summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 6e2adbe)
raw | patch | inline | side by side (parent: 6e2adbe)
author | hickert <hickert@594d385d-05f5-0310-b6e9-bd551577e9d8> | |
Fri, 2 Jul 2010 14:55:25 +0000 (14:55 +0000) | ||
committer | hickert <hickert@594d385d-05f5-0310-b6e9-bd551577e9d8> | |
Fri, 2 Jul 2010 14:55:25 +0000 (14:55 +0000) |
-Allow to set a proposal hool
git-svn-id: https://oss.gonicus.de/repositories/gosa/branches/2.6@18920 594d385d-05f5-0310-b6e9-bd551577e9d8
git-svn-id: https://oss.gonicus.de/repositories/gosa/branches/2.6@18920 594d385d-05f5-0310-b6e9-bd551577e9d8
diff --git a/gosa-core/include/password-methods/class_password-methods.inc b/gosa-core/include/password-methods/class_password-methods.inc
index 9a5fdafec540994ef2ad9cccf334d68cdab668be..51fdad0c8149c5a7de13074428c946bb8a136507 100644 (file)
{
return($this);
}
+
+ static function getPasswordProposal($config)
+ {
+ if($config->get_cfg_value('passwordProposalHook','') != ''){
+ $command = $config->get_cfg_value('passwordProposalHook','');
+
+ if (check_command($command)){
+
+ @DEBUG (DEBUG_SHELL, __LINE__, __FUNCTION__, __FILE__,$command,"Execute");
+ exec($command, $arr, $returnCode);
+ $returnOutput = $arr;
+
+ if($returnCode != 0){
+ $str = implode("\n",$arr);
+ @DEBUG (DEBUG_SHELL, __LINE__, __FUNCTION__, __FILE__, $command, "Execution failed code: ".$returnCode);
+ $message= msgPool::cmdexecfailed($cmd,$command, get_class($plugin));
+ msg_dialog::display(_("Error"), $message, ERROR_DIALOG);
+ }elseif(is_array($arr)){
+ $str = implode("\n",$arr);
+ @DEBUG (DEBUG_SHELL, __LINE__, __FUNCTION__, __FILE__, $command, "Result: ".$str);
+ if(count($arr) && !empty($arr[0])){
+ return($arr[0]);
+ }
+
+ }
+ } else {
+ $message= msgPool::cmdinvalid($cmd,$command, get_class($plugin));
+ msg_dialog::display(_("Error"), $message, ERROR_DIALOG);
+ }
+
+ }
+ return('');
+ }
}
// vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler:
?>
diff --git a/gosa-core/plugins/admin/users/class_userManagement.inc b/gosa-core/plugins/admin/users/class_userManagement.inc
index ed48bb24441669ab5448a09ef4c5e6ed5689d7df..056bb04bbba4e6c52a95437fa97ea6c2d109b685 100644 (file)
protected $aclPlugin = "user";
protected $objectName = "user";
+ protected $proposal = "";
+ protected $proposalEnabled = FALSE;
+ protected $proposalSelected = FALSE;
+
+ protected $passwordChangeForceable = FALSE;
+ protected $enforcePasswordChange = FALSE;
+
+
function __construct($config,$ui)
{
$this->config = $config;
}
+ function refreshProposal()
+ {
+ $this->proposal = passwordMethod::getPasswordProposal($this->config);
+ $this->proposalEnabled = (!empty($this->proposal));
+ }
+
+
// Inject user actions
function detectPostActions()
{
if(isset($_POST['abort_event_dialog'])) $action['action'] = "abortEventDialog";
if(isset($_POST['password_cancel'])){
$action['action'] = "passwordCancel";
- }elseif((count($this->pwd_change_queue) || isset($_POST['password_finish']))){
+ }elseif((count($this->pwd_change_queue) || isset($_POST['password_finish']) || isset($_POST['refreshProposal']))){
$action['action'] = "passwordQueue";
}
return($action);
function handlePasswordQueue()
{
- // skip if nothing is to do
- if(empty($this->dn) && !count($this->pwd_change_queue)) return;
+ // skip if nothing is to do
+ if(empty($this->dn) && !count($this->pwd_change_queue)) return;
- // Get next entry from queue.
- if(empty($this->dn) && count($this->pwd_change_queue)){
- $this->dn = array_pop($this->pwd_change_queue);
- set_object_info($this->dn);
- $smarty = get_smarty();
- return ($smarty->fetch(get_template_path('password.tpl', TRUE)));
- }
+ // Refresh proposal if requested
+ if(isset($_POST['refreshProposal'])) $this->refreshProposal();
+ if(isset($_POST['proposalSelected'])) $this->proposalSelected = get_post('proposalSelected') == 1;
- // Check permissions
- $dn = $this->dn;
- $acl = $this->ui->get_permissions($dn, "users/password");
- $cacl= $this->ui->get_permissions($dn, "users/user");
- if (preg_match('/w/', $acl) || preg_match('/c/', $cacl)){
- $message= array();
- if ($_POST['new_password'] != $_POST['repeated_password']){
- $message[]= _("The passwords you've entered as 'New password' and 'Repeated new password' do not match.");
- } else {
- if ($_POST['new_password'] == ""){
- $message[] = msgPool::required(_("New password"));
- }
+ $this->enforcePasswordChange = isset($_POST['new_password']) && isset($_POST['enforcePasswordChange']);
+
+ $smarty = get_smarty();
+ $smarty->assign("proposal" , $this->proposal);
+ $smarty->assign("proposalEnabled" , $this->proposalEnabled);
+ $smarty->assign("proposalSelected" , $this->proposalSelected);
+
+ $smarty->assign("passwordChangeForceable" , $this->passwordChangeForceable);
+ $smarty->assign("enforcePasswordChange" , $this->enforcePasswordChange);
+
+ // Get next entry from queue.
