new options for password reset page

This commit is contained in:
Roland Gruber 2016-02-26 19:49:57 +00:00
parent d68bf64505
commit 38c6f488a5
4 changed files with 190 additions and 6 deletions

View File

@ -203,6 +203,14 @@ $helpArray = array (
"Text" => _('Please enter the user name and password to connect to the database.')), "Text" => _('Please enter the user name and password to connect to the database.')),
"276" => array ("Headline" => _('Database name'), "276" => array ("Headline" => _('Database name'),
"Text" => _('This is the database name on the server.')), "Text" => _('This is the database name on the server.')),
'280' => array ("Headline" => _('Allow setting specific passwords'),
"Text" => _('Allows to set a specific password via input field.')),
'281' => array ("Headline" => _('Allow to display password on screen'),
"Text" => _('Allows to display a randomly generated password on screen.')),
'282' => array ("Headline" => _('Default password output'),
"Text" => _('Default method to output a random password.')),
'283' => array ("Headline" => _('Force password reset by default'),
"Text" => _('Enforce password reset on next login by default.')),
// 300 - 399 // 300 - 399
// profile editor, file upload // profile editor, file upload
"301" => array ("Headline" => _("RDN identifier"), "301" => array ("Headline" => _("RDN identifier"),

View File

@ -409,6 +409,13 @@ class LAMConfig {
/** line separator */ /** line separator */
const LINE_SEPARATOR = '+::+'; const LINE_SEPARATOR = '+::+';
/** show password on screen by default */
const PWDRESET_DEFAULT_SCREEN = 1;
/** send password via email by default */
const PWDRESET_DEFAULT_MAIL = 2;
/** show password on screen and send via email by default */
const PWDRESET_DEFAULT_BOTH = 3;
/** Server address (e.g. ldap://127.0.0.1:389) */ /** Server address (e.g. ldap://127.0.0.1:389) */
private $ServerURL; private $ServerURL;
@ -503,22 +510,27 @@ class LAMConfig {
/** email address for sender of password reset mails */ /** email address for sender of password reset mails */
private $lamProMailFrom = ''; private $lamProMailFrom = '';
/** reply-to email address for password reset mails */ /** reply-to email address for password reset mails */
private $lamProMailReplyTo = ''; private $lamProMailReplyTo = '';
/** subject for password reset mails */ /** subject for password reset mails */
private $lamProMailSubject = ''; private $lamProMailSubject = '';
/** treat password reset mail body as HTML */ /** treat password reset mail body as HTML */
private $lamProMailIsHTML = 'false'; private $lamProMailIsHTML = 'false';
/** allow sending mails to an alternative address */ /** allow sending mails to an alternative address */
private $lamProMailAllowAlternateAddress = 'true'; private $lamProMailAllowAlternateAddress = 'true';
/** mail body for password reset mails */ /** mail body for password reset mails */
private $lamProMailText = ''; private $lamProMailText = '';
/** password reset page: allow to set a specific password */
private $pwdResetAllowSpecificPassword = 'true';
/** password reset page: allow to show password on screen */
private $pwdResetAllowScreenPassword = 'true';
/** password reset page: force password change by default */
private $pwdResetForcePasswordChange = 'true';
/** password reset page: default selection for password output
* PWDRESET_DEFAULT_SCREEN, PWDRESET_DEFAULT_MAIL, PWDRESET_DEFAULT_BOTH */
private $pwdResetDefaultPasswordOutput = LAMconfig::PWDRESET_DEFAULT_MAIL;
/** LDAP user for jobs */ /** LDAP user for jobs */
private $jobsBindUser = null; private $jobsBindUser = null;
/** LDAP password for jobs */ /** LDAP password for jobs */
@ -547,7 +559,8 @@ class LAMConfig {
'loginSearchFilter', 'searchLimit', 'lamProMailFrom', 'lamProMailReplyTo', 'lamProMailSubject', 'loginSearchFilter', 'searchLimit', 'lamProMailFrom', 'lamProMailReplyTo', 'lamProMailSubject',
'lamProMailText', 'lamProMailIsHTML', 'lamProMailAllowAlternateAddress', 'httpAuthentication', 'loginSearchDN', 'lamProMailText', 'lamProMailIsHTML', 'lamProMailAllowAlternateAddress', 'httpAuthentication', 'loginSearchDN',
'loginSearchPassword', 'timeZone', 'jobsBindUser', 'jobsBindPassword', 'jobsDatabase', 'jobToken', 'jobs', 'loginSearchPassword', 'timeZone', 'jobsBindUser', 'jobsBindPassword', 'jobsDatabase', 'jobToken', 'jobs',
