Revisions to Refactoring Password Validation Utility - Software Engineering Stack Exchange

edited body

Source Link

edited Aug 23, 2016 at 19:57

Tulains Córdova

39.6k
13
100
156

added 118 characters in body

Source Link

edited Aug 23, 2016 at 19:46

Tulains Córdova

39.6k
13
100
156

Method signatures are too long (5 parms!)
All method are statics, possible indication of a God Class
No flexibility considering that you want ...a common validation class which can be used for in any of my applications"
Validation options and user credentials are mixed (too many concerns)

My suggestion is:

A PasswordValidator class or interface which is responsible of validation options and performing validation

A credentials class or interface that holds username, new password, etc.

Usage: you instantiate the validator, set the validation settings (maybe a Factory method would do it for you, you can even read the validation settings from a conf file) then call validate(userCredentials);

My suggestionOne PNG is worth 1024 words:

A PasswordValidator class or interface which is responsible of validation options and performing validation

A credentials class or interface that holds username, new password, etc.

public interface Credentials {
    public void setUserName(String userName);
    public void setOldPasssword(String oldPassword);
    public void setNewPassword(String newPassword);
    public void setConfirmedNewPassword(String confirmedNewPassword);
    public String getUserName();
    public String getOldPasssword();
    public String getNewPassword();
    public String getConfirmedNewPassword();
 
}

public class ValidationResult {
 
}

public class NicePasswordValidator implements PasswordValidator {
    
    private boolean allowSpecialCharacters;
    private boolean allowPasswordEqualsName;
    private int minimalLength;
    private boolean reset;  
    
    private static boolean containSpecialCharacters(String newPassword) {
        // TODO Auto-generated method stub
        return false;
    }

    private static boolean containsLowerCase(String newPassword) {
        // TODO Auto-generated method stub
        return false;
    }

    private static boolean containsUpperCase(String newPassword) {
        // TODO Auto-generated method stub
        return false;
    }

    private static boolean doesNotContainUpperCaseAlpha(String newPassword) {
        // TODO Auto-generated method stub
        return false;
    }

 

    @Override
    public void setReset(boolean reset) {
        this.reset=reset;
    }

    @Override
    public void setMinimalLength(int length) {
        this.minimalLength=length;
    }

    @Override
    public void setAllowPasswordEqualsName(boolean allow) {
        this.allowPasswordEqualsName=allow;
    }
    
    @Override
    public void setAllowSpecialCharacters(boolean allow) {
        this.allowSpecialCharacters=allow;      
    }   
 

    @Override
    public boolean getReset() {
        return this.reset;
    }

    @Override
    public int getMinimalLength() {
        return this.minimalLength;
    }

    @Override
    public boolean getAllowPasswordEqualsName() {
        return this.allowPasswordEqualsName;
    }

    @Override
    public boolean getAllowSpecialCharacters() {
        return this.allowSpecialCharacters;
    }

    @Override
    public ValidationResult validate(Credentials cred) {
        
        ValidationResult result = new ValidationResult();
        
        if (!this.allowPasswordEqualsName && cred.getNewPassword().endsWith(cred.getUserName())){
            // add to result
        }
        
        if (!cred.getNewPassword().equals(cred.getConfirmedNewPassword())){
            // add to result
        }
        
        if (!this.containsUpperCase(cred.getNewPassword())){
            // add to result
        }
        
        if (!this.containsLowerCase(cred.getNewPassword())){
            // add to result
        }
        
        if (!this.getAllowSpecialCharacters() && this.containSpecialCharacters(cred.getNewPassword())){
            // add to result
        }
        
        return result;
    }
}

Method signatures are too long (5 parms!)
All method are statics, possible indication of a God Class
No flexibility considering that you want ...a common validation class which can be used for in any of my applications"
Validation options and user credentials are mixed (too many concerns)
Usage: you instantiate the validator, set the validation settings (maybe a Factory method would do it for you, you can even read the validation settings from a conf file) then call validate(userCredentials);

My suggestion is:

A PasswordValidator class or interface which is responsible of validation options and performing validation

A credentials class or interface that holds username, new password, etc.

public interface Credentials {
    public void setUserName(String userName);
    public void setOldPasssword(String oldPassword);
    public void setNewPassword(String newPassword);
    public void setConfirmedNewPassword(String confirmedNewPassword);
    public String getUserName();
    public String getOldPasssword();
    public String getNewPassword();
    public String getConfirmedNewPassword();
 
