fix: Optimise Password Change Interface#3003
Merged
deepin-bot[bot] merged 1 commit intolinuxdeepin:masterfrom Feb 4, 2026
Merged
fix: Optimise Password Change Interface#3003deepin-bot[bot] merged 1 commit intolinuxdeepin:masterfrom
deepin-bot[bot] merged 1 commit intolinuxdeepin:masterfrom
Conversation
log: Within the password modification window of the account plugin, ensure that when the ‘New Password / Confirm Password’ fields are non-compliant and receive focus, the blue focus border no longer obscures the red error state. Instead, maintain the red colour (the focus border turns red during error state and reverts to blue upon compliance), whilst retaining the red background and prompt. pms: bug-300203
![sourcery-ai[bot]](https://avatars.githubusercontent.com/in/48477?s=60&v=4){kind=small}
deepin pr auto review代码审查意见1. 语法与逻辑问题1.1 拼写错误在
1.2 QML 代码结构在 function validatePrimaryPassword(text) {
let editItem0 = pwdContainer.editItems[0]
if (!editItem0) return
if (text.length === 0) {
editItem0.showAlert = false
editItem0.alertText = ""
editItem0.hasErrorBorder = false
return
}
// username match
if (pwdLayout.currentName.length > 0 && text === pwdLayout.currentName) {
editItem0.showAlert = true
editItem0.alertText = ""
editItem0.hasErrorBorder = true
return
}
let err = dccData.checkPasswordSilently(pwdLayout.currentName, text)
editItem0.showAlert = (err.length > 0)
editItem0.alertText = ""
editItem0.hasErrorBorder = (err.length > 0)
}
function validateRepeatPassword(text) {
let editItem0 = pwdContainer.editItems[0]
let editItem1 = pwdContainer.editItems[1]
if (!editItem0 || !editItem1) return
if (text.length === 0) {
editItem1.showAlert = false
editItem1.alertText = ""
editItem1.hasErrorBorder = false
return
}
if (editItem0.text.length > 0 && text !== editItem0.text) {
editItem1.showAlert = true
editItem1.alertText = ""
editItem1.hasErrorBorder = true
} else {
editItem1.showAlert = false
editItem1.alertText = ""
editItem1.hasErrorBorder = false
}
}2. 代码质量2.1 代码重复在 function validatePassword(editItem, password, isRepeat = false) {
// 实现公共验证逻辑
}2.2 注释不足虽然添加了注释,但部分关键逻辑仍需更详细的解释,特别是关于实时验证和焦点失焦验证的区别。 3. 代码性能3.1 实时验证频率在 property var validateTimer: Timer {
interval: 300
onTriggered: {
// 执行验证逻辑
}
}
onTextChanged: {
validateTimer.restart()
}3.2 QML 绑定优化在 palette.highlight: hasErrorBorder || showAlert ? "#FF5736" : normalHighlight4. 代码安全4.1 密码处理在 QString AccountsController::checkPasswordSilently(const QString &name, const QString &pwd)
{
// 考虑使用 std::string 或安全容器处理密码
auto error = PwqualityManager::instance()->verifyPassword(name, pwd);
if (error != PwqualityManager::ERROR_TYPE::PW_NO_ERR) {
return PwqualityManager::instance()->getErrorTips(error);
}
// 清除密码内存
std::fill(pwd.begin(), pwd.end(), 0);
return QString();
}4.2 错误信息泄露错误信息可能包含系统内部信息,建议在返回错误信息前进行过滤或使用通用错误消息: QString AccountsController::checkPasswordSilently(const QString &name, const QString &pwd)
{
auto error = PwqualityManager::instance()->verifyPassword(name, pwd);
if (error != PwqualityManager::ERROR_TYPE::PW_NO_ERR) {
// 考虑返回通用错误消息而非具体错误
return qsTr("Password does not meet security requirements");
}
return QString();
}5. 其他建议5.1 用户体验改进在密码验证失败时,除了红色边框外,可以考虑添加密码强度指示器,帮助用户理解密码要求: PasswordStrengthIndicator {
strength: calculatePasswordStrength(text)
}5.2 单元测试建议为 void TestAccountsController::testCheckPasswordSilently()
{
AccountsController controller;
// 测试空密码
QVERIFY(!controller.checkPasswordSilently("user", "").isEmpty());
// 测试弱密码
QVERIFY(!controller.checkPasswordSilently("user", "123").isEmpty());
// 测试强密码
QVERIFY(controller.checkPasswordSilently("user", "Str0ngP@ssw0rd!").isEmpty());
}总结整体而言,这段代码实现了密码的实时验证功能,但在代码结构、性能优化和安全性方面还有改进空间。建议重构代码以减少重复,添加防抖机制优化性能,并考虑密码处理的安全性。 |
caixr23
approved these changes
Feb 4, 2026
|
[APPROVALNOTIFIER] This PR is NOT APPROVED This pull-request has been approved by: caixr23, JWWTSL The full list of commands accepted by this bot can be found here. DetailsNeeds approval from an approver in each of these files:Approvers can indicate their approval by writing |
Contributor
Author
|
/forcemerge |
|
This pr force merged! (status: blocked) |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
log: Within the password modification window of the account plugin, ensure that when the ‘New Password / Confirm Password’ fields are non-compliant and receive focus, the blue focus border no longer obscures the red error state. Instead, maintain the red colour (the focus border turns red during error state and reverts to blue upon compliance), whilst retaining the red background and prompt.
pms: bug-300203