+ if(empty($this->dn) && count($this->pwd_change_queue)){
+
+ // Generate new proposal
+ $this->refreshProposal();
+ $this->proposalSelected = ($this->proposal != "");
+ $this->dn = array_pop($this->pwd_change_queue);
+
+ // Check if we are able to enforce a password change
+ $ldap = $this->config->get_ldap_link();
+ $ldap->cd($this->config->current['BASE']);
+ $ldap->cat($this->dn);
+ $attrs = $ldap->fetch();
+ $this->passwordChangeForceable =
+ in_array('sambaAccount', $attrs['objectClass']) ||
+ in_array('posixAccount', $attrs['objectClass']);
+ $smarty->assign("passwordChangeForceable" , $this->passwordChangeForceable);
+ $smarty->assign("enforcePasswordChange" , $this->enforcePasswordChange);
+
+ // Assign proposal variables
+ $smarty->assign("proposal" , $this->proposal);
+ $smarty->assign("proposalEnabled" , $this->proposalEnabled);
+ $smarty->assign("proposalSelected" , $this->proposalSelected);
+
+ set_object_info($this->dn);
+ return ($smarty->fetch(get_template_path('password.tpl', TRUE)));
}
- // Display errors
- if (count($message) != 0){
- msg_dialog::displayChecks($message);
- $smarty = get_smarty();
- return($smarty->fetch(get_template_path('password.tpl', TRUE)));
+ // If we've just refreshed the proposal then do not check the password for validity.
+ if(isset($_POST['refreshProposal'])){
+ return ($smarty->fetch(get_template_path('password.tpl', TRUE)));
}
- // Change cassword
- if(isset($this->force_hash_type[$this->dn])){
- if(!change_password ($this->dn, $_POST['new_password'],0,$this->force_hash_type[$this->dn])){
- return($smarty->fetch(get_template_path('password.tpl', TRUE)));
- }
- }else{
- if(!change_password ($this->dn, $_POST['new_password'])){
- return($smarty->fetch(get_template_path('password.tpl', TRUE)));
- }
+ // Check permissions
+ if(isset($_POST['password_finish'])){
+
+ $dn = $this->dn;
+ $acl = $this->ui->get_permissions($dn, "users/password");
+ $cacl= $this->ui->get_permissions($dn, "users/user");
+ if (preg_match('/w/', $acl) || preg_match('/c/', $cacl)){
+
+ // Get posted passwords
+ if($this->proposalSelected){
+ $new_password = $this->proposal;
+ $repeated_password = $this->proposal;
+ }else{
+ $new_password = get_post('new_password');
+ $repeated_password = get_post('repeated_password');
+ }
+
+ // Check posted passwords now.
+ $message= array();
+ if ($new_password != $repeated_password){
+ $message[]= _("The passwords you've entered as 'New password' and 'Repeated new password' do not match.");
+ } else {
+ if ($new_password == ""){
+ $message[] = msgPool::required(_("New password"));
+ }
+ }
+
+ // Display errors
+ if (count($message) != 0){
+ msg_dialog::displayChecks($message);
+ return($smarty->fetch(get_template_path('password.tpl', TRUE)));
+ }
+
+ // Change cassword
+ if(isset($this->force_hash_type[$this->dn])){
+ if(!change_password ($this->dn, $new_password,0,$this->force_hash_type[$this->dn])){
+ return($smarty->fetch(get_template_path('password.tpl', TRUE)));
+ }
+ }else{
+ if(!change_password ($this->dn, $new_password)){
+ return($smarty->fetch(get_template_path('password.tpl', TRUE)));
+ }
+ }
+ if ($this->config->get_cfg_value("core","passwordHook") != ""){
+ exec($this->config->get_cfg_value("core","passwordHook")." ".$this->dn." ".$new_password, $resarr);
+ }
+
+ // The user has to change his password on next login
+ // - We are going to update samba and posix attributes here, to enforce
+ // such a password change.
+ if($this->passwordChangeForceable && $this->enforcePasswordChange){
+
+ // Check if we are able to enforce a password change
+ $ldap = $this->config->get_ldap_link();
+ $ldap->cd($this->config->current['BASE']);
+ $ldap->cat($this->dn);
+ $attrs = $ldap->fetch();
+ $samba = in_array('sambaSamAccount', $attrs['objectClass']);
+ $posix = in_array('posixAccount', $attrs['objectClass']);
+
+ // Update the posix shadow flag...
