[LON-CAPA-cvs] cvs: loncom /interface loncommon.pm lonuserutils.pm
raeburn
raeburn at source.lon-capa.org
Sat May 11 17:34:02 EDT 2019
raeburn Sat May 11 21:34:02 2019 EDT
Modified files:
/loncom/interface lonuserutils.pm loncommon.pm
Log:
- Rules for length and/or characters in a LON-CAPA password (internal auth)
checked when new user accounts are created or auth is changed via file upload.
Index: loncom/interface/lonuserutils.pm
diff -u loncom/interface/lonuserutils.pm:1.199 loncom/interface/lonuserutils.pm:1.200
--- loncom/interface/lonuserutils.pm:1.199 Mon May 6 19:28:17 2019
+++ loncom/interface/lonuserutils.pm Sat May 11 21:34:01 2019
@@ -1,7 +1,7 @@
# The LearningOnline Network with CAPA
# Utility functions for managing LON-CAPA user accounts
#
-# $Id: lonuserutils.pm,v 1.199 2019/05/06 19:28:17 raeburn Exp $
+# $Id: lonuserutils.pm,v 1.200 2019/05/11 21:34:01 raeburn Exp $
#
# Copyright Michigan State University Board of Trustees
#
@@ -750,7 +750,7 @@
}
if ($rules{'spec'}) {
$intargjs .= q|
- var specRegExp = /[!"#$%&'()*+,\-.\/:;<=>?@[\\\]^_`{\|}~]/;
+ var specRegExp = /[!"#$%&'()*+,\-.\/:;<=>?@[\\^\]_`{\|}~]/;
if (!specRegExp.test(currpwval)) {
brokerules.push('spec');
}
@@ -4377,6 +4377,7 @@
}
my $amode = '';
my $genpwd = '';
+ my @genpwdfail;
if ($env{'form.login'} eq 'krb') {
$amode='krb';
$amode.=$env{'form.krbver'};
@@ -4385,6 +4386,8 @@
$amode='internal';
if ((defined($env{'form.intarg'})) && ($env{'form.intarg'})) {
$genpwd=$env{'form.intarg'};
+ @genpwdfail =
+ &Apache::loncommon::check_passwd_rules($domain,$genpwd);
}
} elsif ($env{'form.login'} eq 'loc') {
$amode='localauth';
@@ -4465,7 +4468,6 @@
\@statuses,\@poss_roles);
&gather_userinfo($context,'view',\%userlist,$indexhash,\%info,
\%cstr_roles,$permission);
-
}
}
}
@@ -4543,7 +4545,8 @@
my $newuserdom = $env{'request.role.domain'};
map { $cancreate{$_} = &can_create_user($newuserdom,$context,$_); } keys(%longtypes);
# Get new users list
- my (%existinguser,%userinfo,%disallow,%rulematch,%inst_results,%alerts,%checkuname);
+ my (%existinguser,%userinfo,%disallow,%rulematch,%inst_results,%alerts,%checkuname,
+ %showpasswdrules,$haspasswdmap);
my $counter = -1;
my (%willtrust,%trustchecked);
foreach my $line (@userdata) {
@@ -4694,11 +4697,43 @@
}
}
# determine user password
- my $password = $genpwd;
+ my $password;
+ my $passwdfromfile;
if (defined($fields{'ipwd'})) {
if ($entries{$fields{'ipwd'}}) {
$password=$entries{$fields{'ipwd'}};
+ $passwdfromfile = 1;
+ if ($env{'form.login'} eq 'int') {
+ my $uhome=&Apache::lonnet::homeserver($username,$userdomain);
+ if (($uhome eq 'no_host') || ($changeauth)) {
+ my @brokepwdrules =
+ &Apache::loncommon::check_passwd_rules($domain,$password);
+ if (@brokepwdrules) {
+ $disallow{$counter} = &mt('[_1]: Password included in file for this user did not meet requirements.',
+ '<b>'.$username.'</b>');
