From 1c077d6689019de93336e7ee805616834ea2bc5f Mon Sep 17 00:00:00 2001
From: Roman Perekhod <rperekhod@owncloud.com>
Date: Fri, 15 Dec 2023 15:15:26 +0100
Subject: [PATCH] add the environment variable that allow to disable the
 password policy

---
 .../enhancement-disabled-password-policy.md           |  7 +++++++
 services/frontend/README.md                           |  2 ++
 services/frontend/pkg/config/config.go                | 11 ++++++-----
 services/frontend/pkg/revaconfig/config.go            |  1 +
 services/sharing/pkg/config/config.go                 | 11 ++++++-----
 services/sharing/pkg/revaconfig/config.go             |  1 +
 6 files changed, 23 insertions(+), 10 deletions(-)
 create mode 100644 changelog/unreleased/enhancement-disabled-password-policy.md

diff --git a/changelog/unreleased/enhancement-disabled-password-policy.md b/changelog/unreleased/enhancement-disabled-password-policy.md
new file mode 100644
index 0000000000..3c444a238f
--- /dev/null
+++ b/changelog/unreleased/enhancement-disabled-password-policy.md
@@ -0,0 +1,7 @@
+Enhancement: Disable the password policy
+
+We add the environment variable that allow to disable the password policy.
+
+https://github.com/owncloud/ocis/pull/7985
+https://github.com/cs3org/reva/pull/4409
+https://github.com/owncloud/ocis/issues/7916
diff --git a/services/frontend/README.md b/services/frontend/README.md
index 264e1ad01b..11db15e717 100644
--- a/services/frontend/README.md
+++ b/services/frontend/README.md
@@ -83,6 +83,8 @@ The validation against the banned passwords list can be configured via a text fi
 
 Following environment variables can be set to define the password policy behaviour:
 
+-   `OCIS_PASSWORD_POLICY_DISABLED`
+Disable the password policy
 -   `OCIS_PASSWORD_POLICY_MIN_CHARACTERS`
 Define the minimum password length.
 -   `OCIS_PASSWORD_POLICY_MIN_LOWERCASE_CHARACTERS`
diff --git a/services/frontend/pkg/config/config.go b/services/frontend/pkg/config/config.go
index 96f295e2cf..897627ad84 100644
--- a/services/frontend/pkg/config/config.go
+++ b/services/frontend/pkg/config/config.go
@@ -184,10 +184,11 @@ type ServiceAccount struct {
 