'jobsDBHost', 'jobsDBPort', 'jobsDBUser', 'jobsDBPassword', 'jobsDBName' 'jobsDBHost', 'jobsDBPort', 'jobsDBUser', 'jobsDBPassword', 'jobsDBName', 'pwdResetAllowSpecificPassword',
'pwdResetAllowScreenPassword', 'pwdResetForcePasswordChange', 'pwdResetDefaultPasswordOutput'
); );
@ -765,6 +778,10 @@ class LAMConfig {
if (!in_array("jobsDBPassword", $saved)) array_push($file_array, "\n" . "jobsDBPassword: " . $this->jobsDBPassword . "\n"); if (!in_array("jobsDBPassword", $saved)) array_push($file_array, "\n" . "jobsDBPassword: " . $this->jobsDBPassword . "\n");
if (!in_array("jobsDBName", $saved)) array_push($file_array, "\n" . "jobsDBName: " . $this->jobsDBName . "\n"); if (!in_array("jobsDBName", $saved)) array_push($file_array, "\n" . "jobsDBName: " . $this->jobsDBName . "\n");
if (!in_array("jobToken", $saved)) array_push($file_array, "\n" . "jobToken: " . $this->getJobToken() . "\n"); if (!in_array("jobToken", $saved)) array_push($file_array, "\n" . "jobToken: " . $this->getJobToken() . "\n");
if (!in_array("pwdResetAllowSpecificPassword", $saved)) array_push($file_array, "\n" . "pwdResetAllowSpecificPassword: " . $this->pwdResetAllowSpecificPassword . "\n");
if (!in_array("pwdResetAllowScreenPassword", $saved)) array_push($file_array, "\n" . "pwdResetAllowScreenPassword: " . $this->pwdResetAllowScreenPassword . "\n");
if (!in_array("pwdResetForcePasswordChange", $saved)) array_push($file_array, "\n" . "pwdResetForcePasswordChange: " . $this->pwdResetForcePasswordChange . "\n");
if (!in_array("pwdResetDefaultPasswordOutput", $saved)) array_push($file_array, "\n" . "pwdResetDefaultPasswordOutput: " . $this->pwdResetDefaultPasswordOutput . "\n");
// check if all module settings were added // check if all module settings were added
$m_settings = array_keys($this->moduleSettings); $m_settings = array_keys($this->moduleSettings);
for ($i = 0; $i < sizeof($m_settings); $i++) { for ($i = 0; $i < sizeof($m_settings); $i++) {
@ -1868,6 +1885,78 @@ class LAMConfig {
return $this->jobToken; return $this->jobToken;
} }
/**
* Returns if setting a specific password is allowed on password reset page.
*
* @return String 'true' or 'false'
*/
public function getPwdResetAllowSpecificPassword() {
return $this->pwdResetAllowSpecificPassword;
}
/**
* Sets if setting a specific password is allowed on password reset page.
*
* @param String $pwdResetAllowSpecificPassword 'true' or 'false'
*/
public function setPwdResetAllowSpecificPassword($pwdResetAllowSpecificPassword) {
$this->pwdResetAllowSpecificPassword = $pwdResetAllowSpecificPassword;
}
/**
* Returns if displaying password on screen is allowed on password reset page.
*
* @return String 'true' or 'false'
*/
public function getPwdResetAllowScreenPassword() {
return $this->pwdResetAllowScreenPassword;
}
/**
* Sets if displaying password on screen is allowed on password reset page.
*
* @param String $pwdResetAllowScreenPassword 'true' or 'false'
*/
public function setPwdResetAllowScreenPassword($pwdResetAllowScreenPassword) {
$this->pwdResetAllowScreenPassword = $pwdResetAllowScreenPassword;
}
/**
* Returns if force password change is set by default on password reset page.
*
* @return String 'true' or 'false'
*/
public function getPwdResetForcePasswordChange() {
return $this->pwdResetForcePasswordChange;
}
/**
* Sets if force password change is set by default on password reset page.
*
* @param String $pwdResetForcePasswordChange 'true' or 'false'
*/
public function setPwdResetForcePasswordChange($pwdResetForcePasswordChange) {
$this->pwdResetForcePasswordChange = $pwdResetForcePasswordChange;
}
/**
* Returns default password output method on password reset page.
*
* @return integer LAMConfig::PWDRESET_DEFAULT_SCREEN/PWDRESET_DEFAULT_MAIL/PWDRESET_DEFAULT_BOTH
*/
public function getPwdResetDefaultPasswordOutput() {
return $this->pwdResetDefaultPasswordOutput;
}
/**
* Sets default password output method on password reset page.
*
* @param integer $pwdResetDefaultPasswordOutput LAMConfig::PWDRESET_DEFAULT_SCREEN/PWDRESET_DEFAULT_MAIL/PWDRESET_DEFAULT_BOTH
*/
public function setPwdResetDefaultPasswordOutput($pwdResetDefaultPasswordOutput) {
$this->pwdResetDefaultPasswordOutput = $pwdResetDefaultPasswordOutput;
}
} }

