From 1f7d27ff6d053866af9b93b95691f538b9eff1eb Mon Sep 17 00:00:00 2001 From: hickert Date: Fri, 2 Jul 2010 14:55:25 +0000 Subject: [PATCH 1/1] Updated password handling -Allow to set a proposal hool git-svn-id: https://oss.gonicus.de/repositories/gosa/branches/2.6@18920 594d385d-05f5-0310-b6e9-bd551577e9d8 --- .../class_password-methods.inc | 33 +++ .../admin/users/class_userManagement.inc | 209 +++++++++++++----- gosa-core/plugins/admin/users/password.tpl | 88 ++++++-- .../plugins/personal/generic/changed.tpl | 12 + gosa-core/plugins/personal/generic/main.inc | 178 ++++++--------- .../plugins/personal/generic/password.tpl | 103 +++++++-- .../personal/password/class_password.inc | 75 ++++++- .../plugins/personal/password/password.tpl | 97 ++++++-- 8 files changed, 566 insertions(+), 229 deletions(-) create mode 100644 gosa-core/plugins/personal/generic/changed.tpl diff --git a/gosa-core/include/password-methods/class_password-methods.inc b/gosa-core/include/password-methods/class_password-methods.inc index 9a5fdafec..51fdad0c8 100644 --- a/gosa-core/include/password-methods/class_password-methods.inc +++ b/gosa-core/include/password-methods/class_password-methods.inc @@ -290,6 +290,39 @@ class passwordMethod { return($this); } + + static function getPasswordProposal($config) + { + if($config->get_cfg_value('passwordProposalHook','') != ''){ + $command = $config->get_cfg_value('passwordProposalHook',''); + + if (check_command($command)){ + + @DEBUG (DEBUG_SHELL, __LINE__, __FUNCTION__, __FILE__,$command,"Execute"); + exec($command, $arr, $returnCode); + $returnOutput = $arr; + + if($returnCode != 0){ + $str = implode("\n",$arr); + @DEBUG (DEBUG_SHELL, __LINE__, __FUNCTION__, __FILE__, $command, "Execution failed code: ".$returnCode); + $message= msgPool::cmdexecfailed($cmd,$command, get_class($plugin)); + msg_dialog::display(_("Error"), $message, ERROR_DIALOG); + }elseif(is_array($arr)){ + $str = implode("\n",$arr); + @DEBUG (DEBUG_SHELL, __LINE__, __FUNCTION__, __FILE__, $command, "Result: ".$str); + if(count($arr) && !empty($arr[0])){ + return($arr[0]); + } + + } + } else { + $message= msgPool::cmdinvalid($cmd,$command, get_class($plugin)); + msg_dialog::display(_("Error"), $message, ERROR_DIALOG); + } + + } + return(''); + } } // vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler: ?> diff --git a/gosa-core/plugins/admin/users/class_userManagement.inc b/gosa-core/plugins/admin/users/class_userManagement.inc index ed48bb244..056bb04bb 100644 --- a/gosa-core/plugins/admin/users/class_userManagement.inc +++ b/gosa-core/plugins/admin/users/class_userManagement.inc @@ -42,6 +42,14 @@ class userManagement extends management protected $aclPlugin = "user"; protected $objectName = "user"; + protected $proposal = ""; + protected $proposalEnabled = FALSE; + protected $proposalSelected = FALSE; + + protected $passwordChangeForceable = FALSE; + protected $enforcePasswordChange = FALSE; + + function __construct($config,$ui) { $this->config = $config; @@ -105,6 +113,13 @@ class userManagement extends management } + function refreshProposal() + { + $this->proposal = passwordMethod::getPasswordProposal($this->config); + $this->proposalEnabled = (!empty($this->proposal)); + } + + // Inject user actions function detectPostActions() { @@ -115,7 +130,7 @@ class userManagement extends management if(isset($_POST['abort_event_dialog'])) $action['action'] = "abortEventDialog"; if(isset($_POST['password_cancel'])){ $action['action'] = "passwordCancel"; - }elseif((count($this->pwd_change_queue) || isset($_POST['password_finish']))){ + }elseif((count($this->pwd_change_queue) || isset($_POST['password_finish']) || isset($_POST['refreshProposal']))){ $action['action'] = "passwordQueue"; } return($action); @@ -228,70 +243,156 @@ class userManagement extends