasks/gitlab/password'
stub_username('foobar')
- stub_password(Gitlab::Password.test_default)
+ stub_password('secretpassword')
end
describe ':reset' do
context 'when all inputs are correct' do
it 'updates the password properly' do
run_rake_task('gitlab:password:reset', user_1.username)
- expect(user_1.reload.valid_password?(Gitlab::Password.test_default)).to eq(true)
+ expect(user_1.reload.valid_password?('secretpassword')).to eq(true)
end
end
@@ -55,7 +55,7 @@ def stub_password(password, confirmation = nil)
context 'when passwords do not match' do
before do
- stub_password(Gitlab::Password.test_default, "different" + Gitlab::Password.test_default)
+ stub_password('randompassword', 'differentpassword')
end
it 'aborts with an error' do