From: Moritz Bunkus Date: Tue, 18 Jan 2011 15:37:17 +0000 (+0100) Subject: Überprüfung der Passwortrichtlinie, wenn die Administratorin eine Benutzerin ändert X-Git-Tag: release-2.6.3~61^2~7^2~1^2~14 X-Git-Url: http://wagnertech.de/git?a=commitdiff_plain;h=4099d0e8f2d10fecac8bdccb82c900cb7059ab98;p=kivitendo-erp.git Überprüfung der Passwortrichtlinie, wenn die Administratorin eine Benutzerin ändert --- diff --git a/SL/Auth/PasswordPolicy.pm b/SL/Auth/PasswordPolicy.pm index 866e49c1e..dd7e8e9c1 100644 --- a/SL/Auth/PasswordPolicy.pm +++ b/SL/Auth/PasswordPolicy.pm @@ -19,10 +19,11 @@ use Rose::Object::MakeMethods::Generic ); sub verify { - my ($self, $password) = @_; + my ($self, $password, $is_admin) = @_; my $cfg = $self->config; return OK() unless $cfg && %{ $cfg }; + return OK() if $is_admin && $cfg->{disable_policy_for_admin}; my $result = OK(); $result |= TOO_SHORT() if $cfg->{min_length} && (length($password) < $cfg->{min_length}); @@ -144,12 +145,16 @@ The password contains an invalid character. =over 4 -=item C +=item C Checks whether or not the password matches the policy. Returns C if it does and an error code otherwise (binary or'ed of the error constants). +If C<$is_admin> is trueish and the configuration specifies that the +policy checks are disabled for the administrator then C will +always return C. + =item C Returns an array of human-readable strings describing the issues set diff --git a/bin/mozilla/admin.pl b/bin/mozilla/admin.pl index eac4d083e..eee799958 100755 --- a/bin/mozilla/admin.pl +++ b/bin/mozilla/admin.pl @@ -42,6 +42,7 @@ use POSIX qw(strftime); use Sys::Hostname; use SL::Auth; +use SL::Auth::PasswordPolicy; use SL::Form; use SL::Iconv; use SL::Mailer; @@ -520,12 +521,6 @@ sub save_user { $myconfig->save_member(); - if ($main::auth->can_change_password() - && defined $form->{new_password} - && ($form->{new_password} ne '********')) { - $main::auth->change_password($form->{login}, $form->{new_password}); - } - $form->{templates} =~ s|.*/||; $form->{templates} = "$main::templates/$form->{templates}"; $form->{mastertemplates} =~ s|.*/||; @@ -578,8 +573,20 @@ sub save_user { } } - $form->redirect($locale->text('User saved!')); + if ($main::auth->can_change_password() + && defined $form->{new_password} + && ($form->{new_password} ne '********')) { + my $verifier = SL::Auth::PasswordPolicy->new; + my $result = $verifier->verify($form->{new_password}, 1); + + if ($result != SL::Auth::PasswordPolicy->OK()) { + $form->error($::locale->text('The settings were saved, but the password was not changed.') . ' ' . join(' ', $verifier->errors($result))); + } + $main::auth->change_password($form->{login}, $form->{new_password}); + } + + $form->redirect($locale->text('User saved!')); } sub save_user_as_new {