 // PasswordPolicy configures reva password policy
 type PasswordPolicy struct {
-	MinCharacters          int    `yaml:"min_characters,omitempty" env:"OCIS_PASSWORD_POLICY_MIN_CHARACTERS;FRONTEND_PASSWORD_POLICY_MIN_CHARACTERS" desc:"Define the minimum password length. Defaults to 0 if not set."`
-	MinLowerCaseCharacters int    `yaml:"min_lowercase_characters" env:"OCIS_PASSWORD_POLICY_MIN_LOWERCASE_CHARACTERS;FRONTEND_PASSWORD_POLICY_MIN_LOWERCASE_CHARACTERS" desc:"Define the minimum number of uppercase letters. Defaults to 0 if not set."`
-	MinUpperCaseCharacters int    `yaml:"min_uppercase_characters" env:"OCIS_PASSWORD_POLICY_MIN_UPPERCASE_CHARACTERS;FRONTEND_PASSWORD_POLICY_MIN_UPPERCASE_CHARACTERS" desc:"Define the minimum number of lowercase letters. Defaults to 0 if not set."`
-	MinDigits              int    `yaml:"min_digits" env:"OCIS_PASSWORD_POLICY_MIN_DIGITS;FRONTEND_PASSWORD_POLICY_MIN_DIGITS" desc:"Define the minimum number of digits. Defaults to 0 if not set."`
-	MinSpecialCharacters   int    `yaml:"min_special_characters" env:"OCIS_PASSWORD_POLICY_MIN_SPECIAL_CHARACTERS;FRONTEND_PASSWORD_POLICY_MIN_SPECIAL_CHARACTERS" desc:"Define the minimum number of characters from the special characters list to be present. Defaults to 0 if not set."`
+	Disabled               bool   `yaml:"disabled,omitempty" env:"OCIS_PASSWORD_POLICY_DISABLED;FRONTEND_PASSWORD_POLICY_DISABLED" desc:"Disable the password policy. Defaults to false if not set."`
+	MinCharacters          int    `yaml:"min_characters,omitempty" env:"OCIS_PASSWORD_POLICY_MIN_CHARACTERS;FRONTEND_PASSWORD_POLICY_MIN_CHARACTERS" desc:"Define the minimum password length. Defaults to 8 if not set."`
+	MinLowerCaseCharacters int    `yaml:"min_lowercase_characters" env:"OCIS_PASSWORD_POLICY_MIN_LOWERCASE_CHARACTERS;FRONTEND_PASSWORD_POLICY_MIN_LOWERCASE_CHARACTERS" desc:"Define the minimum number of uppercase letters. Defaults to 1 if not set."`
+	MinUpperCaseCharacters int    `yaml:"min_uppercase_characters" env:"OCIS_PASSWORD_POLICY_MIN_UPPERCASE_CHARACTERS;FRONTEND_PASSWORD_POLICY_MIN_UPPERCASE_CHARACTERS" desc:"Define the minimum number of lowercase letters. Defaults to 1 if not set."`
+	MinDigits              int    `yaml:"min_digits" env:"OCIS_PASSWORD_POLICY_MIN_DIGITS;FRONTEND_PASSWORD_POLICY_MIN_DIGITS" desc:"Define the minimum number of digits. Defaults to 1 if not set."`
+	MinSpecialCharacters   int    `yaml:"min_special_characters" env:"OCIS_PASSWORD_POLICY_MIN_SPECIAL_CHARACTERS;FRONTEND_PASSWORD_POLICY_MIN_SPECIAL_CHARACTERS" desc:"Define the minimum number of characters from the special characters list to be present. Defaults to 1 if not set."`
 	BannedPasswordsList    string `yaml:"banned_passwords_list" env:"OCIS_PASSWORD_POLICY_BANNED_PASSWORDS_LIST;FRONTEND_PASSWORD_POLICY_BANNED_PASSWORDS_LIST" desc:"Path to the 'banned passwords list' file. See the documentation for more details."`
 }
diff --git a/services/frontend/pkg/revaconfig/config.go b/services/frontend/pkg/revaconfig/config.go
index ab6acd6079..0dfdcbc370 100644
--- a/services/frontend/pkg/revaconfig/config.go
+++ b/services/frontend/pkg/revaconfig/config.go
@@ -329,6 +329,7 @@ func FrontendConfigFromStruct(cfg *config.Config, logger log.Logger) (map[string
 							},
 							"password_policy": map[string]interface{}{
 								"max_characters":           72,
+								"disabled":                 cfg.PasswordPolicy.Disabled,
 								"min_characters":           cfg.PasswordPolicy.MinCharacters,
 								"min_lowercase_characters": cfg.PasswordPolicy.MinLowerCaseCharacters,
 								"min_uppercase_characters": cfg.PasswordPolicy.MinUpperCaseCharacters,
diff --git a/services/sharing/pkg/config/config.go b/services/sharing/pkg/config/config.go
index f21d98474a..9a2d6ff17c 100644
--- a/services/sharing/pkg/config/config.go
+++ b/services/sharing/pkg/config/config.go
@@ -157,10 +157,11 @@ type Events struct {
 