}

public class ValidationResult {
 
}

public class NicePasswordValidator implements PasswordValidator {
    
    private boolean allowSpecialCharacters;
    private boolean allowPasswordEqualsName;
    private int minimalLength;
    private boolean reset;  
    
    private static boolean containSpecialCharacters(String newPassword) {
        // TODO Auto-generated method stub
        return false;
    }

    private static boolean containsLowerCase(String newPassword) {
        // TODO Auto-generated method stub
        return false;
    }

    private static boolean containsUpperCase(String newPassword) {
        // TODO Auto-generated method stub
        return false;
    }

    private static boolean doesNotContainUpperCaseAlpha(String newPassword) {
        // TODO Auto-generated method stub
        return false;
    }

 

    @Override
    public void setReset(boolean reset) {
        this.reset=reset;
    }

    @Override
    public void setMinimalLength(int length) {
        this.minimalLength=length;
    }

    @Override
    public void setAllowPasswordEqualsName(boolean allow) {
        this.allowPasswordEqualsName=allow;
    }
    
    @Override
    public void setAllowSpecialCharacters(boolean allow) {
        this.allowSpecialCharacters=allow;      
    }   
 

    @Override
    public boolean getReset() {
        return this.reset;
    }

    @Override
    public int getMinimalLength() {
        return this.minimalLength;
    }

    @Override
    public boolean getAllowPasswordEqualsName() {
        return this.allowPasswordEqualsName;
    }

    @Override
    public boolean getAllowSpecialCharacters() {
        return this.allowSpecialCharacters;
    }

    @Override
    public ValidationResult validate(Credentials cred) {
        
        ValidationResult result = new ValidationResult();
        
        if (!this.allowPasswordEqualsName && cred.getNewPassword().endsWith(cred.getUserName())){
            // add to result
        }
        
        if (!cred.getNewPassword().equals(cred.getConfirmedNewPassword())){
            // add to result
        }
        
        if (!this.containsUpperCase(cred.getNewPassword())){
            // add to result
        }
        
        if (!this.containsLowerCase(cred.getNewPassword())){
            // add to result
        }
        
        if (!this.getAllowSpecialCharacters() && this.containSpecialCharacters(cred.getNewPassword())){
            // add to result
        }
        
        return result;
    }
}

Method signatures are too long (5 parms!)
All method are statics, possible indication of a God Class
No flexibility considering that you want ...a common validation class which can be used for in any of my applications"
Validation options and user credentials are mixed (too many concerns)

My suggestion is:

A PasswordValidator class or interface which is responsible of validation options and performing validation

A credentials class or interface that holds username, new password, etc.

Usage: you instantiate the validator, set the validation settings (maybe a Factory method would do it for you, you can even read the validation settings from a conf file) then call validate(userCredentials);

One PNG is worth 1024 words:

public interface Credentials {
    public void setUserName(String userName);
    public void setOldPasssword(String oldPassword);
    public void setNewPassword(String newPassword);
    public void setConfirmedNewPassword(String confirmedNewPassword);
    public String getUserName();
    public String getOldPasssword();
    public String getNewPassword();
    public String getConfirmedNewPassword();
}

public class ValidationResult {
}

public class NicePasswordValidator implements PasswordValidator {
    
    private boolean allowSpecialCharacters;
    private boolean allowPasswordEqualsName;
    private int minimalLength;
    private boolean reset;  
    
    private static boolean containSpecialCharacters(String newPassword) {
        // TODO Auto-generated method stub
        return false;
    }

    private static boolean containsLowerCase(String newPassword) {
        // TODO Auto-generated method stub
        return false;
    }

    private static boolean containsUpperCase(String newPassword) {
        // TODO Auto-generated method stub
        return false;
    }

    private static boolean doesNotContainUpperCaseAlpha(String newPassword) {
        // TODO Auto-generated method stub
        return false;
    }

    @Override
    public void setReset(boolean reset) {
        this.reset=reset;
    }

    @Override
    public void setMinimalLength(int length) {
        this.minimalLength=length;
    }

    @Override
    public void setAllowPasswordEqualsName(boolean allow) {
        this.allowPasswordEqualsName=allow;
    }
    
    @Override
    public void setAllowSpecialCharacters(boolean allow) {
        this.allowSpecialCharacters=allow;      
    }   

    @Override
    public boolean getReset() {
        return this.reset;
    }

    @Override
    public int getMinimalLength() {
        return this.minimalLength;
    }

    @Override
    public boolean getAllowPasswordEqualsName() {
        return this.allowPasswordEqualsName;
    }

    @Override
    public boolean getAllowSpecialCharacters() {
        return this.allowSpecialCharacters;
    }

