cloudstack icon indicating copy to clipboard operation
cloudstack copied to clipboard
verified publisher icon apache

Fix url in password reset email

Open sureshanaparti opened this issue 1 month ago • 28 comments

Description

This PR fixes the url in password reset email. (regression from https://github.com/apache/cloudstack/pull/11379)

Fixes #12050

Types of changes

  • [ ] Breaking change (fix or feature that would cause existing functionality to change)
  • [ ] New feature (non-breaking change which adds functionality)
  • [x] Bug fix (non-breaking change which fixes an issue)
  • [ ] Enhancement (improves an existing feature and functionality)
  • [ ] Cleanup (Code refactoring and cleanup, that may add test cases)
  • [ ] Build/CI
  • [ ] Test (unit or integration test code)

Feature/Enhancement Scale or Bug Severity

Feature/Enhancement Scale

  • [ ] Major
  • [ ] Minor

Bug Severity

  • [ ] BLOCKER
  • [ ] Critical
  • [x] Major
  • [ ] Minor
  • [ ] Trivial

Screenshots (if appropriate):

How Has This Been Tested?

How did you try to break this feature and the system with this change?

sureshanaparti avatar Nov 14 '25 07:11 sureshanaparti

@blueorangutan package

sureshanaparti avatar Nov 14 '25 07:11 sureshanaparti

@sureshanaparti a [SL] Jenkins job has been kicked to build packages. It will be bundled with KVM, XenServer and VMware SystemVM templates. I'll keep you posted as I make progress.

blueorangutan avatar Nov 14 '25 07:11 blueorangutan

Codecov Report

:x: Patch coverage is 0% with 25 lines in your changes missing coverage. Please review. :white_check_mark: Project coverage is 17.56%. Comparing base (4379666) to head (911bb60). :warning: Report is 3 commits behind head on 4.22.

Files with missing lines Patch % Lines
.../java/com/cloud/utils/server/ServerProperties.java 0.00% 16 Missing :warning:
.../cloudstack/user/UserPasswordResetManagerImpl.java 0.00% 9 Missing :warning:
Additional details and impacted files 
@@             Coverage Diff              @@
##              4.22   #12078       +/-   ##
============================================
+ Coverage     3.58%   17.56%   +13.97%     
- Complexity       0    15548    +15548     
============================================
  Files          445     5910     +5465     
  Lines        37536   529151   +491615     
  Branches      6905    64640    +57735     
============================================
+ Hits          1346    92940    +91594     
- Misses       36024   425752   +389728     
- Partials       166    10459    +10293
Flag Coverage Δ
uitests 3.58% <ø> (ø)
unittests 18.63% <0.00%> (?)

Flags with carried forward coverage won't be shown. Click here to find out more.

:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.

:rocket: New features to boost your workflow:
  • :snowflake: Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • :package: JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

codecov[bot] avatar Nov 14 '25 07:11 codecov[bot]

@blueorangutan package

sureshanaparti avatar Nov 14 '25 07:11 sureshanaparti

@blueorangutan package

sureshanaparti avatar Nov 14 '25 07:11 sureshanaparti

@sureshanaparti a [SL] Jenkins job has been kicked to build packages. It will be bundled with KVM, XenServer and VMware SystemVM templates. I'll keep you posted as I make progress.

blueorangutan avatar Nov 14 '25 07:11 blueorangutan

Packaging result [SF]: ✔️ el8 ✔️ el9 ✔️ el10 ✔️ debian ✔️ suse15. SL-JID 15767

blueorangutan avatar Nov 14 '25 09:11 blueorangutan

@blueorangutan test

sureshanaparti avatar Nov 14 '25 11:11 sureshanaparti

@sureshanaparti a [SL] Trillian-Jenkins test job (ol8 mgmt + kvm-ol8) has been kicked to run smoke tests

blueorangutan avatar Nov 14 '25 11:11 blueorangutan

[SF] Trillian Build Failed (tid-14834)

blueorangutan avatar Nov 14 '25 12:11 blueorangutan

@blueorangutan test

vladimirpetrov avatar Nov 24 '25 15:11 vladimirpetrov

@vladimirpetrov a [SL] Trillian-Jenkins test job (ol8 mgmt + kvm-ol8) has been kicked to run smoke tests

blueorangutan avatar Nov 24 '25 15:11 blueorangutan

[SF] Trillian test result (tid-14862) Environment: kvm-ol8 (x2), zone: Advanced Networking with Mgmt server ol8 Total time taken: 48886 seconds Marvin logs: https://github.com/blueorangutan/acs-prs/releases/download/trillian/pr12078-t14862-kvm-ol8.zip Smoke tests completed. 149 look OK, 0 have errors, 0 did not run Only failed and skipped tests results shown below:

Test Result Time (s) Test File

blueorangutan avatar Nov 25 '25 06:11 blueorangutan

Hi @sureshanaparti

As discussed please add http before the domain or management IP to make sure the link is clickable

updated @kiranchavala

sureshanaparti avatar Dec 05 '25 12:12 sureshanaparti

@blueorangutan package

sureshanaparti avatar Dec 05 '25 12:12 sureshanaparti

@sureshanaparti a [SL] Jenkins job has been kicked to build packages. It will be bundled with KVM, XenServer and VMware SystemVM templates. I'll keep you posted as I make progress.