management function handlePasswordQueue() { - // skip if nothing is to do - if(empty($this->dn) && !count($this->pwd_change_queue)) return; + // skip if nothing is to do + if(empty($this->dn) && !count($this->pwd_change_queue)) return; - // Get next entry from queue. - if(empty($this->dn) && count($this->pwd_change_queue)){ - $this->dn = array_pop($this->pwd_change_queue); - set_object_info($this->dn); - $smarty = get_smarty(); - return ($smarty->fetch(get_template_path('password.tpl', TRUE))); - } + // Refresh proposal if requested + if(isset($_POST['refreshProposal'])) $this->refreshProposal(); + if(isset($_POST['proposalSelected'])) $this->proposalSelected = get_post('proposalSelected') == 1; - // Check permissions - $dn = $this->dn; - $acl = $this->ui->get_permissions($dn, "users/password"); - $cacl= $this->ui->get_permissions($dn, "users/user"); - if (preg_match('/w/', $acl) || preg_match('/c/', $cacl)){ - $message= array(); - if ($_POST['new_password'] != $_POST['repeated_password']){ - $message[]= _("The passwords you've entered as 'New password' and 'Repeated new password' do not match."); - } else { - if ($_POST['new_password'] == ""){ - $message[] = msgPool::required(_("New password")); - } + $this->enforcePasswordChange = isset($_POST['new_password']) && isset($_POST['enforcePasswordChange']); + + $smarty = get_smarty(); + $smarty->assign("proposal" , $this->proposal); + $smarty->assign("proposalEnabled" , $this->proposalEnabled); + $smarty->assign("proposalSelected" , $this->proposalSelected); + + $smarty->assign("passwordChangeForceable" , $this->passwordChangeForceable); + $smarty->assign("enforcePasswordChange" , $this->enforcePasswordChange); + + // Get next entry from queue. + if(empty($this->dn) && count($this->pwd_change_queue)){ + + // Generate new proposal + $this->refreshProposal(); + $this->proposalSelected = ($this->proposal != ""); + $this->dn = array_pop($this->pwd_change_queue); + + // Check if we are able to enforce a password change + $ldap = $this->config->get_ldap_link(); + $ldap->cd($this->config->current['BASE']); + $ldap->cat($this->dn); + $attrs = $ldap->fetch(); + $this->passwordChangeForceable = + in_array('sambaAccount', $attrs['objectClass']) || + in_array('posixAccount', $attrs['objectClass']); + $smarty->assign("passwordChangeForceable" , $this->passwordChangeForceable); + $smarty->assign("enforcePasswordChange" , $this->enforcePasswordChange); + + // Assign proposal variables + $smarty->assign("proposal" , $this->proposal); + $smarty->assign("proposalEnabled" , $this->proposalEnabled); + $smarty->assign("proposalSelected" , $this->proposalSelected); + + set_object_info($this->dn); + return ($smarty->fetch(get_template_path('password.tpl', TRUE))); } - // Display errors - if (count($message) != 0){ - msg_dialog::displayChecks($message); - $smarty = get_smarty(); - return($smarty->fetch(get_template_path('password.tpl', TRUE))); + // If we've just refreshed the proposal then do not check the password for validity. + if(isset($_POST['refreshProposal'])){ + return ($smarty->fetch(get_template_path('password.tpl', TRUE))); } - // Change cassword - if(isset($this->force_hash_type[$this->dn])){ - if(!change_password ($this->dn, $_POST['new_password'],0,$this->force_hash_type[$this->dn])){ - return($smarty->fetch(get_template_path('password.tpl', TRUE))); - } - }else{ - if(!change_password ($this->dn, $_POST['new_password'])){ - return($smarty->fetch(get_template_path('password.tpl', TRUE))); - } + // Check permissions + if(isset($_POST['password_finish'])){ + + $dn = $this->dn; + $acl = $this->ui->get_permissions($dn, "users/password"); + $cacl= $this->ui->get_permissions($dn, "users/user"); + if (preg_match('/w/', $acl) || preg_match('/c/', $cacl)){ + + // Get posted passwords + if($this->proposalSelected){ + $new_password = $this->proposal; + $repeated_password = $this->proposal; + }else{ + $new_password = get_post('new_password'); + $repeated_password = get_post('repeated_password'); + } + + // Check posted passwords now. + $message= array(); + if ($new_password != $repeated_password){ + $message[]= _("The passwords you've entered as 'New password' and 'Repeated new password' do not match."); + } else { + if ($new_password == ""){ + $message[] = msgPool::required(_("New password")); + } + } + + // Display errors + if (count($message) != 0){ + msg_dialog::displayChecks($message); + return($smarty->fetch(get_template_path('password.tpl', TRUE))); + } + + // Change cassword + if(isset($this->force_hash_type[$this->dn])){ + if(!change_password ($this->dn, $new_password,0,$this->force_hash_type[$this->dn])){ + return($smarty->fetch(get_template_path('password.tpl', TRUE))); + } + }else{ + if(!change_password ($this->dn, $new_password)){ + return($smarty->fetch(get_template_path('password.tpl', TRUE))); + } + } + if ($this->config->get_cfg_value("core","passwordHook") != ""){ + exec($this->config->get_cfg_value("core","passwordHook")." ".$this->dn." ".$new_password, $resarr); + } + + // The user has to change his password on next login + // - We are going to update samba and posix attributes here, to enforce + // such a password change. + if($this->passwordChangeForceable && $this->enforcePasswordChange){ + + // Check if we are able to enforce a password change + $ldap = $this->config->get_ldap_link(); + $ldap->cd($this->config->current['BASE']); + $ldap->cat($this->dn); + $attrs = $ldap->fetch(); + $samba = in_array('sambaSamAccount', $attrs['objectClass']); + $posix = in_array('posixAccount', $attrs['objectClass']); + + // Update the posix shadow flag... + if($posix){ + $posixAccount = new posixAccount($this->config, $this->dn); + $posixAccount->is_modified=TRUE; + $posixAccount->activate_shadowExpire=1; + $posixAccount->shadowExpire = date('d.m.Y', time() - (1 * 24 * 60 *60)); + $posixAccount->save(); + } + + // Update the samba kickoff flag... + if($samba){ + $sambaAccount = new sambaAccount($this->config, $this->dn); + $sambaAccount->is_modified=TRUE; + $sambaAccount->kickoff_time_set = "1"; + $sambaAccount->sambaKickoffTime= date('d.m.Y', time() - (1 * 24 * 60 *60)); + $sambaAccount->save(); + } + } + + new log("modify","users/".get_class($this),$this->dn,array(),"Password has been changed"); + $this->dn =""; + + } else { + msg_dialog::display(_("Password change"), + _("You have no permission to change this users password!"), + WARNING_DIALOG); + } } - if ($this->config->get_cfg_value("passwordHook") != ""){ - exec($this->config->get_cfg_value("passwordHook")." ".$username." ".$_POST['new_password'], $resarr); + // Cleanup + if(!count($this->pwd_change_queue) && $this->dn=""){ + $this->remove_lock(); + $this->closeDialogs(); + }else{ + return($this->handlePasswordQueue()); } - new log("modify","users/".get_class($this),$this->dn,array(),"Password has been changed"); - $this->dn =""; - - } else { - msg_dialog::display(_("Password change"), - _("You have no permission to change this users password!"), - WARNING_DIALOG); - } - - // Cleanup - if(!count($this->pwd_change_queue)){ - $this->remove_lock(); - $this->closeDialogs(); - }else{ - return($this->handlePasswordQueue()); - } } + + /*! \brief Save user modifications. * Whenever we save a 'new' user, request a password change for him. */ diff --git a/gosa-core/plugins/admin/users/password.tpl b/gosa-core/plugins/admin/users/password.tpl index 18b8b0744..d612a54fe 100644 --- a/gosa-core/plugins/admin/users/password.tpl +++ b/gosa-core/plugins/admin/users/password.tpl @@ -8,23 +8,77 @@ {t}Changing the password affects your authentification on mail, proxy, samba and unix services.{/t}

