Improve password handling

src/vorta/assets/UI/repoadd.ui

@@ -127,6 +127,30 @@
          </property>
         </widget>
        </item>
+       <item row="3" column="1">
+        <widget class="QLineEdit" name="confirmLineEdit">
+         <property name="enabled">
+          <bool>true</bool>
+         </property>
+         <property name="echoMode">
+          <enum>QLineEdit::Password</enum>
+         </property>
+        </widget>
+       </item>
+       <item row="3" column="0">
+        <widget class="QLabel" name="confirmLabel">
+         <property name="text">
+          <string>Confirm passphrase:</string>
+         </property>
+        </widget>
+       </item>
+       <item row="4" column="0" colspan="2">
+        <widget class="QLabel" name="passwordLabel">
+         <property name="text">
+          <string>TextLabel</string>
+         </property>
+        </widget>
+       </item>
       </layout>
      </widget>
      <widget class="QWidget" name="tabWidgetPage2">
@@ -271,5 +295,6 @@
    </item>
   </layout>
  </widget>
+ <resources/>
  <connections/>
 </ui>

src/vorta/utils.py

@@ -23,6 +23,7 @@
 from PyQt5.QtWidgets import QApplication, QFileDialog, QSystemTrayIcon
 
 from vorta.borg._compatibility import BorgCompatibility
+from vorta.i18n import trans_late
 from vorta.keyring.abc import VortaKeyring
 from vorta.log import logger
 
@@ -96,7 +97,7 @@ def get_private_keys():
 def pretty_bytes(size):
     """from https://stackoverflow.com/questions/12523586/
             python-format-size-application-converting-b-to-kb-mb-gb-tb/37423778"""
-    if type(size) != int:
+    if not isinstance(size, int):
         return ''
     power = 1000  # GiB is base 2**10, GB is base 10**3.
     n = 0
@@ -273,3 +274,41 @@ def is_system_tray_available():
         is_available = tray.isSystemTrayAvailable()
 
     return is_available
+
+
+def validate_passwords(firstPass, secondPass):
+    passEqual = firstPass == secondPass
+    passLong = len(firstPass) > 8
+
+    if not (passLong or passEqual):
+        return trans_late('utils', "Passwords must be identical and greater than 8 characters long")
+    if not passEqual:
+        return trans_late('utils', "Passwords must be identical")
+    if not passLong:
+        return trans_late('utils', "Passwords must be greater than 8 characters long")
+
+    return ""
+
+
+def password_transparency(encryption):
+    platform = {
+        'linux': trans_late('utils', 'the Secret Service API'),
+        'darwin': trans_late('utils', 'Keychain Access')
+    }
+
+    if encryption != 'none':
+        keyringClass = VortaKeyring.get_keyring().__class__.__name__
+        messages = {
+            'VortaDBKeyring': trans_late('utils', 'plaintext on disk.\nVorta supports {storage} for password storage'.format(storage=platform.get(sys.platform))),  # noqa
+            'VortaSecretStorageKeyring': trans_late('utils', 'the Secret Service API'),
+            'VortaDarwinKeyring': trans_late('utils', 'Keychain Access'),
+            'VortaKWallet5Keyring': trans_late('utils', 'KWallet 5'),
+            'VortaKWallet4Keyring': trans_late('utils', 'KWallet 4')
+        }
+        # Just in case some other keyring support is added
+        keyringName = messages.get(keyringClass,
+                                   trans_late('utils',
+                                              'somewhere that was not anticipated. Please file a bug report on Github'))
+        return trans_late('utils', 'The password will be stored in %s') % keyringName
+    else:
+        return ""

src/vorta/views/repo_add_dialog.py

@@ -1,9 +1,11 @@
 import re
 from PyQt5 import uic
 
-from vorta.utils import get_private_keys, get_asset, choose_file_dialog, borg_compat
+from vorta.utils import get_private_keys, get_asset, choose_file_dialog, \
+    borg_compat, validate_passwords, password_transparency
 from vorta.borg.init import BorgInitThread
 from vorta.borg.info import BorgInfoThread
+from vorta.i18n import translate
 from vorta.views.utils import get_colored_icon
 from vorta.models import RepoModel
 
@@ -22,11 +24,15 @@ def __init__(self, parent=None):
         self.saveButton.clicked.connect(self.run)
         self.chooseLocalFolderButton.clicked.connect(self.choose_local_backup_folder)
         self.useRemoteRepoButton.clicked.connect(self.use_remote_repo_action)
+        self.passwordLineEdit.textChanged.connect(self.password_listener)
+        self.confirmLineEdit.textChanged.connect(self.password_listener)
+        self.encryptionComboBox.activated.connect(self.password_transparency)
         self.tabWidget.setCurrentIndex(0)
 
         self.init_encryption()
         self.init_ssh_key()
         self.set_icons()
+        self.password_transparency()
 
     def set_icons(self):
         self.chooseLocalFolderButton.setIcon(get_colored_icon('folder-open'))
@@ -44,6 +50,9 @@ def values(self):
             out['encryption'] = self.encryptionComboBox.currentData()
         return out
 