View File

@ -369,6 +369,45 @@ $container->addElement(new htmlSpacer(null, '10px'), true);
// LAM Pro settings // LAM Pro settings
if (isLAMProVersion()) { if (isLAMProVersion()) {
// password reset page
$pwdResetContent = new htmlTable();
$pwdResetAllowSpecific = true;
if ($conf->getPwdResetAllowSpecificPassword() == 'false') {
$pwdResetAllowSpecific = false;
}
$pwdResetContent->addElement(new htmlTableExtendedInputCheckbox('pwdResetAllowSpecificPassword', $pwdResetAllowSpecific , _('Allow setting specific passwords'), '280'));
$pwdResetContent->addSpace('10px');
$pwdResetAllowScreenPassword = true;
if ($conf->getPwdResetAllowScreenPassword() == 'false') {
$pwdResetAllowScreenPassword = false;
}
$pwdResetContent->addElement(new htmlTableExtendedInputCheckbox('pwdResetAllowScreenPassword', $pwdResetAllowScreenPassword , _('Allow to display password on screen'), '281'), true);
$pwdResetDefaultPasswordOutputOptions = array(
_('Display on screen') => LAMConfig::PWDRESET_DEFAULT_SCREEN,
_('Send via mail') => LAMConfig::PWDRESET_DEFAULT_MAIL,
_('Both') => LAMConfig::PWDRESET_DEFAULT_BOTH
);
$pwdResetDefaultPasswordOutputSelect = new htmlTableExtendedSelect('pwdResetDefaultPasswordOutput', $pwdResetDefaultPasswordOutputOptions, array($conf->getPwdResetDefaultPasswordOutput()), _("Default password output"), '282');
$pwdResetDefaultPasswordOutputSelect->setHasDescriptiveElements(true);
$pwdResetContent->addElement($pwdResetDefaultPasswordOutputSelect);
$pwdResetContent->addSpace('10px');
$pwdResetForcePasswordChange = true;
if ($conf->getPwdResetForcePasswordChange() == 'false') {
$pwdResetForcePasswordChange = false;
}
$pwdResetContent->addElement(new htmlTableExtendedInputCheckbox('pwdResetForcePasswordChange', $pwdResetForcePasswordChange , _('Force password reset by default'), '283'), true);
$pwdResetFieldset = new htmlFieldset($pwdResetContent, _("Password reset page settings"), '../../graphics/keyBig.png');
$container->addElement($pwdResetFieldset, true);
$container->addElement(new htmlSpacer(null, '10px'), true);
// mail settings
$pwdMailContent = new htmlTable(); $pwdMailContent = new htmlTable();
$pwdMailFrom = new htmlTableExtendedInputField(_('From address'), 'pwdResetMail_from', $conf->getLamProMailFrom(), '550'); $pwdMailFrom = new htmlTableExtendedInputField(_('From address'), 'pwdResetMail_from', $conf->getLamProMailFrom(), '550');
@ -554,6 +593,25 @@ function checkInput() {
$conf->set_searchLimit($_POST['searchLimit']); $conf->set_searchLimit($_POST['searchLimit']);
if (isLAMProVersion()) { if (isLAMProVersion()) {
$conf->setAccessLevel($_POST['accessLevel']); $conf->setAccessLevel($_POST['accessLevel']);
if (isset($_POST['pwdResetAllowSpecificPassword']) && ($_POST['pwdResetAllowSpecificPassword'] == 'on')) {
$conf->setPwdResetAllowSpecificPassword('true');
}
else {
$conf->setPwdResetAllowSpecificPassword('false');
}
if (isset($_POST['pwdResetAllowScreenPassword']) && ($_POST['pwdResetAllowScreenPassword'] == 'on')) {
$conf->setPwdResetAllowScreenPassword('true');
}
else {
$conf->setPwdResetAllowScreenPassword('false');
}
if (isset($_POST['pwdResetForcePasswordChange']) && ($_POST['pwdResetForcePasswordChange'] == 'on')) {
$conf->setPwdResetForcePasswordChange('true');
}
else {
$conf->setPwdResetForcePasswordChange('false');
}
$conf->setPwdResetDefaultPasswordOutput($_POST['pwdResetDefaultPasswordOutput']);
if (!$conf->setLamProMailFrom($_POST['pwdResetMail_from'])) { if (!$conf->setLamProMailFrom($_POST['pwdResetMail_from'])) {
$errors[] = array("ERROR", _("From address for password mails is invalid."), htmlspecialchars($_POST['pwdResetMail_from'])); $errors[] = array("ERROR", _("From address for password mails is invalid."), htmlspecialchars($_POST['pwdResetMail_from']));
} }