+ if($posix){
+ $posixAccount = new posixAccount($this->config, $this->dn);
+ $posixAccount->is_modified=TRUE;
+ $posixAccount->activate_shadowExpire=1;
+ $posixAccount->shadowExpire = date('d.m.Y', time() - (1 * 24 * 60 *60));
+ $posixAccount->save();
+ }
+
+ // Update the samba kickoff flag...
+ if($samba){
+ $sambaAccount = new sambaAccount($this->config, $this->dn);
+ $sambaAccount->is_modified=TRUE;
+ $sambaAccount->kickoff_time_set = "1";
+ $sambaAccount->sambaKickoffTime= date('d.m.Y', time() - (1 * 24 * 60 *60));
+ $sambaAccount->save();
+ }
+ }
+
+ new log("modify","users/".get_class($this),$this->dn,array(),"Password has been changed");
+ $this->dn ="";
+
+ } else {
+ msg_dialog::display(_("Password change"),
+ _("You have no permission to change this users password!"),
+ WARNING_DIALOG);
+ }
}
- if ($this->config->get_cfg_value("passwordHook") != ""){
- exec($this->config->get_cfg_value("passwordHook")." ".$username." ".$_POST['new_password'], $resarr);
+ // Cleanup
+ if(!count($this->pwd_change_queue) && $this->dn=""){
+ $this->remove_lock();
+ $this->closeDialogs();
+ }else{
+ return($this->handlePasswordQueue());
}
- new log("modify","users/".get_class($this),$this->dn,array(),"Password has been changed");
- $this->dn ="";
-
- } else {
- msg_dialog::display(_("Password change"),
- _("You have no permission to change this users password!"),
- WARNING_DIALOG);
- }
-
- // Cleanup
- if(!count($this->pwd_change_queue)){
- $this->remove_lock();
- $this->closeDialogs();
- }else{
- return($this->handlePasswordQueue());
- }
}
+
+
/*! \brief Save user modifications.
* Whenever we save a 'new' user, request a password change for him.
*/
diff --git a/gosa-core/plugins/admin/users/password.tpl b/gosa-core/plugins/admin/users/password.tpl
index 18b8b0744479d7426dda5d8a67fd4bb4d5a7618f..d612a54fe22e29c4f609955aaee19cec1c8cf3d6 100644 (file)
{t}Changing the password affects your authentification on mail, proxy, samba and unix services.{/t}
</p>
-<table summary="" style="vertical-align:top; text-align:left;" cellpadding=4 border=0>
- <tr>
- <td><b><LABEL for="new_password">{t}New password{/t}</LABEL></b></td>
- <td><input type="password" id="new_password" name="new_password" size="30" maxlength="40" onFocus="nextfield= 'repeated_password';" onkeyup="testPasswordCss(document.getElementById('new_password').value);"></td>
- </tr>
- <tr>
- <td><b><LABEL for="repeated_password">{t}Repeat new password{/t}</LABEL></b></td>
- <td><input type="password" id="repeated_password" name="repeated_password" size="30" maxlength="40" onFocus="nextfiled= 'password_finish'"></td>
- </tr>
- <tr>
- <td><b>{t}Strength{/t}</b></td>
- <td>
- <span id="meterEmpty" style="padding:0;margin:0;width:100%;background-color:#DC143C;display:block;height:5px;">
- <span id="meterFull" style="padding:0;margin:0;z-index:100;width:0;background-color:#006400;display:block;height:5px;"></span></span>
- </td>
- </tr>
-</table>
+<hr>
+
+{if !$proposalEnabled}
+
+ <table summary="" style="vertical-align:top; text-align:left;" cellpadding=4 border=0>
+ <tr>
+ <td><b><LABEL for="new_password">{t}New password{/t}</LABEL></b></td>
+ <td><input type="password" id="new_password" name="new_password" onFocus="nextfield= 'repeated_password';" onkeyup="testPasswordCss(document.getElementById('new_password').value);"></td>
+ </tr>
+ <tr>
+ <td><b><LABEL for="repeated_password">{t}Repeat new password{/t}</LABEL></b></td>
+ <td><input type="password" id="repeated_password" name="repeated_password" onFocus="nextfiled= 'password_finish'"></td>
+ </tr>
+ <tr>
+ <td><b>{t}Strength{/t}</b></td>
+ <td>
+ <span id="meterEmpty" style="padding:0;margin:0;width:100%;background-color:#DC143C;display:block;height:5px;">
+ <span id="meterFull" style="padding:0;margin:0;z-index:100;width:0;background-color:#006400;display:block;height:5px;"></span></span>
+ </td>
+ </tr>
+ </table>
+
+{else}
+
+ <table summary="{t}Password input dialog{/t}" cellpadding=4 border=0>
+ <tr>
+ <td>
+ <input type='radio' value='1' name='proposalSelected'
+ {if $proposalSelected} checked {/if}> <b>{t}Use proposal{/t}</b>
+ </td>
+ <td>
+ <input type='text' value="{$proposal}" style='color: black;'>
+ <input type='submit' name='refreshProposal' value='{t}Refresh{/t}'>
+ </td>
+ </tr>
+ <tr>
+ <td>
+ <input type='radio' value='0' name='proposalSelected'
+ {if !$proposalSelected} checked {/if}> <b>{t}Manually specify a password{/t}</b>
+ </td>
+ </tr>
+ <tr>
+ <td style='padding-left:40px;'><b><LABEL for="new_password">{t}New password{/t}</LABEL></b></td>
+ <td><input type="password" id="new_password" name="new_password" onFocus="nextfield= 'repeated_password';" onkeyup="testPasswordCss(document.getElementById('new_password').value);"></td>
+ </tr>
+ <tr>
+ <td style='padding-left:40px;'><b><LABEL for="repeated_password">{t}Repeat new password{/t}</LABEL></b></td>
+ <td><input type="password" id="repeated_password" name="repeated_password" onFocus="nextfiled='password_finish'"></td>
+ </tr>
+ <tr>
+ <td style='padding-left:40px;'><b>{t}Strength{/t}</b></td>
