From: hickert Date: Tue, 10 Jul 2007 13:43:44 +0000 (+0000) Subject: Created password plugin class X-Git-Url: https://git.tokkee.org/?a=commitdiff_plain;h=ff4ee48b43ab3ad09894423be8ef0c1661264120;p=gosa.git Created password plugin class git-svn-id: https://oss.gonicus.de/repositories/gosa/trunk@6815 594d385d-05f5-0310-b6e9-bd551577e9d8 --- diff --git a/plugins/personal/password/changed.tpl b/plugins/personal/password/changed.tpl index b74ea4059..16db30001 100644 --- a/plugins/personal/password/changed.tpl +++ b/plugins/personal/password/changed.tpl @@ -1,3 +1,4 @@ +

{t}You've successfully changed your password. Remember to change all programms configured to use it as well.{/t}

diff --git a/plugins/personal/password/class_password.inc b/plugins/personal/password/class_password.inc index 46cf8a048..df80924b8 100644 --- a/plugins/personal/password/class_password.inc +++ b/plugins/personal/password/class_password.inc @@ -1,11 +1,131 @@ get_permissions($ui->dn,"users/password"); + $smarty->assign("ChangeACL" , $password_ACLS); + $smarty->assign("NotAllowed" , !preg_match("/w/i",$password_ACLS)); + + /* Display expiration template */ + if((isset($this->config->data['MAIN']['ACCOUNT_EXPIRATION'])) && + preg_match('/true/i', $this->config->data['MAIN']['ACCOUNT_EXPIRATION'])){ + $expired= ldap_expired_account($this->config, $ui->dn, $ui->username); + if($expired == 4){ + return($smarty->fetch(get_template_path("nochange.tpl", TRUE))); + } + } + + /* Pwd change requested */ + if (isset($_POST['password_finish'])){ + + /* Should we check different characters in new password */ + $check_differ = isset($this->config->data['MAIN']['PWDIFFER']); + $differ = @$this->config->data['MAIN']['PWDIFFER']; + + /* Enable length check ? */ + $check_length = isset($this->config->data['MAIN']['PWMINLEN']); + $length = @$this->config->data['MAIN']['PWMINLEN']; + + /* Call external password quality hook ?*/ + $check_hook = isset($this->config->data['MAIN']['EXTERNALPWDHOOK']); + $hook = @$this->config->data['MAIN']['EXTERNALPWDHOOK']." ".$ui->username." ".$_POST['current_password']." ".$_POST['new_password']; + if($check_hook){ + exec($hook,$resarr); + $check_hook_output = ""; + if(count($resarr) > 0) { + $check_hook_output= join('\n', $resarr); + } + } + + /* Check given values */ + if(!isset($_POST['current_password']) || empty($_POST['current_password'])){ + print_red(_("You need to specify your current password in order to proceed.")); + }elseif ($_POST['new_password'] != $_POST['repeated_password']){ + print_red(_("The passwords you've entered as 'New password' and 'Repeated new password' do not match.")); + } elseif ($_POST['new_password'] == ""){ + print_red(_("The password you've entered as 'New password' is empty.")); + }elseif($check_differ && (substr($_POST['current_password'], 0, $differ) == substr($_POST['new_password'], 0, $differ))){ + print_red(_("The password used as new and current are too similar.")); + }elseif($check_length && (strlen($_POST['new_password']) < $length)){ + print_red(_("The password used as new is to short.")); + }elseif($check_hook && $check_hook_output != ""){ + print_red(_("External password changer reported a problem: ".$check_hook_output)); + }else{ + + /* Try to connect via current password */ + $tldap = new LDAP( + $ui->dn, + $_POST['current_password'], + $this->config->current['SERVER'], + isset($this->config->current['RECURSIVE']) && preg_match("/true/i",$this->config->current['RECURSIVE']), + isset($this->config->current['TLS']) && preg_match("/true/i",$this->config->current['TLS'])); + + /* connection Successfull ? */ + if ($tldap->error != "Success"){ + print_red(_("The password you've entered as your current password doesn't match the real one.")); + }else{ + + /* Check GOsa permissions */ + if (!preg_match("/w/i",$password_ACLS)){ + print_red(_("You have no permissions to change your password.")); + }else{ + change_password ($ui->dn, $_POST['new_password']); + gosa_log ("User/password has been changed"); + $ui->password= $_POST['new_password']; + $_SESSION['ui']= $ui; +#$this->handle_post_events("modify",array("userPassword" => $_POST['new_password'])); + return($smarty->fetch(get_template_path("changed.tpl", TRUE))); + } + } + } + } + return($smarty->fetch(get_template_path("password.tpl", TRUE))); + } + + function remove_from_parent() + { + $this->handle_post_events("remove"); + } + + function save() + { + } - function plInfo() { return (array( @@ -18,10 +138,9 @@ class password "plOptions" => array(), "plProvidedAcls" => array()) - ); + ); } } - // vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler: ?> diff --git a/plugins/personal/password/main.inc b/plugins/personal/password/main.inc index 10b1cbd57..b8135bc6a 100644 --- a/plugins/personal/password/main.inc +++ b/plugins/personal/password/main.inc @@ -18,109 +18,34 @@ Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA */ -$display = ""; -if (!