    @Override
    public ValidationResult validate(Credentials cred) {
        
        ValidationResult result = new ValidationResult();
        
        if (!this.allowPasswordEqualsName && cred.getNewPassword().endsWith(cred.getUserName())){
            // add to result
        }
        
        if (!cred.getNewPassword().equals(cred.getConfirmedNewPassword())){
            // add to result
        }
        
        if (!this.containsUpperCase(cred.getNewPassword())){
            // add to result
        }
        
        if (!this.containsLowerCase(cred.getNewPassword())){
            // add to result
        }
        
        if (!this.getAllowSpecialCharacters() && this.containSpecialCharacters(cred.getNewPassword())){
            // add to result
        }
        
        return result;
    }
}

Source Link

answered Aug 23, 2016 at 19:32

Tulains Córdova

39.6k
13
100
156

Observations:

Method signatures are too long (5 parms!)
All method are statics, possible indication of a God Class
No flexibility considering that you want ...a common validation class which can be used for in any of my applications"
Validation options and user credentials are mixed (too many concerns)
Usage: you instantiate the validator, set the validation settings (maybe a Factory method would do it for you, you can even read the validation settings from a conf file) then call validate(userCredentials);

My suggestion is:

A PasswordValidator class or interface which is responsible of validation options and performing validation
A credentials class or interface that holds username, new password, etc.

Stubs and code:

==> PasswordValidator.java <== You might one to implement slightly different validators. If you find it too much having an interface just use the class down bellow.

public interface PasswordValidator {    
    public void setReset(boolean reset);
    public void setMinimalLength(int length);
    public void setAllowPasswordEqualsName(boolean allow);
    public void setAllowSpecialCharacters(boolean allow);
    
    public boolean getReset();
    public int getMinimalLength();
    public boolean getAllowPasswordEqualsName();
    public boolean getAllowSpecialCharacters();     
    public ValidationResult validate(Credentials cred);
}

==> Credentials.java <== This one I could be a class, I used an interface to save time and space

public interface Credentials {
    public void setUserName(String userName);
    public void setOldPasssword(String oldPassword);
    public void setNewPassword(String newPassword);
    public void setConfirmedNewPassword(String confirmedNewPassword);
    public String getUserName();
    public String getOldPasssword();
    public String getNewPassword();
    public String getConfirmedNewPassword();

}

==> ValidationResult.java <== This implementation you already have

public class ValidationResult {

}

==> NicePasswordValidator.java <== A sample implementor of PasswordValidator

public class NicePasswordValidator implements PasswordValidator {
    
    private boolean allowSpecialCharacters;
    private boolean allowPasswordEqualsName;
    private int minimalLength;
    private boolean reset;  
    
    private static boolean containSpecialCharacters(String newPassword) {
        // TODO Auto-generated method stub
        return false;
    }

    private static boolean containsLowerCase(String newPassword) {
        // TODO Auto-generated method stub
        return false;
    }

    private static boolean containsUpperCase(String newPassword) {
        // TODO Auto-generated method stub
        return false;
    }

    private static boolean doesNotContainUpperCaseAlpha(String newPassword) {
        // TODO Auto-generated method stub
        return false;
    }



    @Override
    public void setReset(boolean reset) {
        this.reset=reset;
    }

    @Override
    public void setMinimalLength(int length) {
        this.minimalLength=length;
    }

    @Override
    public void setAllowPasswordEqualsName(boolean allow) {
        this.allowPasswordEqualsName=allow;
    }
    
    @Override
    public void setAllowSpecialCharacters(boolean allow) {
        this.allowSpecialCharacters=allow;      
    }   


    @Override
    public boolean getReset() {
        return this.reset;
    }

    @Override
    public int getMinimalLength() {
        return this.minimalLength;
    }

    @Override
    public boolean getAllowPasswordEqualsName() {
        return this.allowPasswordEqualsName;
    }

    @Override
    public boolean getAllowSpecialCharacters() {
        return this.allowSpecialCharacters;
    }

    @Override
    public ValidationResult validate(Credentials cred) {
        
        ValidationResult result = new ValidationResult();
        
        if (!this.allowPasswordEqualsName && cred.getNewPassword().endsWith(cred.getUserName())){
            // add to result
        }
        
        if (!cred.getNewPassword().equals(cred.getConfirmedNewPassword())){
            // add to result
        }
        
        if (!this.containsUpperCase(cred.getNewPassword())){
            // add to result
        }
        
        if (!this.containsLowerCase(cred.getNewPassword())){
            // add to result
        }
        
        if (!this.getAllowSpecialCharacters() && this.containSpecialCharacters(cred.getNewPassword())){
            // add to result
        }
        
        return result;
    }
}

Stack Exchange Network

Return to Answer