+ <td>
+ <span id="meterEmpty" style="padding:0;margin:0;width:100%;
+ background-color:#DC143C;display:block;height:7px;">
+ <span id="meterFull" style="padding:0;margin:0;z-index:100;width:0;
+ background-color:#006400;display:block;height:7px;"></span></span>
+ </td>
+ </tr>
+ </table>
+
+{/if}
+
+{if $passwordChangeForceable}
+ <hr>
+ <input type='checkbox' name='enforcePasswordChange' value='1' id='enforcePasswordChange'
+ {if $enforcePasswordChange} checked {/if}>
+ <LABEL for='enforcePasswordChange'>{t}Enforce password change on next login.{/t}</LABEL>
+{/if}
+
+
+
<br>
<p class="plugbottom">
<input type=submit name="password_finish" value="{t}Set password{/t}">
diff --git a/gosa-core/plugins/personal/generic/changed.tpl b/gosa-core/plugins/personal/generic/changed.tpl
--- /dev/null
@@ -0,0 +1,12 @@
+
+<p>
+ <b>{t}You've successfully changed your password. Remember to change all programms configured to use it as well.{/t}</b>
+</p>
+
+<br>
+
+<p class="plugbottom">
+ <input type=submit name="password_back" value="{msgPool type=backButton}">
+</p>
+
+<input type="hidden" name="ignore">
diff --git a/gosa-core/plugins/personal/generic/main.inc b/gosa-core/plugins/personal/generic/main.inc
index 9037a452cb021b09c6de12d52abe1fc1fa239b53..b7cbfc87b1eb05379208b2269ec2b336ccd59c1f 100644 (file)
}else{
/* Reset requested? */
- if (isset($_POST['edit_cancel']) || isset($_POST['password_cancel'])){
+ if (isset($_POST['edit_cancel']) || isset($_POST['password_cancel'])|| isset($_POST['password_changed'])){
session::un_set ('edit');
session::un_set ('user');
}
}
}
- /* Perform password change */
- if (isset($_POST['password_finish'])){
-
- /* For security reasons, check if user is allowed to set password again */
- if ($user->acl_is_writeable("userPassword") || $user->acl_is_createable()){
-
- /* Check input and feed errors into 'message' */
- $message= array();
-
- /* Sanity checks... */
- if ($_POST['new_password'] != $_POST['repeated_password']){
-
- /* Matching passwords in new and repeated? */
- $message[]= _("The passwords you've entered as 'New password' and 'Repeated new password' do not match.");
- } else {
-
- /* Empty password is not permitted by default. */
- if ($_POST['new_password'] == ""){
- $message[]= msgPool::required(_("New password"));
- }
- }
-
- /* Errors, or change password? */
- if (count($message) != 0){
-
- /* Show error message and continue editing */
- msg_dialog::displayChecks($message);
- $display.= $smarty->fetch(get_template_path('password.tpl', TRUE));
- return ($display);
- }
- change_password ($user->dn, $_POST['new_password'], 0, $user->pw_storage);
- new log("modify","users/password","",array(),"Password has been changed");
-
- } else {
-
- /* Missing permissions, show message */
- msg_dialog::display(_("Error"), _("You have no permission to set your password!"), ERROR_DIALOG);
- }
-
- del_lock ($ui->dn);
- session::un_set ('user');
- }
-
/* save changes to LDAP and disable edit mode */
+ $info = "";
if (isset($_POST['edit_finish'])){
- /* Perform checks */
- $message= $user->check ();
+ /* Perform checks */
+ $message= $user->check ();
+
+ /* No errors, save object */
+ if (count ($message) == 0){
+ $user->save ();
+ del_lock ($ui->dn);
+ session::un_set ('edit');
+
+ /* Need to reset the password? */
+ if($user->password_change_needed()){
- /* No errors, save object */
- if (count ($message) == 0){
- $user->save ();
- del_lock ($ui->dn);
- session::un_set ('edit');
+ $user->passwordClass= new password($config, $ui->dn);
+ $user->passwordClass->forceHash($user->pw_storage);
- /* Need to reset the password? */
- if($user->password_change_needed()){
- /* Save object */
- session::set('user',$user);
+ session::set('user',$user);
+ $display.=$user->passwordClass->execute();
+ } else {
+ session::un_set ('user');
+ }
- $display.= $smarty->fetch(get_template_path('password.tpl', TRUE));
- return ($display);
} else {
- session::un_set ('user');
+ /* Errors found, show message */
+ msg_dialog::displayChecks($message);
}
+ }elseif(isset($user->passwordClass)){
- } else {
- /* Errors found, show message */
- msg_dialog::displayChecks($message);
- }
- }
+ $display.=$user->passwordClass->execute();
- /* Execute formular */
- if($lock_msg){
- $display.= $lock_msg;
}else{
- $display.= $user->execute ();
- }
-
- /* Store changes in session */
- if (session::is_set('edit')){
- session::set('user',$user);
- }
-
- $info = "";
- /* Show page footer depending on the mode */
- if (!$user->cert_dialog && !$user->picture_dialog && !$user->dialog && $user->is_account && empty($lock_msg)){
- $display.= "<p class=\"plugbottom\">";
-
- /* Are we in edit mode? */
- if (session::is_set('edit')){
- $display.= "<input type=submit name=\"edit_finish\" style=\"width:80px\" value=\"".msgPool::okButton()."\">\n";
- $display.= " ";
- $display.= "<input type=submit name=\"edit_cancel\" value=\"".msgPool::cancelButton()."\">\n";
-
- $info= "<img class=\"center\" alt=\"\" align=\"middle\" src=\"".get_template_path('images/lists/locked.png').
