Closed chris-allan closed 6 months ago
One question apart
Did you have a question beyond the query about the username field in ForgottonPasswordForm
?
Finally Password.hash is a column with a VARCHAR(255) data type but that only applies to experiments which password is managed in the database.
Sort of. Its length is irrelevant regardless of the password source as the hash is of fixed length regardless of the size of the input data being hashed.
I wasn't sure if this needs any functional testing (or what's the easiest way to show the original errors)?
The easiest way to see it is to create something like this:
omero obj new Project name=$(python -c 'print("a" * 250 + "b", end="")')
You will now not be able to modify the name of this object in due to form validation. However, since the field actually has 251 characters on the client, if you copy and paste the name back into the name field or into another name field it will be silently truncated. There are lots of other weird examples if you modify text in the middle of the long string, etc.
The worst example is the password field where you cannot actually see what's typed in, people are used to visually truncated password fields, and silent truncation happens underneath on paste.
Thanks. Tested locally with this branch and could update e.g. Project name to a string longer than 250 characters. Editing the same project when I reverted to master branch wasn't possible with the full name. Looks good.
This seems to be included in merged PRs today at https://merge-ci.openmicroscopy.org/jenkins/job/OMERO-python-superbuild-push/478/console but I'm not seeing it at https://merge-ci.openmicroscopy.org/web/webclient/
E.g. Edit Project <input>
still has maxlength="250"
. Something up with the build...?
This is being deployed on merge-ci now and is working fine.
Fixes incorrect maximum length of webadmin and webclient form fields. Having incorrect lengths causes scenarios where certain strings are truncated on save or action when used with these forms.