+    def password_transparency(self):
+        self.passwordLabel.setText(password_transparency(self.values.get('encryption')))
+
     def choose_local_backup_folder(self):
         def receive():
             folder = dialog.selectedFiles()
@@ -66,7 +75,7 @@ def use_remote_repo_action(self):
         self.is_remote_repo = True
 
     def run(self):
-        if self.validate():
+        if self.validate() and self.password_listener():
             params = BorgInitThread.prepare(self.values)
             if params['ok']:
                 self.saveButton.setEnabled(False)
@@ -122,21 +131,30 @@ def validate(self):
             self._set_status(self.tr('This repo has already been added.'))
             return False
 
-        if self.__class__ == AddRepoWindow:
-            if self.values['encryption'] != 'none':
-                if len(self.values['password']) < 8:
-                    self._set_status(self.tr('Please use a longer passphrase.'))
-                    return False
-
         return True
 
+    def password_listener(self):
+        if self.values['encryption'] == 'none':
+            self.passwordLabel.setText("")
+            return True
+        else:
+            firstPass = self.passwordLineEdit.text()
+            secondPass = self.confirmLineEdit.text()
+            msg = validate_passwords(firstPass, secondPass)
+            self.passwordLabel.setText(translate('utils', msg))
+            return len(msg) == 0
+
 
 class ExistingRepoWindow(AddRepoWindow):
     def __init__(self):
         super().__init__()
         self.encryptionComboBox.hide()
         self.encryptionLabel.hide()
         self.title.setText(self.tr('Connect to existing Repository'))
+        self.passwordLineEdit.textChanged.disconnect()
+        self.confirmLineEdit.textChanged.disconnect()
+        self.confirmLineEdit.hide()
+        self.confirmLabel.hide()
 
     def run(self):
         if self.validate():

tests/test_repo.py

@@ -9,20 +9,43 @@
 from vorta.views.ssh_dialog import SSHAddWindow
 from vorta.models import EventLogModel, RepoModel, ArchiveModel
 
+LONG_PASSWORD = 'long-password-long'
+SHORT_PASSWORD = 'hunter2'
+
 
 def test_repo_add_failures(qapp, qtbot, mocker, borg_json_output):
     # Add new repo window
     main = qapp.main_window
     add_repo_window = AddRepoWindow(main)
     qtbot.addWidget(add_repo_window)
 
+    qtbot.keyClicks(add_repo_window.passwordLineEdit, LONG_PASSWORD)
+    qtbot.keyClicks(add_repo_window.confirmLineEdit, LONG_PASSWORD)
     qtbot.keyClicks(add_repo_window.repoURL, 'aaa')
     qtbot.mouseClick(add_repo_window.saveButton, QtCore.Qt.LeftButton)
     assert add_repo_window.errorText.text().startswith('Please enter a valid')
 
+    add_repo_window.passwordLineEdit.clear()
+    add_repo_window.confirmLineEdit.clear()
+    qtbot.keyClicks(add_repo_window.passwordLineEdit, SHORT_PASSWORD)
+    qtbot.keyClicks(add_repo_window.confirmLineEdit, SHORT_PASSWORD)
     qtbot.keyClicks(add_repo_window.repoURL, 'bbb.com:repo')
     qtbot.mouseClick(add_repo_window.saveButton, QtCore.Qt.LeftButton)
-    assert add_repo_window.errorText.text() == 'Please use a longer passphrase.'
+    assert add_repo_window.passwordLabel.text() == 'Passwords must be greater than 8 characters long'
+
+    add_repo_window.passwordLineEdit.clear()
+    add_repo_window.confirmLineEdit.clear()
+    qtbot.keyClicks(add_repo_window.passwordLineEdit, SHORT_PASSWORD + "1")
+    qtbot.keyClicks(add_repo_window.confirmLineEdit, SHORT_PASSWORD)
+    qtbot.mouseClick(add_repo_window.saveButton, QtCore.Qt.LeftButton)
+    assert add_repo_window.passwordLabel.text() == 'Passwords must be identical and greater than 8 characters long'
+
+    add_repo_window.passwordLineEdit.clear()
+    add_repo_window.confirmLineEdit.clear()
+    qtbot.keyClicks(add_repo_window.passwordLineEdit, LONG_PASSWORD)
+    qtbot.keyClicks(add_repo_window.confirmLineEdit, SHORT_PASSWORD)
+    qtbot.mouseClick(add_repo_window.saveButton, QtCore.Qt.LeftButton)
+    assert add_repo_window.passwordLabel.text() == 'Passwords must be identical'
 
 
 def test_repo_unlink(qapp, qtbot, monkeypatch):
@@ -40,8 +63,6 @@ def test_repo_unlink(qapp, qtbot, monkeypatch):
 
 
 def test_repo_add_success(qapp, qtbot, mocker, borg_json_output):
-    LONG_PASSWORD = 'long-password-long'
-
     # Add new repo window
     main = qapp.main_window
     main.repoTab.repo_added.disconnect()
@@ -50,6 +71,7 @@ def test_repo_add_success(qapp, qtbot, mocker, borg_json_output):
 
     qtbot.keyClicks(add_repo_window.repoURL, test_repo_url)
     qtbot.keyClicks(add_repo_window.passwordLineEdit, LONG_PASSWORD)
+    qtbot.keyClicks(add_repo_window.confirmLineEdit, LONG_PASSWORD)
 
     stdout, stderr = borg_json_output('info')
     popen_result = mocker.MagicMock(stdout=stdout, stderr=stderr, returncode=0)