From 4099d0e8f2d10fecac8bdccb82c900cb7059ab98 Mon Sep 17 00:00:00 2001 From: Moritz Bunkus Date: Tue, 18 Jan 2011 16:37:17 +0100 Subject: [PATCH] =?utf8?q?=C3=9Cberpr=C3=BCfung=20der=20Passwortrichtlinie?= =?utf8?q?,=20wenn=20die=20Administratorin=20eine=20Benutzerin=20=C3=A4nde?= =?utf8?q?rt?= MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit --- SL/Auth/PasswordPolicy.pm | 9 +++++++-- bin/mozilla/admin.pl | 21 ++++++++++++++------- 2 files changed, 21 insertions(+), 9 deletions(-) diff --git a/SL/Auth/PasswordPolicy.pm b/SL/Auth/PasswordPolicy.pm index 866e49c1e..dd7e8e9c1 100644 --- a/SL/Auth/PasswordPolicy.pm +++ b/SL/Auth/PasswordPolicy.pm @@ -19,10 +19,11 @@ use Rose::Object::MakeMethods::Generic ); sub verify { - my ($self, $password) = @_; + my ($self, $password, $is_admin) = @_; my $cfg = $self->config; return OK() unless $cfg && %{ $cfg }; + return OK() if $is_admin && $cfg->{disable_policy_for_admin}; my $result = OK(); $result |= TOO_SHORT() if $cfg->{min_length} && (length($password) < $cfg->{min_length}); @@ -144,12 +145,16 @@ The password contains an invalid character. =over 4 -=item C +=item C Checks whether or not the password matches the policy. Returns C if it does and an error code otherwise (binary or'ed of the error constants). +If C<$is_admin> is trueish and the configuration specifies that the +policy checks are disabled for the administrator then C will +always return C. + =item C Returns an array of human-readable strings describing the issues set diff --git a/bin/mozilla/admin.pl b/bin/mozilla/admin.pl index eac4d083e..eee799958 100755 --- a/bin/mozilla/admin.pl +++ b/bin/mozilla/admin.pl @@ -42,6 +42,7 @@ use POSIX qw(strftime); use Sys::Hostname; use SL::Auth; +use SL::Auth::PasswordPolicy; use SL::Form; use SL::Iconv; use SL::Mailer; @@ -520,12 +521,6 @@ sub save_user { $myconfig->save_member(); - if ($main::auth->can_change_password() - && defined $form->{new_password} - && ($form->{new_password} ne '********')) { - $main::auth->change_password($form->{login}, $form->{new_password}); - } - $form->{templates} =~ s|.*/||; $form->{templates} = "$main::templates/$form->{templates}"; $form->{mastertemplates} =~ s|.*/||; @@ -578,8 +573,20 @@ sub save_user { } } - $form->redirect($locale->text('User saved!')); + if ($main::auth->can_change_password() + && defined $form->{new_password} + && ($form->{new_password} ne '********')) { + my $verifier = SL::Auth::PasswordPolicy->new; + my $result = $verifier->verify($form->{new_password}, 1); + + if ($result != SL::Auth::PasswordPolicy->OK()) { + $form->error($::locale->text('The settings were saved, but the password was not changed.') . ' ' . join(' ', $verifier->errors($result))); + } + $main::auth->change_password($form->{login}, $form->{new_password}); + } + + $form->redirect($locale->text('User saved!')); } sub save_user_as_new { -- 2.20.1