Cannot change password when maxPasswordHistory is 1 (#5191)

* Negitive to zero and positive to same value * add failing test
2019-04-10 22:57:09 +05:45
parent c7eb7daeae
commit a3746cab00
2 changed files with 35 additions and 1 deletions
--- a/spec/PasswordPolicy.spec.js
+++ b/spec/PasswordPolicy.spec.js
@@ -1633,4 +1633,38 @@ describe('Password Policy: ', () => {
        });
    });
  });
+
+  it('should not infinitely loop if maxPasswordHistory is 1 (#4918)', async () => {
+    const user = new Parse.User();
+    const query = new Parse.Query(Parse.User);
+
+    await reconfigureServer({
+      appName: 'passwordPolicy',
+      verifyUserEmails: false,
+      passwordPolicy: {
+        maxPasswordHistory: 1,
+      },
+      publicServerURL: 'http://localhost:8378/1',
+    });
+    user.setUsername('user1');
+    user.setPassword('user1');
+    user.set('email', 'user1@parse.com');
+    await user.signUp();
+
+    user.setPassword('user2');
+    await user.save();
+
+    const result1 = await query.get(user.id, { useMasterKey: true });
+    expect(result1.get('_password_history').length).toBe(1);
+
+    user.setPassword('user3');
+    await user.save();
+
+    const result2 = await query.get(user.id, { useMasterKey: true });
+    expect(result2.get('_password_history').length).toBe(1);
+
+    expect(result1.get('_password_history')).not.toEqual(
+      result2.get('_password_history')
+    );
+  });
 });
--- a/src/RestWrite.js
+++ b/src/RestWrite.js
@@ -1284,7 +1284,7 @@ RestWrite.prototype.runDatabaseOperation = function() {
          //n-1 passwords go into history including last password
          while (
            oldPasswords.length >
-            this.config.passwordPolicy.maxPasswordHistory - 2
+            Math.max(0, this.config.passwordPolicy.maxPasswordHistory - 2)
          ) {
            oldPasswords.shift();
          }