Feature #19458 » 0002-Allow-to-specify-maximum-password-age.patch
| app/controllers/application_controller.rb (working copy) | ||
|---|---|---|
| 204 | 204 |
def check_password_change |
| 205 | 205 |
if session[:pwd] |
| 206 | 206 |
if User.current.must_change_password? |
| 207 |
flash[:error] = l(:error_password_expired) |
|
| 207 | 208 |
redirect_to my_password_path |
| 208 | 209 |
else |
| 209 | 210 |
session.delete(:pwd) |
| app/models/user.rb (working copy) | ||
|---|---|---|
| 323 | 323 |
return auth_source.allow_password_changes? |
| 324 | 324 |
end |
| 325 | 325 | |
| 326 |
def password_expired? |
|
| 327 |
changed_on = self.passwd_changed_on || Time.at(0) |
|
| 328 |
period = Setting.password_max_age.to_i |
|
| 329 | ||
| 330 |
if period.zero? |
|
| 331 |
false |
|
| 332 |
else |
|
| 333 |
changed_on < period.days.ago |
|
| 334 |
end |
|
| 335 |
end |
|
| 336 | ||
| 326 | 337 |
def must_change_password? |
| 327 |
must_change_passwd? && change_password_allowed?
|
|
| 338 |
(must_change_passwd? || password_expired?) && change_password_allowed?
|
|
| 328 | 339 |
end |
| 329 | 340 | |
| 330 | 341 |
def generate_password? |
| app/views/my/password.html.erb (working copy) | ||
|---|---|---|
| 17 | 17 |
<%= submit_tag l(:button_apply) %> |
| 18 | 18 |
<% end %> |
| 19 | 19 | |
| 20 |
<% unless @user.must_change_passwd? %> |
|
| 20 |
<% unless @user.must_change_passwd? || @user.password_expired? %>
|
|
| 21 | 21 |
<% content_for :sidebar do %> |
| 22 | 22 |
<%= render :partial => 'sidebar' %> |
| 23 | 23 |
<% end %> |
| app/views/settings/_authentication.html.erb (working copy) | ||
|---|---|---|
| 14 | 14 | |
| 15 | 15 |
<p><%= setting_text_field :password_min_length, :size => 6 %></p> |
| 16 | 16 | |
| 17 |
<p> |
|
| 18 |
<%= setting_select :password_max_age, [[l(:label_disabled), 0]] + [7, 30, 60, 90, 180, 365].collect{|days| [l('datetime.distance_in_words.x_days', :count => days), days.to_s]} %>
|
|
| 19 |
</p> |
|
| 20 | ||
| 17 | 21 |
<p><%= setting_check_box :lost_password, :label => :label_password_lost %></p> |
| 18 | 22 | |
| 19 | 23 |
<p><%= setting_text_field :max_additional_emails, :size => 6 %></p> |
| config/locales/de.yml (working copy) | ||
|---|---|---|
| 1026 | 1026 |
setting_non_working_week_days: Arbeitsfreie Tage |
| 1027 | 1027 |
setting_openid: Erlaube OpenID-Anmeldung und -Registrierung |
| 1028 | 1028 |
setting_password_min_length: Mindestlänge des Kennworts |
| 1029 |
setting_password_max_age: Erzwinge Passwortwechsel nach |
|
| 1029 | 1030 |
setting_per_page_options: Objekte pro Seite |
| 1030 | 1031 |
setting_plain_text_mail: Nur reinen Text (kein HTML) senden |
| 1031 | 1032 |
setting_protocol: Protokoll |
| config/locales/en.yml (working copy) | ||
|---|---|---|
| 204 | 204 |
error_attachment_too_big: "This file cannot be uploaded because it exceeds the maximum allowed file size (%{max_size})"
|
| 205 | 205 |
error_session_expired: "Your session has expired. Please login again." |
| 206 | 206 |
warning_attachments_not_saved: "%{count} file(s) could not be saved."
|
| 207 |
error_password_expired: "Your password has expired or the administrator requires you to change it." |
|
| 207 | 208 | |
| 208 | 209 |
mail_subject_lost_password: "Your %{value} password"
|
| 209 | 210 |
mail_body_lost_password: 'To change your password, click on the following link:' |
| ... | ... | |
| 386 | 387 |
setting_file_max_size_displayed: Maximum size of text files displayed inline |
| 387 | 388 |
setting_repository_log_display_limit: Maximum number of revisions displayed on file log |
| 388 | 389 |
setting_openid: Allow OpenID login and registration |
| 390 |
setting_password_max_age: Require password change after |
|
| 389 | 391 |
setting_password_min_length: Minimum password length |
| 390 | 392 |
setting_new_project_user_role_id: Role given to a non-admin user who creates a project |
| 391 | 393 |
setting_default_projects_modules: Default enabled modules for new projects |
| config/settings.yml (working copy) | ||
|---|---|---|
| 36 | 36 |
password_min_length: |
| 37 | 37 |
format: int |
| 38 | 38 |
default: 8 |
| 39 |
# Maximum password age in days |
|
| 40 |
password_max_age: |
|
| 41 |
format: int |
|
| 42 |
default: 0 |
|
| 39 | 43 |
# Maximum number of additional email addresses per user |
| 40 | 44 |
max_additional_emails: |
| 41 | 45 |
format: int |
| test/integration/account_test.rb (working copy) | ||
|---|---|---|
| 150 | 150 |
assert_equal false, User.find_by_login('jsmith').must_change_passwd?
|
| 151 | 151 |
end |
| 152 | 152 | |
| 153 |
def test_user_with_expired_password_should_be_forced_to_change_its_password |
|
| 154 |
User.find_by_login('jsmith').update_attribute :passwd_changed_on, 14.days.ago
|
|
| 155 | ||
| 156 |
with_settings :password_max_age => 7 do |
|
| 157 |
post '/login', :username => 'jsmith', :password => 'jsmith' |
|
| 158 |
assert_redirected_to '/my/page' |
|
| 159 |
follow_redirect! |
|
| 160 |
assert_redirected_to '/my/password' |
|
| 161 | ||
| 162 |
get '/issues' |
|
| 163 |
assert_redirected_to '/my/password' |
|
| 164 |
end |
|
| 165 |
end |
|
| 166 | ||
| 167 |
def test_user_with_expired_password_should_be_able_to_change_its_password |
|
| 168 |
User.find_by_login('jsmith').update_attribute :passwd_changed_on, 14.days.ago
|
|
| 169 | ||
| 170 |
with_settings :password_max_age => 7 do |
|
| 171 |
post '/login', :username => 'jsmith', :password => 'jsmith' |
|
| 172 |
assert_redirected_to '/my/page' |
|
| 173 |
follow_redirect! |
|
| 174 |
assert_redirected_to '/my/password' |
|
| 175 |
follow_redirect! |
|
| 176 |
assert_response :success |
|
| 177 |
post '/my/password', :password => 'jsmith', :new_password => 'newpassword', :new_password_confirmation => 'newpassword' |
|
| 178 |
assert_redirected_to '/my/account' |
|
| 179 |
follow_redirect! |
|
| 180 |
assert_response :success |
|
| 181 | ||
| 182 |
assert_equal false, User.find_by_login('jsmith').must_change_passwd?
|
|
| 183 |
end |
|
| 184 | ||
| 185 |
end |
|
| 186 | ||
| 153 | 187 |
def test_register_with_automatic_activation |
| 154 | 188 |
Setting.self_registration = '3' |
| 155 | 189 | |
- « Previous
- 1
- 2
- 3
- Next »