- "\"> ".$ui->dn." ";
- } else {
- /* 'viewid' may be set by i.e. the phonelist plugin. This
- means that we want to go back... */
- if (isset ($viewid)){
- $str= msgPool::backButton();
- $fn = "back";
- } else {
- $str= msgPool::editButton();
- $fn = "edit";
- $info= "<img class=\"center\" alt=\"\" align=\"middle\" src=\"".get_template_path('images/lists/unlocked.png').
- "\"> ".$ui->dn." ";
+ /* Execute formular */
+ if($lock_msg){
+ $display.= $lock_msg;
+ }else{
+ $display.= $user->execute ();
}
- /* Only display edit button if there is at least one attribute editable */
- if(preg_match("/r/",$ui->get_permissions($ui->dn,"users/user"))){
- if ($fn == "edit"){
- $info.= "<img class=\"center\" alt=\"\" align=\"middle\" src=\"".get_template_path('images/lists/on.png')."\"> ".
- msgPool::clickEditToChange();
- $display.= "<input type=submit name=\"$fn\" value=\"$str\">\n";
- }
+ /* Store changes in session */
+ if (session::is_set('edit')){
+ session::set('user',$user);
}
- $display.= "<input type=\"hidden\" name=\"ignore\">\n";
- }
- $display.= "</p>\n";
+ /* Show page footer depending on the mode */
+ if (!$user->cert_dialog && !$user->picture_dialog && !$user->dialog && $user->is_account && empty($lock_msg)){
+ $display.= "<p class=\"plugbottom\">";
+
+ /* Are we in edit mode? */
+ if (session::is_set('edit')){
+ $display.= "<input type=submit name=\"edit_finish\" style=\"width:80px\" value=\"".msgPool::okButton()."\">\n";
+ $display.= " ";
+ $display.= "<input type=submit name=\"edit_cancel\" value=\"".msgPool::cancelButton()."\">\n";
+
+ $info= "<img class=\"center\" alt=\"\" align=\"middle\" src=\"".get_template_path('images/lists/locked.png').
+ "\"> ".$ui->dn." ";
+ } else {
+ /* 'viewid' may be set by i.e. the phonelist plugin. This
+ means that we want to go back... */
+ if (isset ($viewid)){
+ $str= msgPool::backButton();
+ $fn = "back";
+ } else {
+ $str= msgPool::editButton();
+ $fn = "edit";
+ $info= "<img class=\"center\" alt=\"\" align=\"middle\" src=\"".get_template_path('images/lists/unlocked.png').
+ "\"> ".$ui->dn." ";
+ }
+
+ /* Only display edit button if there is at least one attribute editable */
+ if(preg_match("/r/",$ui->get_permissions($ui->dn,"users/user"))){
+ if ($fn == "edit"){
+ $info.= "<img class=\"center\" alt=\"\" align=\"middle\" src=\"".get_template_path('images/lists/on.png')."\"> ".