- - - - - - - - - - - - - -
{t}Strength{/t} - - -
+
+ +{if !$proposalEnabled} + + + + + + + + + + + + + + +
{t}Strength{/t} + + +
+ +{else} + + + + + + + + + + + + + + + + + + + + + +
+  {t}Use proposal{/t} + + +   +
+  {t}Manually specify a password{/t} +
{t}Strength{/t} + + +
+ +{/if} + +{if $passwordChangeForceable} +
+   + +{/if} + + +

diff --git a/gosa-core/plugins/personal/generic/changed.tpl b/gosa-core/plugins/personal/generic/changed.tpl new file mode 100644 index 000000000..4fe49ed3f --- /dev/null +++ b/gosa-core/plugins/personal/generic/changed.tpl @@ -0,0 +1,12 @@ + +

+ {t}You've successfully changed your password. Remember to change all programms configured to use it as well.{/t} +

+ +
+ +

+ +

+ + diff --git a/gosa-core/plugins/personal/generic/main.inc b/gosa-core/plugins/personal/generic/main.inc index 9037a452c..b7cbfc87b 100644 --- a/gosa-core/plugins/personal/generic/main.inc +++ b/gosa-core/plugins/personal/generic/main.inc @@ -38,7 +38,7 @@ if ( $cleanup ){ }else{ /* Reset requested? */ - if (isset($_POST['edit_cancel']) || isset($_POST['password_cancel'])){ + if (isset($_POST['edit_cancel']) || isset($_POST['password_cancel'])|| isset($_POST['password_changed'])){ session::un_set ('edit'); session::un_set ('user'); } @@ -76,129 +76,91 @@ if ( $cleanup ){ } } - /* Perform password change */ - if (isset($_POST['password_finish'])){ - - /* For security reasons, check if user is allowed to set password again */ - if ($user->acl_is_writeable("userPassword") || $user->acl_is_createable()){ - - /* Check input and feed errors into 'message' */ - $message= array(); - - /* Sanity checks... */ - if ($_POST['new_password'] != $_POST['repeated_password']){ - - /* Matching passwords in new and repeated? */ - $message[]= _("The passwords you've entered as 'New password' and 'Repeated new password' do not match."); - } else { - - /* Empty password is not permitted by default. */ - if ($_POST['new_password'] == ""){ - $message[]= msgPool::required(_("New password")); - } - } - - /* Errors, or change password? */ - if (count($message) != 0){ - - /* Show error message and continue editing */ - msg_dialog::displayChecks($message); - $display.= $smarty->fetch(get_template_path('password.tpl', TRUE)); - return ($display); - } - change_password ($user->dn, $_POST['new_password'], 0, $user->pw_storage); - new log("modify","users/password","",array(),"Password has been changed"); - - } else { - - /* Missing permissions, show message */ - msg_dialog::display(_("Error"), _("You have no permission to set your password!"), ERROR_DIALOG); - } - - del_lock ($ui->dn); - session::un_set ('user'); - } - /* save changes to LDAP and disable edit mode */ + $info = ""; if (isset($_POST['edit_finish'])){ - /* Perform checks */ - $message= $user->check (); + /* Perform checks */ + $message= $user->check (); + + /* No errors, save object */ + if (count ($message) == 0){ + $user->save (); + del_lock ($ui->dn); + session::un_set ('edit'); + + /* Need to reset the password? */ + if($user->password_change_needed()){ - /* No errors, save object */ - if (count ($message) == 0){ - $user->save (); - del_lock ($ui->dn); - session::un_set ('edit'); + $user->passwordClass= new password($config, $ui->dn); + $user->passwordClass->forceHash($user->pw_storage); - /* Need to reset the password? */ - if($user->password_change_needed()){ - /* Save object */ - session::set('user',$user); + session::set('user',$user); + $display.=$user->passwordClass->execute(); + } else { + session::un_set ('user'); + } - $display.= $smarty->fetch(get_template_path('password.tpl', TRUE)); - return ($display); } else { - session::un_set ('user'); + /* Errors found, show message */ + msg_dialog::displayChecks($message); } + }elseif(isset($user->passwordClass)){ - } else { - /* Errors found, show message */ - msg_dialog::displayChecks($message); - } - } + $display.=$user->passwordClass->execute(); - /* Execute formular */ - if($lock_msg){ - $display.= $lock_msg; }else{ - $display.= $user->execute (); - } - - /* Store changes in session */ - if (session::is_set('edit')){ - session::set('user',$user); - } - - $info = ""; - /* Show page footer depending on the mode */ - if (!$user->cert_dialog && !$user->picture_dialog && !$user->dialog && $user->is_account && empty($lock_msg)){ - $display.= "