View File

@ -612,6 +612,35 @@ class LAMConfigTest extends PHPUnit_Framework_TestCase {
$this->assertEquals($val, $this->lAMConfig->getJobSettings()); $this->assertEquals($val, $this->lAMConfig->getJobSettings());
} }
/**
* Tests settings of password reset page.
*/
public function testPwdResetPageSettings() {
$val = 'true';
$this->lAMConfig->setPwdResetAllowScreenPassword($val);
$this->assertEquals($val, $this->lAMConfig->getPwdResetAllowScreenPassword());
$this->doSave();
$this->assertEquals($val, $this->lAMConfig->getPwdResetAllowScreenPassword());
$val = 'true';
$this->lAMConfig->setPwdResetAllowSpecificPassword($val);
$this->assertEquals($val, $this->lAMConfig->getPwdResetAllowSpecificPassword());
$this->doSave();
$this->assertEquals($val, $this->lAMConfig->getPwdResetAllowSpecificPassword());
$val = 'true';
$this->lAMConfig->setPwdResetForcePasswordChange($val);
$this->assertEquals($val, $this->lAMConfig->getPwdResetForcePasswordChange());
$this->doSave();
$this->assertEquals($val, $this->lAMConfig->getPwdResetForcePasswordChange());
$val = LAMConfig::PWDRESET_DEFAULT_MAIL;
$this->lAMConfig->setPwdResetDefaultPasswordOutput($val);
$this->assertEquals($val, $this->lAMConfig->getPwdResetDefaultPasswordOutput());
$this->doSave();
$this->assertEquals($val, $this->lAMConfig->getPwdResetDefaultPasswordOutput());
}
/** /**
* Tests LAMConfig->getJobToken() * Tests LAMConfig->getJobToken()
*/ */