+ msgPool::clickEditToChange();
+ $display.= "<input type=submit name=\"$fn\" value=\"$str\">\n";
+ }
+ }
+
+ $display.= "<input type=\"hidden\" name=\"ignore\">\n";
+ }
+ $display.= "</p>\n";
+ }
}
/* Page header*/
diff --git a/gosa-core/plugins/personal/generic/password.tpl b/gosa-core/plugins/personal/generic/password.tpl
index 0430e544e76dc13a3a84037ab08fd9c124b3625c..ab93bc83ff6ad7c790d954c68db5239755f832b2 100644 (file)
+<script type="text/javascript" src="include/pwdStrength.js"></script>
+
+<p>
+ {t}To change your personal password use the fields below. The changes take effect immediately. Please memorize the new password, because you wouldn't be able to login without it.{/t}
+</p>
+
<p>
- {t}You have changed the method your password is stored in the ldap database. For that reason you've to enter your password at this point again. GOsa will then encode it with the selected method.{/t}
+ {t}Changing the password affects your authentification on mail, proxy, samba and unix services.{/t}
</p>
-<table summary="" style="vertical-align:top; text-align:left;" cellpadding=4 border=0>
- <tr>
- <td><b><LABEL for="new_password">{t}New password{/t}</LABEL></b></td>
- <td><input id="new_password" type="password" name="new_password" size="30" maxlength="40" onFocus="nextfield= 'repeated_password';"></td>
- </tr>
- <tr>
- <td><b><LABEL for="repeated_password">{t}Repeat new password{/t}</LABEL></b></td>
- <td><input id="repeated_password" type="password" name="repeated_password" size="30" maxlength="40" onFocus="nextfiled= 'password_finish'"></td>
- </tr>
-</table>
+<hr>
+
+{if !$proposalEnabled}
+
+ <table summary="" style="vertical-align:top; text-align:left;" cellpadding=4 border=0>
+ <tr>
+ <td><b><LABEL for="current_password">{t}Current password{/t}</LABEL></b></td>
+ <td><input id="current_password" type="password" name="current_password"
+ onFocus="nextfield= 'new_password';"></td>
+ </tr>
+ <tr>
+ <td><b><LABEL for="new_password">{t}New password{/t}</LABEL></b></td>
+ <td><input id="new_password" type="password" name="new_password"
+ onFocus="nextfield= 'repeated_password';" onkeyup="testPasswordCss(document.getElementById('new_password').value);"></td>
+ </tr>
+ <tr>
+ <td><b><LABEL for="repeated_password">{t}Repeat new password{/t}</LABEL></b></td>
+ <td><input id="repeated_password" type="password" name="repeated_password"
+ onFocus="nextfield= 'password_finish';"></td>
+ </tr>
+ <tr>
+ <td><b>{t}Password strength{/t}</b></td>
+ <td>
+ <span id="meterEmpty" style="padding:0;margin:0;width:100%;background-color:#DC143C;display:block;height:5px;">
+ <span id="meterFull" style="padding:0;margin:0;z-index:100;width:0;background-color:#006400;display:block;height:5px;"></span></span>
+ </td>
+ </tr>
+ </table>
+
+{else}
+
+ <table cellpadding=4 border=0 summary="{t}Password change dialog{/t}">
+ <tr>
+ <td><b><LABEL for="current_password">{t}Current password{/t}</LABEL></b></td>
+ <td><input id="current_password" type="password" name="current_password"
+ onFocus="nextfield= 'new_password';"></td>
+ </tr>
+ <tr>
+ <td>
+ <input type='radio' value='1' name='proposalSelected'
+ {if $proposalSelected} checked {/if}> <b>{t}Use proposal{/t}</b>
+ </td>
+ <td>
+ <input type='text' value="{$proposal}" style='color: black;'>
+ <input type='submit' name='refreshProposal' value='{t}Refresh{/t}'>
+ </td>
+ </tr>
+ <tr>
+ <td>
+ <input type='radio' value='0' name='proposalSelected'
+ {if !$proposalSelected} checked {/if}> <b>{t}Manually specify a password{/t}</b>
+ </td>
+ </tr>
+ <tr>
+ <td style='padding-left:40px;'><b><LABEL for="new_password">{t}New password{/t}</LABEL></b></td>
+ <td><input id="new_password" type="password" name="new_password"
+ onFocus="nextfield= 'repeated_password';" onkeyup="testPasswordCss(document.getElementById('new_password').value);"></td>
+ </tr>
+ <tr>
+ <td style='padding-left:40px;'><b><LABEL for="repeated_password">{t}Repeat new password{/t}</LABEL></b></td>
+ <td><input id="repeated_password" type="password" name="repeated_password"
+ onFocus="nextfield= 'password_finish';"></td>
+ </tr>
+ <tr>
+ <td style='padding-left:40px;'><b>{t}Password strength{/t}</b></td>
+ <td>
+ <span id="meterEmpty" style="padding:0;margin:0;width:100%;background-color:#DC143C;display:block;height:7px;">
+ <span id="meterFull" style="padding:0;margin:0;z-index:100;width:0;background-color:#006400;display:block;height:7px;"></span></span>
+ </td>
+ </tr>
+ </table>
+{/if}
+
+
<br>
+
<p class="plugbottom">
<input type=submit name="password_finish" value="{t}Set password{/t}">
- <input type=submit name="password_cancel" value="{msgPool type=cancelButton}">
+ <input type=reset id="password_cancel" name="password_cancel" value="{t}Clear fields{/t}">
+ <input type='hidden' id='formSubmit'>
</p>
+<input type="hidden" name="ignore">
+
<!-- Place cursor -->
<script language="JavaScript" type="text/javascript">
<!-- // First input field on page
- nextfield= "new_password";
- focus_field('new_password');
+ nextfield= 'current_password';
+ focus_field('current_password');
-->
</script>
+
diff --git a/gosa-core/plugins/personal/password/class_password.inc b/gosa-core/plugins/personal/password/class_password.inc
index f0b288b755dc085b9bacc7663fdae68ee3227623..06e9db7b8fa4585aa0e33032b5172d85c80062db 100644 (file)
var $plHeadline = "Password";
var $plDescription = "Change user password";
+ var $proposal = "";
+ var $proposalEnabled = FALSE;
+ var $proposalSelected = FALSE;
+
+ var $forcedHash = NULL;
+
+
function password(&$config, $dn= NULL, $parent= NULL)
{
- plugin::plugin($config, $dn, $parent);
+ plugin::plugin($config, $dn, $parent);
+
+ // Try to generate a password proposal, if this is successfull
+ // then preselect the proposal usage.
