fix: show clear error when Volcengine console password is too weak

- Detect InvalidPassword error and return user-friendly message - Rollback user creation if password policy fails - Add password requirements hint in create form Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-28 19:27:36 +08:00 · 2026-03-28 19:27:36 +08:00 · f79ae0084d
commit f79ae0084d
parent 8b49d49048
2 changed files with 12 additions and 1 deletions
--- a/backend/apps/monitor/views.py
+++ b/backend/apps/monitor/views.py
@ -253,6 +253,16 @@ def iam_user_create_view(request):
            svc.create_login_profile(d['username'], password)
            result_info['login_enabled'] = True
        except VolcengineAPIError as e:
+            if 'InvalidPassword' in str(e):
+                # Rollback: delete the user we just created
+                try:
+                    svc.client.call("DeleteUser", {"UserName": d['username']})
+                except Exception:
+                    pass
+                return Response({
+                    'message': f'火山控制台密码不符合要求（需包含大小写字母、数字和特殊字符，至少8位）',
+                    'detail': str(e),
+                }, status=status.HTTP_400_BAD_REQUEST)
            result_info['login_error'] = str(e)

    # 3. Create access key
--- a/frontend/src/views/iam/IAMUserList.vue
+++ b/frontend/src/views/iam/IAMUserList.vue
@ -327,7 +327,8 @@
          <el-input v-model="createForm.password" type="password" show-password
                    placeholder="选填" />
          <div style="font-size:12px;color:#999;margin-top:4px;">
-            火山引擎网页后台的登录密码。不填则子账号无法登录火山网页后台，仅能通过 API Key 使用服务
+            火山引擎网页后台的登录密码。不填则子账号无法登录火山网页后台，仅能通过 API Key 使用服务。
+            密码需包含大小写字母、数字和特殊字符，至少8位（如 User@1234）
          </div>
        </el-form-item>
        <el-form-item label="关联项目">