"; - - /* Are we in edit mode? */ - if (session::is_set('edit')){ - $display.= "\n"; - $display.= " "; - $display.= "\n"; - - $info= "\"\" ".$ui->dn." "; - } else { - /* 'viewid' may be set by i.e. the phonelist plugin. This - means that we want to go back... */ - if (isset ($viewid)){ - $str= msgPool::backButton(); - $fn = "back"; - } else { - $str= msgPool::editButton(); - $fn = "edit"; - $info= "\"\" ".$ui->dn." "; + /* Execute formular */ + if($lock_msg){ + $display.= $lock_msg; + }else{ + $display.= $user->execute (); } - /* Only display edit button if there is at least one attribute editable */ - if(preg_match("/r/",$ui->get_permissions($ui->dn,"users/user"))){ - if ($fn == "edit"){ - $info.= "\"\" ". - msgPool::clickEditToChange(); - $display.= "\n"; - } + /* Store changes in session */ + if (session::is_set('edit')){ + session::set('user',$user); } - $display.= "\n"; - } - $display.= "

\n"; + /* Show page footer depending on the mode */ + if (!$user->cert_dialog && !$user->picture_dialog && !$user->dialog && $user->is_account && empty($lock_msg)){ + $display.= "

"; + + /* Are we in edit mode? */ + if (session::is_set('edit')){ + $display.= "\n"; + $display.= " "; + $display.= "\n"; + + $info= "\"\" ".$ui->dn." "; + } else { + /* 'viewid' may be set by i.e. the phonelist plugin. This + means that we want to go back... */ + if (isset ($viewid)){ + $str= msgPool::backButton(); + $fn = "back"; + } else { + $str= msgPool::editButton(); + $fn = "edit"; + $info= "\"\" ".$ui->dn." "; + } + + /* Only display edit button if there is at least one attribute editable */ + if(preg_match("/r/",$ui->get_permissions($ui->dn,"users/user"))){ + if ($fn == "edit"){ + $info.= "\"\" ". + msgPool::clickEditToChange(); + $display.= "\n"; + } + } + + $display.= "\n"; + } + $display.= "

\n"; + } } /* Page header*/ diff --git a/gosa-core/plugins/personal/generic/password.tpl b/gosa-core/plugins/personal/generic/password.tpl index 0430e544e..ab93bc83f 100644 --- a/gosa-core/plugins/personal/generic/password.tpl +++ b/gosa-core/plugins/personal/generic/password.tpl @@ -1,28 +1,103 @@ + + +

+ {t}To change your personal password use the fields below. The changes take effect immediately. Please memorize the new password, because you wouldn't be able to login without it.{/t} +

+

- {t}You have changed the method your password is stored in the ldap database. For that reason you've to enter your password at this point again. GOsa will then encode it with the selected method.{/t} + {t}Changing the password affects your authentification on mail, proxy, samba and unix services.{/t}

- - - - - - - - - -
+
+ +{if !$proposalEnabled} + + + + + + + + + + + + + + + + + + +
{t}Password strength{/t} + + +
+ +{else} + + + + + + + + + + + + + + + + + + + + + + + + + +
+  {t}Use proposal{/t} + + +   +
+  {t}Manually specify a password{/t} +
{t}Password strength{/t} + + +
+{/if} + +
+

