Only generate password proposals when they are needed

[gosa.git] / gosa-core / plugins / personal / password / class_password.inc

diff --git a/gosa-core/plugins/personal/password/class_password.inc b/gosa-core/plugins/personal/password/class_password.inc
index cb3b43fcd3bffb6c1deb11d0a8ec06e577f71156..e73d414926f30c34bd4fb380462d6e827c27fef3 100644 (file)
--- a/gosa-core/plugins/personal/password/class_password.inc
+++ b/gosa-core/plugins/personal/password/class_password.inc
@@ -29,6 +29,7 @@ class password extends plugin
   var $proposal = "";
   var $proposalEnabled = FALSE;
   var $proposalSelected = FALSE;
+  var $proposalInitialized = FALSE;
 
   var $forcedHash = NULL;
 
@@ -37,12 +38,6 @@ class password extends plugin
   {
       plugin::plugin($config, $dn, $parent);
 
-      // Try to generate a password proposal, if this is successfull
-      //  then preselect the proposal usage.
-      $this->refreshProposal();
-      if($this->proposal != ""){
-          $this->proposalSelected = TRUE;
-      }
   }
 
   function forceHash($hash)
@@ -58,6 +53,16 @@ class password extends plugin
 
   function execute()
   {
+      // Try to generate a password proposal, if this is successfull
+      //  then preselect the proposal usage.
+      if(!$this->proposalInitialized){
+          $this->refreshProposal();
+          if($this->proposal != ""){
+              $this->proposalSelected = TRUE;
+          }
+          $this->proposalInitialized = TRUE;
+      }
+
     plugin::execute();
     $smarty = get_smarty();
     $smarty->assign("usePrototype", "true");
@@ -109,37 +114,42 @@ class password extends plugin
       $check_length = $this->config->get_cfg_value("passwordMinLength") != "";
       $length       = $this->config->get_cfg_value("passwordMinLength", 0);
 
+      // Perform GOsa password policy checks
+      $message = array();
+      if(empty($current_password)){
+          $message[] = _("You need to specify your current password in order to proceed.");
+      }elseif($new_password  != $repeated_password){
+          $message[] = _("The passwords you've entered as 'New password' and 'Repeated new password' do not match.");
+      }elseif($new_password == ""){
+          $message[] = _("The password you've entered as 'New password' is empty.");
+      }elseif($check_differ && (substr($current_password, 0, $differ) == substr($new_password, 0, $differ))){
+          $message[] = _("The password used as new and current are too similar.");
+      }elseif($check_length && (strlen($new_password) < $length)){
+          $message[] = _("The password used as new is to short.");
+      #}elseif(!passwordMethod::is_harmless($new_password)){
+       #   $message[] = _("The password contains possibly problematic Unicode characters!");
+      }
+
       /* Call external password quality hook ?*/
-      $check_hook   = $this->config->get_cfg_value("passwordHook") != "";
-      $hook         = $this->config->get_cfg_value("passwordHook")." ".
-          escapeshellarg($ui->username)." ".escapeshellarg($current_password)." ".escapeshellarg($new_password);
-      if($check_hook){
-        exec($hook,$resarr);
-        $check_hook_output = "";
-        if(count($resarr) > 0) {
-          $check_hook_output= join('\n', $resarr);
-        }
+      if(!count($message)){
+          $check_hook   = $this->config->get_cfg_value("passwordHook") != "";
+          $hook         = $this->config->get_cfg_value("passwordHook")." ".
+              escapeshellarg($ui->username)." ".escapeshellarg($current_password)." ".escapeshellarg($new_password);
+          if($check_hook){
+              exec($hook,$resarr);
+              $check_hook_output = "";
+              if(count($resarr) > 0) {
+                  $check_hook_output= join('\n', $resarr);
+              }
+              if(!empty($check_hook_output)){
+                  $message[] = sprintf(_("Check-hook reported a problem: %s. Password change canceled!"),$check_hook_output);
+              }
+          }
       }
 
-      /* Check given values */    
-      if(!isset($current_password) || empty($current_password)){
-        msg_dialog::display(_("Password change"),
-                            _("You need to specify your current password in order to proceed."),WARNING_DIALOG);
-      }elseif ($new_password != $repeated_password){
-        msg_dialog::display(_("Password change"),
-                            _("The passwords you've entered as 'New password' and 'Repeated new password' do not match."),WARNING_DIALOG);
-      } elseif ($new_password == ""){
-        msg_dialog::display(_("Password change"),
-                            _("The password you've entered as 'New password' is empty."),WARNING_DIALOG);
-      }elseif($check_differ && (substr($current_password, 0, $differ) == substr($new_password, 0, $differ))){
-        msg_dialog::display(_("Password change"),
-                            _("The password used as new and current are too similar."),WARNING_DIALOG);
-      }elseif($check_length && (strlen($new_password) < $length)){
-        msg_dialog::display(_("Password change"),
-                            _("The password used as new is to short."),WARNING_DIALOG);
-      }elseif($check_hook && $check_hook_output != ""){
-        msg_dialog::display(_("Password change"),
-                    sprintf(_("External password changer reported a problem: %s."),$check_hook_output),WARNING_DIALOG);
+      // Some errors/warning occured, display them and abort password change.
+      if(count($message)){
+          msg_dialog::displayChecks($message);
       }else{
 
         /* Try to connect via current password */