blueorangutan avatar Dec 05 '25 12:12 blueorangutan

Packaging result [SF]: ✖️ el8 ✖️ el9 ✔️ debian ✖️ suse15. SL-JID 15927

blueorangutan avatar Dec 05 '25 14:12 blueorangutan

@blueorangutan package

sureshanaparti avatar Dec 05 '25 14:12 sureshanaparti

@sureshanaparti a [SL] Jenkins job has been kicked to build packages. It will be bundled with KVM, XenServer and VMware SystemVM templates. I'll keep you posted as I make progress.

blueorangutan avatar Dec 05 '25 14:12 blueorangutan

Packaging result [SF]: ✔️ el8 ✔️ el9 ✔️ el10 ✔️ debian ✔️ suse15. SL-JID 15931

blueorangutan avatar Dec 05 '25 16:12 blueorangutan

Hi @sureshanaparti

As discussed please add http before the domain or management IP to make sure the link is clickable

Please check the screenshot

with domainurl

Screenshot 2025-12-05 at 5 51 56 PM Without domainurl Screenshot 2025-12-05 at 5 57 02 PM

dear @kiranchavala and @sureshanaparti ,

I appreciated the checks for the presence of http:// or https://, as well as the logic to apply a default when neither is provided. My recommendation would be to always default to https:// and require users to manually choose a less secure option if they really need it.

This mindset should be applied universally, as users tend to accept whatever the default is. Beyond the general risk of “rogue Wi-Fi” exposing password-reset links, browsers are increasingly moving toward HTTPS-first behavior, and email filters/inspection systems are becoming more suspicious of plain-text HTTP URLs.

Please understand this as purely constructive feedback.

davift avatar Dec 06 '25 14:12 davift

Hi @sureshanaparti As discussed please add http before the domain or management IP to make sure the link is clickable Please check the screenshot with domainurl

dear @kiranchavala and @sureshanaparti ,

I appreciated the checks for the presence of http:// or https://, as well as the logic to apply a default when neither is provided. My recommendation would be to always default to https:// and require users to manually choose a less secure option if they really need it.

This mindset should be applied universally, as users tend to accept whatever the default is. Beyond the general risk of “rogue Wi-Fi” exposing password-reset links, browsers are increasingly moving toward HTTPS-first behavior, and email filters/inspection systems are becoming more suspicious of plain-text HTTP URLs.

Please understand this as purely constructive feedback.

@davift thanks for the feedback. earlier the password reset link was defaulted to http://, so I've considered the same. Now, I updated the scheme based on the https.enabled flag in server.properties file in the management server (as SSL is enabled when it is set - https://docs.cloudstack.apache.org/en/4.22.0.0/installguide/optional_installation.html#ssl-optional).

sureshanaparti avatar Dec 08 '25 11:12 sureshanaparti

@blueorangutan package

sureshanaparti avatar Dec 08 '25 11:12 sureshanaparti

@sureshanaparti a [SL] Jenkins job has been kicked to build packages. It will be bundled with KVM, XenServer and VMware SystemVM templates. I'll keep you posted as I make progress.

blueorangutan avatar Dec 08 '25 11:12 blueorangutan

Packaging result [SF]: ✔️ el8 ✔️ el9 ✔️ el10 ✔️ debian ✔️ suse15. SL-JID 15945

blueorangutan avatar Dec 08 '25 13:12 blueorangutan

@blueorangutan test

DaanHoogland avatar Dec 08 '25 13:12 DaanHoogland

@DaanHoogland a [SL] Trillian-Jenkins test job (ol8 mgmt + kvm-ol8) has been kicked to run smoke tests

blueorangutan avatar Dec 08 '25 13:12 blueorangutan

[SF] Trillian test result (tid-14921) Environment: kvm-ol8 (x2), zone: Advanced Networking with Mgmt server ol8 Total time taken: 59983 seconds Marvin logs: https://github.com/blueorangutan/acs-prs/releases/download/trillian/pr12078-t14921-kvm-ol8.zip Smoke tests completed. 143 look OK, 6 have errors, 0 did not run Only failed and skipped tests results shown below:

Test Result Time (s) Test File
test_08_arping_in_ssvm Failure 5.21 test_diagnostics.py
test_uservm_host_control_state Failure 17.13 test_host_control_state.py
ContextSuite context=TestHostControlState>:teardown Error 32.77 test_host_control_state.py
test_02_list_cpvm_vm Failure 0.05 test_ssvm.py
test_04_cpvm_internals Failure 0.06 test_ssvm.py
test_01_vpn_usage Error 1.11 test_usage.py
test_02_unsecure_vm_migration Error 357.95 test_vm_life_cycle.py
test_02_unsecure_vm_migration Error 357.96 test_vm_life_cycle.py
test_08_migrate_vm Error 20.29 test_vm_life_cycle.py
test_01_migrate_vm_strict_tags_success Error 25.42 test_vm_strict_host_tags.py

blueorangutan avatar Dec 09 '25 06:12 blueorangutan