Following BB2-1651, we determined the need to expose validation rules for passwords and callback URLs.
We should do this in a static fashion.
What Should Reviewers Watch For?
If you're reviewing this PR, please check for these things in particular:
Locally, http://localhost:8000/v1/o/applications/register/ should display help text below the callback urls text area. Additionally, the signup page will need to be validated upon sandbox deployment (local client invokes sandbox for signups, making it difficult to test locally without a test deplyment). You can validate the added help_text field in accounts/forms.py against existing PW validation rules.
Validation
What Security Implications Does This PR Have?
Please indicate if this PR does any of the following:
Adds any new software dependencies
Modifies any security controls
Adds new transmission or storage of data
Any other changes that could possibly affect security?
[ ] Yes, one or more of the above security implications apply. This PR must not be merged without the ISSO or team security engineer's approval.
Any Migrations?
[ ] Yes, there are migrations
[ ] The migrations should be run PRIOR to the code being deployed
[ ] The migrations should be run AFTER the code is deployed
[ ] There is a more complicated migration plan (downtime, etc)
loganbertram
commented
3 months ago
JIRA Ticket: BB2-3281
What Does This PR Do?
Following BB2-1651, we determined the need to expose validation rules for passwords and callback URLs.
We should do this in a static fashion.
What Should Reviewers Watch For?
If you're reviewing this PR, please check for these things in particular:
Locally, http://localhost:8000/v1/o/applications/register/ should display help text below the callback urls text area. Additionally, the signup page will need to be validated upon sandbox deployment (local client invokes sandbox for signups, making it difficult to test locally without a test deplyment). You can validate the added help_text field in accounts/forms.py against existing PW validation rules.
Validation
What Security Implications Does This PR Have?
Please indicate if this PR does any of the following:
Adds any new software dependencies
Modifies any security controls
Adds new transmission or storage of data
Any other changes that could possibly affect security?
[ ] Yes, one or more of the above security implications apply. This PR must not be merged without the ISSO or team security engineer's approval.
Any Migrations?