+ $this->refreshProposal();
+ if($this->proposal != ""){
+ $this->proposalSelected = TRUE;
+ }
}
+ function forceHash($hash)
+ {
+ $this->forcedHash = $hash;
+ }
+
+ function refreshProposal()
+ {
+ $this->proposal = passwordMethod::getPasswordProposal($this->config);
+ $this->proposalEnabled = (!empty($this->proposal));
+ }
function execute()
{
}
}
+
+ // Refresh proposal if requested
+ if(isset($_POST['refreshProposal'])) $this->refreshProposal();
+ $smarty->assign("proposal" , $this->proposal);
+ $smarty->assign("proposalEnabled" , $this->proposalEnabled);
+ $smarty->assign("proposalSelected" , $this->proposalSelected);
+
+ if(isset($_POST['proposalSelected'])) $this->proposalSelected = get_post('proposalSelected') == 1;
+
+
/* Pwd change requested */
if (isset($_POST['password_finish'])){
+
+ if($this->proposalSelected){
+ $current_password = get_post('current_password');
+ $new_password = $this->proposal;
+ $repeated_password = $this->proposal;
+ }else{
+ $current_password = get_post('current_password');
+ $new_password = get_post('new_password');
+ $repeated_password = get_post('repeated_password');
+ }
+
+
/* Should we check different characters in new password */
$check_differ = $this->config->get_cfg_value("passwordMinDiffer") != "";
$differ = $this->config->get_cfg_value("passwordMinDiffer", 0);
}
/* Check given values */
- if(!isset($_POST['current_password']) || empty($_POST['current_password'])){
+ if(!isset($current_password) || empty($current_password)){
msg_dialog::display(_("Password change"),
_("You need to specify your current password in order to proceed."),WARNING_DIALOG);
- }elseif ($_POST['new_password'] != $_POST['repeated_password']){
+ }elseif ($new_password != $repeated_password){
msg_dialog::display(_("Password change"),
_("The passwords you've entered as 'New password' and 'Repeated new password' do not match."),WARNING_DIALOG);
- } elseif ($_POST['new_password'] == ""){
+ } elseif ($new_password == ""){
msg_dialog::display(_("Password change"),
_("The password you've entered as 'New password' is empty."),WARNING_DIALOG);
- }elseif($check_differ && (substr($_POST['current_password'], 0, $differ) == substr($_POST['new_password'], 0, $differ))){
+ }elseif($check_differ && (substr($current_password, 0, $differ) == substr($new_password, 0, $differ))){
msg_dialog::display(_("Password change"),
_("The password used as new and current are too similar."),WARNING_DIALOG);
- }elseif($check_length && (strlen($_POST['new_password']) < $length)){
+ }elseif($check_length && (strlen($new_password) < $length)){
msg_dialog::display(_("Password change"),
_("The password used as new is to short."),WARNING_DIALOG);
}elseif($check_hook && $check_hook_output != ""){
/* Try to connect via current password */
$tldap = new LDAP(
$ui->dn,
- $_POST['current_password'],
+ $current_password,
$this->config->current['SERVER'],
$this->config->get_cfg_value("ldapFollowReferrals") == "true",
$this->config->get_cfg_value("ldapTLS") == "true");
msg_dialog::display(_("Password change"),
_("You have no permission to change your password."),WARNING_DIALOG);
}else{
- $this->change_password($ui->dn, $_POST['new_password']);
+ $this->change_password($ui->dn, $new_password,$this->forcedHash);
gosa_log ("User/password has been changed");
- $ui->password= $_POST['new_password'];
+ $ui->password= $new_password;
session::set('ui',$ui);
-#$this->handle_post_events("modify",array("userPassword" => $_POST['new_password']));
+#$this->handle_post_events("modify",array("userPassword" => $new_password));
return($smarty->fetch(get_template_path("changed.tpl", TRUE)));
}
}
return($smarty->fetch(get_template_path("password.tpl", TRUE)));
}
- function change_password($dn, $pwd)
+ function change_password($dn, $pwd, $hash)
{
- change_password ($dn, $pwd);
+ if(!$hash){
+ change_password ($dn, $pwd);
+ }else{
+ change_password ($dn, $pwd,0, $hash);
+ }
}
+
function remove_from_parent()
{
$this->handle_post_events("remove");
diff --git a/gosa-core/plugins/personal/password/password.tpl b/gosa-core/plugins/personal/password/password.tpl
index 88ffa0292279f1401efc2c22cba2d5655c706e05..ab93bc83ff6ad7c790d954c68db5239755f832b2 100644 (file)