 // PasswordPolicy configures reva password policy
 type PasswordPolicy struct {
-	MinCharacters          int    `yaml:"min_characters,omitempty" env:"OCIS_PASSWORD_POLICY_MIN_CHARACTERS;SHARING_PASSWORD_POLICY_MIN_CHARACTERS" desc:"Define the minimum password length. Defaults to 0 if not set."`
-	MinLowerCaseCharacters int    `yaml:"min_lowercase_characters" env:"OCIS_PASSWORD_POLICY_MIN_LOWERCASE_CHARACTERS;SHARING_PASSWORD_POLICY_MIN_LOWERCASE_CHARACTERS" desc:"Define the minimum number of uppercase letters. Defaults to 0 if not set."`
-	MinUpperCaseCharacters int    `yaml:"min_uppercase_characters" env:"OCIS_PASSWORD_POLICY_MIN_UPPERCASE_CHARACTERS;SHARING_PASSWORD_POLICY_MIN_UPPERCASE_CHARACTERS" desc:"Define the minimum number of lowercase letters. Defaults to 0 if not set."`
-	MinDigits              int    `yaml:"min_digits" env:"OCIS_PASSWORD_POLICY_MIN_DIGITS;SHARING_PASSWORD_POLICY_MIN_DIGITS" desc:"Define the minimum number of digits. Defaults to 0 if not set."`
-	MinSpecialCharacters   int    `yaml:"min_special_characters" env:"OCIS_PASSWORD_POLICY_MIN_SPECIAL_CHARACTERS;SHARING_PASSWORD_POLICY_MIN_SPECIAL_CHARACTERS" desc:"Define the minimum number of characters from the special characters list to be present. Defaults to 0 if not set."`
+	Disabled               bool   `yaml:"disabled,omitempty" env:"OCIS_PASSWORD_POLICY_DISABLED;SHARING_PASSWORD_POLICY_DISABLED" desc:"Disable the password policy. Defaults to false if not set."`
+	MinCharacters          int    `yaml:"min_characters,omitempty" env:"OCIS_PASSWORD_POLICY_MIN_CHARACTERS;SHARING_PASSWORD_POLICY_MIN_CHARACTERS" desc:"Define the minimum password length. Defaults to 8 if not set."`
+	MinLowerCaseCharacters int    `yaml:"min_lowercase_characters" env:"OCIS_PASSWORD_POLICY_MIN_LOWERCASE_CHARACTERS;SHARING_PASSWORD_POLICY_MIN_LOWERCASE_CHARACTERS" desc:"Define the minimum number of uppercase letters. Defaults to 1 if not set."`
+	MinUpperCaseCharacters int    `yaml:"min_uppercase_characters" env:"OCIS_PASSWORD_POLICY_MIN_UPPERCASE_CHARACTERS;SHARING_PASSWORD_POLICY_MIN_UPPERCASE_CHARACTERS" desc:"Define the minimum number of lowercase letters. Defaults to 1 if not set."`
+	MinDigits              int    `yaml:"min_digits" env:"OCIS_PASSWORD_POLICY_MIN_DIGITS;SHARING_PASSWORD_POLICY_MIN_DIGITS" desc:"Define the minimum number of digits. Defaults to 1 if not set."`
+	MinSpecialCharacters   int    `yaml:"min_special_characters" env:"OCIS_PASSWORD_POLICY_MIN_SPECIAL_CHARACTERS;SHARING_PASSWORD_POLICY_MIN_SPECIAL_CHARACTERS" desc:"Define the minimum number of characters from the special characters list to be present. Defaults to 1 if not set."`
 	BannedPasswordsList    string `yaml:"banned_passwords_list" env:"OCIS_PASSWORD_POLICY_BANNED_PASSWORDS_LIST;SHARING_PASSWORD_POLICY_BANNED_PASSWORDS_LIST" desc:"Path to the 'banned passwords list' file. See the documentation for more details."`
 }
diff --git a/services/sharing/pkg/revaconfig/config.go b/services/sharing/pkg/revaconfig/config.go
index ac3102fa0a..3854d9b5bc 100644
--- a/services/sharing/pkg/revaconfig/config.go
+++ b/services/sharing/pkg/revaconfig/config.go
@@ -95,6 +95,7 @@ func SharingConfigFromStruct(cfg *config.Config, logger log.Logger) (map[string]
 					"writeable_share_must_have_password": cfg.WriteableShareMustHavePassword,
 					"public_share_must_have_password":    cfg.PublicShareMustHavePassword,
 					"password_policy": map[string]interface{}{
+						"disabled":                 cfg.PasswordPolicy.Disabled,
 						"min_digits":               cfg.PasswordPolicy.MinDigits,
 						"min_characters":           cfg.PasswordPolicy.MinCharacters,
 						"min_lowercase_characters": cfg.PasswordPolicy.MinLowerCaseCharacters,