$remove_lock){ - - /* Assign headline image */ - $smarty->assign ('headimage',""); - $display= ""; - - $password_ACLS = $ui->get_permissions($ui->dn,"users/password"); - $smarty->assign("ChangeACL" , $password_ACLS); - $smarty->assign("NotAllowed" , !preg_match("/w/i",$password_ACLS)); - - /* Check for interaction */ - if ($_SERVER["REQUEST_METHOD"] == "POST"){ - if (isset($_POST['password_finish'])){ - $message= array(); - - /* Is current password correct? */ - if ($_POST['current_password'] != ""){ - $tldap = new LDAP($ui->dn, $_POST['current_password'], - $config->current['SERVER'], - isset($config->current['RECURSIVE']) && $config->current['RECURSIVE'] == "true", - isset($config->current['TLS']) && $config->current['TLS'] == "true"); - if ($tldap->error != "Success"){ - $message[]= _("The password you've entered as your current password doesn't match the real one."); - } - } else { - $message[]= _("You need to specify your current password in order to proceed."); - } - - /* Do new and repeated password fields match? */ - if ($_POST['new_password'] != $_POST['repeated_password']){ - $message[]= _("The passwords you've entered as 'New password' and 'Repeated new password' do not match."); - } else { - if ($_POST['new_password'] == ""){ - $message[]= _("The password you've entered as 'New password' is empty."); - } - } - - /* Password policy fulfilled? */ - if (isset($config->data['MAIN']['PWDIFFER'])){ - $l= $config->data['MAIN']['PWDIFFER']; - if (substr($_POST['current_password'], 0, $l) == substr($_POST['new_password'], 0, $l)){ - $message[]= _("The password used as new and current are too similar."); - } - } - if (isset($config->data['MAIN']['PWMINLEN'])){ - if (strlen($_POST['new_password']) < $config->data['MAIN']['PWMINLEN']){ - $message[]= _("The password used as new is to short."); - } - } +/* Clear display */ +$display= ""; - if(!preg_match("/w/i",$password_ACLS)){ - $message[]= _("You have no permissions to change your password."); - } - - if (count ($message) != 0){ - - /* Show error message and continue editing */ - show_errors($message); +if (!$remove_lock){ - } else { + /* Reset requested? */ + if (isset($_POST['edit_cancel']) || + (isset($_GET['reset']) && $_GET['reset'] == 1)){ - /* Passed quality check, just try to change the password now */ - $output= ""; - if (isset($config->data['MAIN']['EXTERNALPWDHOOK'])){ - exec($config->data['MAIN']['EXTERNALPWDHOOK']." ".$ui->username." ". - $_POST['current_password']." ".$_POST['new_password'], $resarr); - if(count($resarr) > 0) { - $output= join('\n', $resarr); - } - } - if ($output != ""){ - $message[]= _("External password changer reported a problem: ".$output); - show_errors($message); - } else { - change_password ($ui->dn, $_POST['new_password']); - new log("modify","users/".get_class($this),$ui->dn,array(),"User has been changed"); - $ui->password= $_POST['new_password']; - $_SESSION['ui']= $ui; - $display= $smarty->fetch(get_template_path("changed.tpl", TRUE)); - } - } - } + del_lock ($ui->dn); + sess_del ('edit'); + sess_del ('password'); } - if ($display == ""){ - if((isset($config->data['MAIN']['ACCOUNT_EXPIRATION'])) && - !preg_match('/true/i', $config->data['MAIN']['ACCOUNT_EXPIRATION'])){ - $display= $smarty->fetch(get_template_path("password.tpl", TRUE)); - }else{ - $expired= ldap_expired_account($config, $ui->dn, $ui->username); - - if($expired == 4){ - $display= $smarty->fetch(get_template_path("nochange.tpl", TRUE)); - }else{ - $display= $smarty->fetch(get_template_path("password.tpl", TRUE)); - } - } + /* Create password object on demand */ + if (!isset($_SESSION['password']) || (isset($_GET['reset']) && $_GET['reset'] == 1)){ + $_SESSION['password']= new password ($config, $ui->dn); } -} + $password= $_SESSION['password']; + + /* Execute formular */ + $display.= $password->execute (); -$display = print_header(get_template_path('images/password.png'),_("Change password"), "").$display; + /* Page header*/ + $display= print_header(get_template_path('images/password.png'), + _("Password settings"), "").$display; +} // vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler: ?> diff --git a/plugins/personal/password/nochange.tpl b/plugins/personal/password/nochange.tpl index 280928cb7..d7164f67e 100644 --- a/plugins/personal/password/nochange.tpl +++ b/plugins/personal/password/nochange.tpl @@ -1,5 +1,5 @@
- {t}Password change not allowed{/t} + {t}Password change not allowed{/t}>

diff --git a/plugins/personal/password/password.tpl b/plugins/personal/password/password.tpl index bc8251446..0787b7056 100644 --- a/plugins/personal/password/password.tpl +++ b/plugins/personal/password/password.tpl @@ -1,53 +1,35 @@ -

{t}To change your personal password use the fields below. The changes take effect immediately. Please memorize the new password, because you wouldn't be able to login without it.{/t}

-{if $NotAllowed} - {t}You have no permissions to change your password.{/t} -{else} {t}Changing the password affects your authentification on mail, proxy, samba and unix services.{/t} -{/if}

- + - + - +
-{render acl=$ChangeACL} - -{/render} -
-{render acl=$ChangeACL} - -{/render} -
-{render acl=$ChangeACL} - -{/render} -

-{render acl=$ChangeACL} -{/render}   -{render acl=$ChangeACL} -{/render}