{t}Changing the password affects your authentification on mail, proxy, samba and unix services.{/t}
</p>
-<table summary="" style="vertical-align:top; text-align:left;" cellpadding=4 border=0>
- <tr>
- <td><b><LABEL for="current_password">{t}Current password{/t}</LABEL></b></td>
- <td><input id="current_password" type="password" name="current_password" size="30" maxlength="40"
- onFocus="nextfield= 'new_password';"></td>
- </tr>
- <tr>
- <td><b><LABEL for="new_password">{t}New password{/t}</LABEL></b></td>
- <td><input id="new_password" type="password" name="new_password" size="30" maxlength="40"
- onFocus="nextfield= 'repeated_password';" onkeyup="testPasswordCss(document.getElementById('new_password').value);"></td>
- </tr>
- <tr>
- <td><b><LABEL for="repeated_password">{t}Repeat new password{/t}</LABEL></b></td>
- <td><input id="repeated_password" type="password" name="repeated_password" size="30" maxlength="40"
- onFocus="nextfield= 'password_finish';"></td>
- </tr>
- <tr>
- <td><b>{t}Password strength{/t}</b></td>
- <td>
- <span id="meterEmpty" style="padding:0;margin:0;width:100%;background-color:#DC143C;display:block;height:5px;">
- <span id="meterFull" style="padding:0;margin:0;z-index:100;width:0;background-color:#006400;display:block;height:5px;"></span></span>
- </td>
- </tr>
-</table>
+<hr>
+
+{if !$proposalEnabled}
+
+ <table summary="" style="vertical-align:top; text-align:left;" cellpadding=4 border=0>
+ <tr>
+ <td><b><LABEL for="current_password">{t}Current password{/t}</LABEL></b></td>
+ <td><input id="current_password" type="password" name="current_password"
+ onFocus="nextfield= 'new_password';"></td>
+ </tr>
+ <tr>
+ <td><b><LABEL for="new_password">{t}New password{/t}</LABEL></b></td>
+ <td><input id="new_password" type="password" name="new_password"
+ onFocus="nextfield= 'repeated_password';" onkeyup="testPasswordCss(document.getElementById('new_password').value);"></td>
+ </tr>
+ <tr>
+ <td><b><LABEL for="repeated_password">{t}Repeat new password{/t}</LABEL></b></td>
+ <td><input id="repeated_password" type="password" name="repeated_password"
+ onFocus="nextfield= 'password_finish';"></td>
+ </tr>
+ <tr>
+ <td><b>{t}Password strength{/t}</b></td>
+ <td>
+ <span id="meterEmpty" style="padding:0;margin:0;width:100%;background-color:#DC143C;display:block;height:5px;">
+ <span id="meterFull" style="padding:0;margin:0;z-index:100;width:0;background-color:#006400;display:block;height:5px;"></span></span>
+ </td>
+ </tr>
+ </table>
+
+{else}
+
+ <table cellpadding=4 border=0 summary="{t}Password change dialog{/t}">
+ <tr>
+ <td><b><LABEL for="current_password">{t}Current password{/t}</LABEL></b></td>
+ <td><input id="current_password" type="password" name="current_password"
+ onFocus="nextfield= 'new_password';"></td>
+ </tr>
+ <tr>
+ <td>
+ <input type='radio' value='1' name='proposalSelected'
+ {if $proposalSelected} checked {/if}> <b>{t}Use proposal{/t}</b>
+ </td>
+ <td>
+ <input type='text' value="{$proposal}" style='color: black;'>
+ <input type='submit' name='refreshProposal' value='{t}Refresh{/t}'>
+ </td>
+ </tr>
+ <tr>
+ <td>
+ <input type='radio' value='0' name='proposalSelected'
+ {if !$proposalSelected} checked {/if}> <b>{t}Manually specify a password{/t}</b>
+ </td>
+ </tr>
+ <tr>
+ <td style='padding-left:40px;'><b><LABEL for="new_password">{t}New password{/t}</LABEL></b></td>
+ <td><input id="new_password" type="password" name="new_password"
+ onFocus="nextfield= 'repeated_password';" onkeyup="testPasswordCss(document.getElementById('new_password').value);"></td>
+ </tr>
+ <tr>
+ <td style='padding-left:40px;'><b><LABEL for="repeated_password">{t}Repeat new password{/t}</LABEL></b></td>
+ <td><input id="repeated_password" type="password" name="repeated_password"
+ onFocus="nextfield= 'password_finish';"></td>
+ </tr>
+ <tr>
+ <td style='padding-left:40px;'><b>{t}Password strength{/t}</b></td>
+ <td>
+ <span id="meterEmpty" style="padding:0;margin:0;width:100%;background-color:#DC143C;display:block;height:7px;">
+ <span id="meterFull" style="padding:0;margin:0;z-index:100;width:0;background-color:#006400;display:block;height:7px;"></span></span>
+ </td>
+ </tr>
+ </table>
+{/if}
+
<br>