TEXTINPUT_PASSWORD fields rendered as plain text

testing
server-manager

(Marc) #1

Some password fields assigned as TEXTINPUT_PASSWORD on the templates, at the end are rendered as input fields with type=“text” instead of type=“password”.

As an example the password fields on backup data page.


We Are NethServer - Community Overview - Sep 18
(Markus Neuberger) #2

Another example is the pop3 connector password.


(Marc) #3

I think all but the ones with password strength check are affected.


(Davide Principi) #4

In some cases a visible password could be useful. It’s now widely adopted the “eye” button that shows/hides the password text in the input field… :thinking:


(Davide Principi) #5

…however what you pointed out is surely a #bug due to a mismatched right parenthesis

The $view::TEXTINPUT flag should be the 2nd argument to textInput().

@dnutan @mrmarkuz would you like to submit a patch?


(Marc) #6

PR made for Backup module.
Optional PR proposed but untested. I understand sometimes it’s useful to see the password (without going to CLI), feel free to accept/reject them or ask what users prefer:

Maybe change could also apply to these, but no PR made:


(Davide Principi) #7

I’d merge all the optional PRs if we add the show/hide behavior to the TEXINPUT_PASSWORD flag.

image

… and when the “eye-slash” button is pressed becomes:

image

HTML snippet, appended to the INPUT tag

<button style="display: inline-block;border: 1px solid gray;width: 31px;height: 31px;vertical-align: top;"><i class="fa fa-eye"></i></button>

(Davide Principi) #8

@dnutan would you mind opening an issue on GitHub? The description could be just a summary of this topic (and a link to it). Decide by yourself if writing it as bug or enhancement.

All your PRs should contain an URL reference to the new issue.

I could extend the Nethgui password widget unless you prefer to dive in it - I can wait too :wink:


(Marc) #9

The reported issue is now filed as a bug.
The eye-candy it’s filed as unlabeled issue but to be considered as an enhancement.

Go for it! I’m out of snorkels, safer staying on solid ground.


(Davide Principi) #10

Thank you for your help!

Once the eye button is added they can be changed to enahanced password fields too…


(Giacomo Sanchietti) #11

I agree this is a bug, but I still prefer to see the passwords as input text fields when they are saved in clear text inside the esmith db.

The best solution is to implement the “eye” icon to show and hide the password as suggested by @davidep

For now, I’d go with fixing the backup-data form which must display the password, otherwise the user doesn’t know if it has been filled correctly.
If no one other than @davidep can add the “eye” icon to the NethGUI framework, I would like to leave existing modules untouched.
But I also would like to sponsor this suggestion for the new Cockpit-based UI.


(Davide Principi) #12

@dnutan, your pull requests have been merged!

Now who wants to test those packages? /cc @quality_team

Please refer to

…and don’t forget the login form :wink:


(Stéphane de Labrusse) #13

@dnutan, testing your code, it seems you missed the password field of ldapservice user when you created a local AD (account provider menu), would you mind to add it please ?


(Stéphane de Labrusse) #14

@davidep @dnutan I have some doubts concerning nethserver-vpn, I saw that you patched the rpm but I can read in GitHub that it has been merged in nethserver-openvpn for ns7, what is the current state ?


(Davide Principi) #15

I blindly trusted the PRs: let’s ask @dnutan :hugs:


(Stéphane de Labrusse) #16

OT but nethserver-vpn requires nethserver-directory, so it drives to conflict with nethserver-dc


(Marc) #17

Still at work, will check it tonight.

My fault. AFAIK nethserver-vpn is not used on ns7. It might still be used on ns6 (idk for sure).


(Stéphane de Labrusse) #18

No problem at all, QA is made to ask questions, please continue the good work


(Marc) #19

AD Bind Password field was left as is on purpose. Didn’t know whether the implementation would work well with disabled fields (in this case is not disabled but read-only). You may find the same with other read-only fields.
Tested it on a read-only field and we can add the “eye” button without problems.


(Davide Principi) #20

Packages released