tyler.durden/icingaweb2
1
0
Fork 0
mirror of https://github.com/Icinga/icingaweb2.git synced 2025-09-25 10:57:40 +02:00
Code Issues Packages Projects Releases Wiki Activity

fix if no password policy is set in config.ini

Browse Source
This commit is contained in:
Jolien Trog 2025-08-28 12:58:40 +02:00
parent 371bda0d25
commit 0a8716830f
6 changed files with 57 additions and 55 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
application/forms/Account/ChangePasswordForm.php
View File

@ -25,13 +25,6 @@ class ChangePasswordForm extends Form
*/
protected $backend;
/**
* The password policy object
*
* @var PasswordPolicyHook
*/
protected ?PasswordPolicyHook $passwordPolicyObject = null;
/**
* {@inheritdoc}
*/
@ -45,16 +38,20 @@ class ChangePasswordForm extends Form
*/
public function createElements(array $formData)
{
$passwordPolicyObject = null;
$passwordPolicy = Config::app()->get(
'global',
'password_policy'
);
$this->passwordPolicyObject = new $passwordPolicy();
$passwordPolicyDescription = $this->passwordPolicyObject->displayPasswordPolicy();
if(isset($passwordPolicy)){
$passwordPolicyObject = new $passwordPolicy();
$passwordPolicyDescription = $passwordPolicyObject->getDescription();
if ($passwordPolicyDescription != '') {
$this->addDescription($passwordPolicyDescription);
}
}
$this->addElement(
'password',
@ -70,9 +67,8 @@ class ChangePasswordForm extends Form
array(
'label' => $this->translate('New Password'),
'required' => true,
'validators' =>
$this->passwordPolicyObject !== null ?
[new PasswordValidator($this->passwordPolicyObject)] : [],
'validators' => $passwordPolicyObject !== null ?
[new PasswordValidator($passwordPolicyObject)] : [],
)
);
$this->addElement(

17
application/forms/Config/User/UserForm.php
View File

@ -19,10 +19,18 @@ class UserForm extends RepositoryForm
*/
protected function createInsertElements(array $formData)
{
$passwordPolicy = Config::app()->get('global', 'password_policy');
if (isset($passwordPolicy) && class_exists($passwordPolicy)) {
$passwordPolicyObject = null;
$passwordPolicy = Config::app()->get(
'global',
'password_policy'
);
if (isset($passwordPolicy)) {
$passwordPolicyObject = new $passwordPolicy();
$this->addDescription($passwordPolicyObject->displayPasswordPolicy());
$passwordPolicyDescription = $passwordPolicyObject->getDescription();
if ($passwordPolicyDescription != '') {
$this->addDescription($passwordPolicyDescription);
}
}
$this->addElement(
@ -48,7 +56,8 @@ class UserForm extends RepositoryForm
array(
'required' => true,
'label' => $this->translate('Password'),
'validators' => array(new PasswordValidator())
'validators' => $passwordPolicyObject !== null ?
[new PasswordValidator($passwordPolicyObject)] : [],
)
);

8
library/Icinga/Application/Hook/PasswordPolicyHook.php
View File

@ -12,19 +12,19 @@ interface PasswordPolicyHook
*/
public function getName(): string;
/**
/**
* Displays the rules of the password policy for users
*
* @return string
*/
public function displayPasswordPolicy(): string;
public function getDescription(): string;
/**
* Validate a given password against the defined policy
*
* @param string $password
* @return string|null Returns null if the password is valid,
* @return array Returns an empty array if the password is valid,
* otherwise returns an error message describing the violations
*/
public function validatePassword(string $password): ?array;
public function validatePassword(string $password): array;
}

23
library/Icinga/Application/ProvidedHook/DefaultPasswordPolicy.php
View File

@ -25,7 +25,7 @@ class DefaultPasswordPolicy implements PasswordPolicyHook
return 'Default';
}
public function displayPasswordPolicy(): string
public function getDescription(): string
{
$message =
$this->translate(
@ -35,41 +35,36 @@ class DefaultPasswordPolicy implements PasswordPolicyHook
return $message;
}
public function validatePassword(string $password): ?array
public function validatePassword(string $password): array
{
$violations = [];
if (strlen($password) < 12) {
$violations[] =
$this->translate(
if (mb_strlen($password) < 12) {
$violations[] = $this->translate(
'Password must be at least 12 characters long'
);
}
if (! preg_match('/[0-9]/', $password)) {
$violations[] =
$this->translate(
$violations[] = $this->translate(
'Password must contain at least one number'
);
}
if (! preg_match('/[^a-zA-Z0-9]/', $password)) {
$violations[] =
$this->translate(
$violations[] = $this->translate(
'Password must contain at least one special character'
);
}
if (! preg_match('/[A-Z]/', $password)) {
$violations[] =
$this->translate(
$violations[] = $this->translate(
'Password must contain at least one uppercase letter'
);
}
if (! preg_match('/[a-z]/', $password)) {
$violations[] =
$this->translate(
$violations[] = $this->translate(
'Password must contain at least one lowercase letter'
);
}
@ -78,6 +73,6 @@ class DefaultPasswordPolicy implements PasswordPolicyHook
return $violations;
}
return null;
return [];
}
}

6
library/Icinga/Application/ProvidedHook/NonePasswordPolicy.php
View File

@ -15,13 +15,13 @@ class NonePasswordPolicy implements PasswordPolicyHook
return 'None';
}
public function displayPasswordPolicy(): string
public function getDescription(): string
{
return '';
}
public function validatePassword(string $password): ?array
public function validatePassword(string $password): array
{
return null;
return [];
}
}

10
library/Icinga/Authentication/PasswordValidator.php
View File

@ -35,11 +35,13 @@ class PasswordValidator extends Zend_Validate_Abstract
*/
public function isValid($value): bool
{
if ($this->passwordPolicyObject->validatePassword($value) === null) {
return true;
}
$message = $this->passwordPolicyObject->validatePassword($value);
$this->_messages = $this->passwordPolicyObject->validatePassword($value);
if (!empty($message)) {
$this->_messages = $message;
return false;
}
return true;
}
}