Description of problem: It's possible to designate parameters as displayType "password". This hides the field from the user. Unfortunately, as it is only a single field, an error in typing will end up locking the user out. The user needs to be able reveal the password or confirm the password using a second field. How reproducible: 100% Steps to Reproduce: 1. Create a service class with a parameter designated as a password display type 2. Begin the provision process of the service 3. Progress to the parameters step and enter in a password. Actual results: The password is obscured with no way to view it. Expected results: The password is obscured but there is a button to toggle it to display/hide OR There is a second field to confirm what was typed into the first password field and validating they match.
Confirm password will be difficult in my initial investigation. angular-schema-form doesn't support it natively. There is some discussion here: https://github.com/json-schema-form/angular-schema-form/issues/185 Revealing the value might be easier.
I have something working. https://github.com/openshift/origin-web-catalog/pull/527
https://github.com/openshift/origin-web-console/pull/2368
Get the latest bump commit in OSE repo [yapei@dhcp-140-21 ose]$ git status On branch master Your branch is up-to-date with 'origin/master'. nothing to commit, working tree clean [yapei@dhcp-140-21 ose]$ git remote -v origin git:openshift/ose.git (fetch) origin git:openshift/ose.git (push) [yapei@dhcp-140-21 ose]$ git log --pretty="%h %cd - %s (%an)" --date=local v3.7.0-0.184.0 | grep 'origin-web-console' | head -n 1 eecb026 Fri Oct 27 17:24:12 2017 - bump(github.com/openshift/origin-web-console): 14188ec5bc5e40836631f5d194e9a6d5c86162f8 (OpenShift Bot) Checking if fix included in origin-web-console repo [yapei@dhcp-140-21 origin-web-console]$ git log --pretty="%h %cd - %s (%an)" --date=local 14188ec | grep '2368' 6960e4f Wed Oct 25 09:06:16 2017 - Merge pull request #2368 from spadgett/catalog-0.0.59 (OpenShift Merge Robot) From above checking, pr 2368 is merged in v3.7.0-0.184.0. However when I checked on v3.7.0-0.184.0, tried to provision Mediawiki APB with a parameter "Mediawiki Admin User Password", it didn't prompt to user to confirm the password values, screenshot will be attached
Could you please help confirm if the checking is correct or not?
Created attachment 1346263 [details] MediawikiAPB
You'll need to test an ASB service that defines a password field. cchase - Do you have one that yapei can test?
The Mediawiki APB field has password in the label, but it uses a plain text input (as you can see).
I've just recently switched APBs MediaWiki, Postgres, MariaDB, and MySQL to display passwords instead of plaintext in https://bugzilla.redhat.com/show_bug.cgi?id=1508994. The "ansibleplaybookbundle" dockerhub org should be updated soon. If not, you can use my dockerhub org, cfchase, and you should see them immediately. MediaWiki password is required, no default Postgres, MariaDB, and MySQL passwords are not required and no default. I don't think this is a valid use case or how it should be handled, but I saw some weird behavior when something had both a default value and was also display_type: password. It would fill in the first field, but not the second field and I'd have to blank it out and refill it. I put an example in my org cfchase/hello-world-db-apb.
Chris, it should leave the second password field empty and disabled until the first password field has changed. Then you have to retype. Let me know if that's not what you see.
That is the behavior. The first field is filled with the default value, though, and I can't click into the second field (blank and disabled) unless I change the first field. I'm not sure it's valid to have a default value for a password field anyway, but it struck me as confusing.
The behavior is more with editing existing instances in mind. You can still save the parameters without changing or retyping an existing password. Open to other options if it's confusing (although since it's working OK probably not until after 3.7).
Need updated APBs in bug 1508994 ready to verify the bug
Created attachment 1348827 [details] ReType