  - + +

+ + + diff --git a/gosa-core/plugins/personal/password/class_password.inc b/gosa-core/plugins/personal/password/class_password.inc index f0b288b75..06e9db7b8 100644 --- a/gosa-core/plugins/personal/password/class_password.inc +++ b/gosa-core/plugins/personal/password/class_password.inc @@ -26,11 +26,35 @@ class password extends plugin var $plHeadline = "Password"; var $plDescription = "Change user password"; + var $proposal = ""; + var $proposalEnabled = FALSE; + var $proposalSelected = FALSE; + + var $forcedHash = NULL; + + function password(&$config, $dn= NULL, $parent= NULL) { - plugin::plugin($config, $dn, $parent); + plugin::plugin($config, $dn, $parent); + + // Try to generate a password proposal, if this is successfull + // then preselect the proposal usage. + $this->refreshProposal(); + if($this->proposal != ""){ + $this->proposalSelected = TRUE; + } } + function forceHash($hash) + { + $this->forcedHash = $hash; + } + + function refreshProposal() + { + $this->proposal = passwordMethod::getPasswordProposal($this->config); + $this->proposalEnabled = (!empty($this->proposal)); + } function execute() { @@ -51,9 +75,31 @@ class password extends plugin } } + + // Refresh proposal if requested + if(isset($_POST['refreshProposal'])) $this->refreshProposal(); + $smarty->assign("proposal" , $this->proposal); + $smarty->assign("proposalEnabled" , $this->proposalEnabled); + $smarty->assign("proposalSelected" , $this->proposalSelected); + + if(isset($_POST['proposalSelected'])) $this->proposalSelected = get_post('proposalSelected') == 1; + + /* Pwd change requested */ if (isset($_POST['password_finish'])){ + + if($this->proposalSelected){ + $current_password = get_post('current_password'); + $new_password = $this->proposal; + $repeated_password = $this->proposal; + }else{ + $current_password = get_post('current_password'); + $new_password = get_post('new_password'); + $repeated_password = get_post('repeated_password'); + } + + /* Should we check different characters in new password */ $check_differ = $this->config->get_cfg_value("passwordMinDiffer") != ""; $differ = $this->config->get_cfg_value("passwordMinDiffer", 0); @@ -74,19 +120,19 @@ class password extends plugin } /* Check given values */ - if(!isset($_POST['current_password']) || empty($_POST['current_password'])){ + if(!isset($current_password) || empty($current_password)){ msg_dialog::display(_("Password change"), _("You need to specify your current password in order to proceed."),WARNING_DIALOG); - }elseif ($_POST['new_password'] != $_POST['repeated_password']){ + }elseif ($new_password != $repeated_password){ msg_dialog::display(_("Password change"), _("The passwords you've entered as 'New password' and 'Repeated new password' do not match."),WARNING_DIALOG); - } elseif ($_POST['new_password'] == ""){ + } elseif ($new_password == ""){ msg_dialog::display(_("Password change"), _("The password you've entered as 'New password' is empty."),WARNING_DIALOG); - }elseif($check_differ && (substr($_POST['current_password'], 0, $differ) == substr($_POST['new_password'], 0, $differ))){ + }elseif($check_differ && (substr($current_password, 0, $differ) == substr($new_password, 0, $differ))){ msg_dialog::display(_("Password change"), _("The password used as new and current are too similar."),WARNING_DIALOG); - }elseif($check_length && (strlen($_POST['new_password']) < $length)){ + }elseif($check_length && (strlen($new_password) < $length)){ msg_dialog::display(_("Password change"), _("The password used as new is to short."),WARNING_DIALOG); }elseif($check_hook && $check_hook_output != ""){ @@ -97,7 +143,7 @@ class password extends plugin /* Try to connect via current password */ $tldap = new LDAP( $ui->dn, - $_POST['current_password'], + $current_password, $this->config->current['SERVER'], $this->config->get_cfg_value("ldapFollowReferrals") == "true", $this->config->get_cfg_value("ldapTLS") == "true"); @@ -113,11 +159,11 @@ class password extends plugin msg_dialog::display(_("Password change"), _("You have no permission to change your password."),WARNING_DIALOG); }else{ - $this->change_password($ui->dn, $_POST['new_password']); + $this->change_password($ui->dn, $new_password,$this->forcedHash); gosa_log ("User/password has been changed"); - $ui->password= $_POST['new_password']; + $ui->password= $new_password; session::set('ui',$ui); -#$this->handle_post_events("modify",array("userPassword" => $_POST['new_password'])); +#$this->handle_post_events("modify",array("userPassword" => $new_password)); return($smarty->fetch(get_template_path("changed.tpl", TRUE))); } } @@ -126,11 +172,16 @@ class password extends plugin return($smarty->fetch(get_template_path("password.tpl", TRUE))); } - function change_password($dn, $pwd) + function change_password($dn, $pwd, $hash) { - change_password ($dn, $pwd); + if(!$hash){ + change_password ($dn, $pwd); + }else{ + change_password ($dn, $pwd,0, $hash); + } } + function remove_from_parent() { $this->handle_post_events("remove"); diff --git a/gosa-core/plugins/personal/password/password.tpl b/gosa-core/plugins/personal/password/password.tpl index 88ffa0292..ab93bc83f 100644 --- a/gosa-core/plugins/personal/password/password.tpl +++ b/gosa-core/plugins/personal/password/password.tpl @@ -8,30 +8,79 @@ {t}Changing the password affects your authentification on mail, proxy, samba and unix services.{/t}

- - - - - - - - - - - - - - - - - -
{t}Password strength{/t} - - -
+
+ +{if !$proposalEnabled} + + + + + + + + + + + + + + + + + + +
{t}Password strength{/t} + + +
+ +{else} + + + + + + + + + + + + + + + + + + + + + + + + + +
+  {t}Use proposal{/t} + + +   +
+  {t}Manually specify a password{/t} +
{t}Password strength{/t} + + +
+{/if} +
-- 2.30.2