From 5e4cecdc650a964233add8676197e3dddd55fd29 Mon Sep 17 00:00:00 2001
From: vgilc <noreply@pandorafms.org>
Date: Fri, 22 Jun 2012 11:11:42 +0000
Subject: [PATCH] 2012-06-22  Vanessa Gil <vanessa.gil@artica.es>

	* operation/users/user_edit.php
	  godmode/users/configure_user.php: Apply password policy
	on users edition.


git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@6674 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f
---
 pandora_console/ChangeLog                     |  6 +++++
 .../godmode/users/configure_user.php          | 27 ++++++++++++++-----
 pandora_console/operation/users/user_edit.php | 26 +++++++++++++++---
 3 files changed, 49 insertions(+), 10 deletions(-)

diff --git a/pandora_console/ChangeLog b/pandora_console/ChangeLog
index 9cdd7d7de9..ec245460df 100644
--- a/pandora_console/ChangeLog
+++ b/pandora_console/ChangeLog
@@ -1,3 +1,9 @@
+2012-06-22  Vanessa Gil <vanessa.gil@artica.es>
+
+	* operation/users/user_edit.php
+	  godmode/users/configure_user.php: Apply password policy
+	on users edition.
+
 2012-06-21  Ramon Novoa  <rnovoa@artica.es>
 
 	* pandoradb_data.sql,
diff --git a/pandora_console/godmode/users/configure_user.php b/pandora_console/godmode/users/configure_user.php
index b319667ec8..2a86862924 100644
--- a/pandora_console/godmode/users/configure_user.php
+++ b/pandora_console/godmode/users/configure_user.php
@@ -231,13 +231,28 @@ if ($update_user) {
 		$password_confirm = (string) get_parameter ('password_confirm', '');
 		if ($password_new != '') {
 			if ($password_confirm == $password_new) {
-				$res2 = update_user_password ($id, $password_new);
-				if ($res2) {
-					$res3 = save_pass_history($id, $password_new);
+				if ((!$values['is_admin'] || $config['enable_pass_policy_admin']) && $config['enable_pass_policy']) {
+					$pass_ok = login_validate_pass($password_new, $id, true);
+					if ($pass_ok != 1) {
+						ui_print_error_message($pass_ok);
+					} else {
+						$res2 = update_user_password ($id, $password_new);
+						if ($res2) {
+							$res3 = save_pass_history($id, $password_new);
+						}
+						ui_print_result_message ($res1 || $res2,
+						__('User info successfully updated'),
+						__('Error updating user info (no change?)'));
+					}
+				} else {
+					$res2 = update_user_password ($id, $password_new);
+					if ($res2) {
+						$res3 = save_pass_history($id, $password_new);
+					}
+					ui_print_result_message ($res1 || $res2,
+						__('User info successfully updated'),
+						__('Error updating user info (no change?)'));
 				}
-				ui_print_result_message ($res1 || $res2,
-					__('User info successfully updated'),
-					__('Error updating user info (no change?)'));
 			}
 			else {
 				ui_print_error_message (__('Passwords does not match'));
diff --git a/pandora_console/operation/users/user_edit.php b/pandora_console/operation/users/user_edit.php
index 48cf3c838c..450f4f35ce 100644
--- a/pandora_console/operation/users/user_edit.php
+++ b/pandora_console/operation/users/user_edit.php
@@ -96,6 +96,8 @@ if (isset ($_GET["modified"]) && !$view_mode) {
 	$dashboard = get_parameter('dashboard', '');
 	$visual_console = get_parameter('visual_console', '');
 	
+	$is_admin = db_get_value('is_admin', 'tusuario', 'id_user', $id);
+	
 	$section = io_safe_output($upd_info["section"]);
 	if (($section == 'Event list') || ($section == 'Group view') || ($section == 'Alert detail') || ($section == 'Tactical view') || ($section == 'Default')) {
 		$upd_info["data_section"] = '';
@@ -107,10 +109,26 @@ if (isset ($_GET["modified"]) && !$view_mode) {
 	
 	if ( !empty ($password_new)) {
 		if ($config["user_can_update_password"] && $password_confirm == $password_new) {
-			$return = update_user_password ($id, $password_new);
-			ui_print_result_message ($return,
-				__('Password successfully updated'),
-				__('Error updating passwords: %s', $config['auth_error']));
+			if ((!$is_admin || $config['enable_pass_policy_admin']) && $config['enable_pass_policy']) {
+				$pass_ok = login_validate_pass($password_new, $id, true);
+				if ($pass_ok != 1) {
+					ui_print_error_message($pass_ok);
+				} else {
+					$return = update_user_password ($id, $password_new);
+					if ($return) {
+						$return2 = save_pass_history($id, $password_new);
+					}
+					ui_print_result_message ($return,
+					__('Password successfully updated'),
+					__('Error updating passwords: %s', $config['auth_error']));
+				}
+			} else {
+				$return = update_user_password ($id, $password_new);
+				ui_print_result_message ($return,
+					__('Password successfully updated'),
+					__('Error updating passwords: %s', $config['auth_error']));
+			}
+			
 		} elseif ($password_new !== "NON-INIT") {
 			ui_print_error_message (__('Passwords didn\'t match or other problem encountered while updating passwords'));
 		}