+ map { $showpasswdrules{$_} = 1; } @brokepwdrules;
+ next;
+ }
+ }
+ }
+ }
+ }
+ unless ($passwdfromfile) {
+ if ($env{'form.login'} eq 'int') {
+ if (@genpwdfail) {
+ my $uhome=&Apache::lonnet::homeserver($username,$userdomain);
+ if (($uhome eq 'no_host') || ($changeauth)) {
+ $disallow{$counter} = &mt('[_1]: No specific password in file for this user; default password did not meet requirements',
+ '<b>'.$username.'</b>');
+ unless ($haspasswdmap) {
+ map { $showpasswdrules{$_} = 1; } @genpwdfail;
+ $haspasswdmap = 1;
+ }
+ }
+ next;
+ }
}
+ $password = $genpwd;
}
# determine user role
my $role = '';
@@ -5061,6 +5096,7 @@
$counts{'auth'})."</p>\n");
}
$r->print(&print_namespacing_alerts($domain,\%alerts,\%curr_rules));
+ $r->print(&passwdrule_alerts($domain,\%showpasswdrules));
#####################################
# Display list of students to drop #
#####################################
@@ -5130,6 +5166,38 @@
}
}
+sub passwdrule_alerts {
+ my ($domain,$passwdrules) = @_;
+ my $warning;
+ if (ref($passwdrules) eq 'HASH') {
+ my %showrules = %{$passwdrules};
+ if (keys(%showrules)) {
+ my %passwdconf = &Apache::lonnet::get_passwdconf($domain);
+ $warning = '<b>'.&mt('Password requirement(s) unmet for one or more users:').'</b><ul>';
+ if ($showrules{'min'}) {
+ $warning .= '<li>'.&mt('minimum [quant,_1,character]',$passwdconf{'min'}).'</li>';
+ }
+ if ($showrules{'max'}) {
+ $warning .= '<li>'.&mt('maximum [quant,_1,character]',$passwdconf{'max'}).'</li>';
+ }
+ if ($showrules{'uc'}) {
+ $warning .= '<li>'.&mt('contain at least one upper case letter').'</li>';
+ }
+ if ($showrules{'lc'}) {
+ $warning .= '<li>'.&mt('contain at least one lower case letter').'</li>';
+ }
+ if ($showrules{'num'}) {
+ $warning .= '<li>'.&mt('contain at least one number').'</li>';
+ }
+ if ($showrules{'spec'}) {
+ $warning .= '<li>'.&mt('contain at least one non-alphanumeric').'</li>';
+ }
+ $warning .= '</ul>';
+ }
+ }
+ return $warning;
+}
+
sub user_change_result {
my ($r,$userresult,$authresult,$roleresult,$idresult,$counts,$flushc,
$username,$userdomain,$userchg) = @_;
Index: loncom/interface/loncommon.pm
diff -u loncom/interface/loncommon.pm:1.1331 loncom/interface/loncommon.pm:1.1332
--- loncom/interface/loncommon.pm:1.1331 Sun May 5 23:19:47 2019
+++ loncom/interface/loncommon.pm Sat May 11 21:34:01 2019
@@ -1,7 +1,7 @@
# The LearningOnline Network with CAPA
# a pile of common routines
#
-# $Id: loncommon.pm,v 1.1331 2019/05/05 23:19:47 raeburn Exp $
+# $Id: loncommon.pm,v 1.1332 2019/05/11 21:34:01 raeburn Exp $
#
# Copyright Michigan State University Board of Trustees
#
@@ -3597,7 +3597,7 @@
}
}
if ($rules{'lc'}) {
- unless ($plainpass =~ /a-z/) {
+ unless ($plainpass =~ /[a-z]/) {
push(@brokerule,'lc');
}
}
@@ -3633,6 +3633,9 @@
}
$warning .= '</ul>';
}
+ if (wantarray) {
+ return @brokerule;
+ }
return $warning;
}
More information about the LON-CAPA-cvs
mailing list