This is an automated email from the ASF dual-hosted git repository. xxyu pushed a commit to branch kylin5 in repository https://gitbox.apache.org/repos/asf/kylin.git
commit 30514a328bdac26685d42b84a2242b82de286d2c Author: KmCherry0 <[email protected]> AuthorDate: Tue Oct 11 15:24:24 2022 +0800 KYLIN-5338 Add verification to the parameters about update password --- .../main/java/org/apache/kylin/rest/controller/NUserController.java | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/src/metadata-server/src/main/java/org/apache/kylin/rest/controller/NUserController.java b/src/metadata-server/src/main/java/org/apache/kylin/rest/controller/NUserController.java index 37b64a1917..ac0b6e18ce 100644 --- a/src/metadata-server/src/main/java/org/apache/kylin/rest/controller/NUserController.java +++ b/src/metadata-server/src/main/java/org/apache/kylin/rest/controller/NUserController.java @@ -427,6 +427,8 @@ public class NUserController extends NBasicController implements ApplicationList throw new KylinException(PERMISSION_DENIED, msg.getPermissionDenied()); } accessService.checkDefaultAdmin(username, true); + val oldPassword = pwdBase64Decode(StringUtils.isEmpty(user.getPassword()) ? StringUtils.EMPTY : user.getPassword()); + val newPassword = pwdBase64Decode(user.getNewPassword()); checkUsername(username); @@ -445,9 +447,6 @@ public class NUserController extends NBasicController implements ApplicationList } checkRequiredArg("new_password", user.getNewPassword()); - val newPassword = pwdBase64Decode(StringUtils.isEmpty(user.getNewPassword()) ? StringUtils.EMPTY : user.getNewPassword()); - checkPasswordLength(newPassword); - checkPasswordCharacter(newPassword); if (newPassword.equals(oldPassword)) { throw new KylinException(FAILED_UPDATE_PASSWORD, msg.getNewPasswordSameAsOld());
