From c04ee71dddadb2c8f8ab3685fc89679b6126b1ce Mon Sep 17 00:00:00 2001 From: Roland Gruber Date: Sun, 31 Jan 2016 16:45:52 +0000 Subject: [PATCH] pwdExpireWarning for PPolicy notification job --- lam/HISTORY | 1 + lam/docs/manual-sources/howto.xml | 18 +++++++++++-- lam/tests/lib/modules/ppolicyUserTest.php | 32 ++++++++++++++++++++--- 3 files changed, 46 insertions(+), 5 deletions(-) diff --git a/lam/HISTORY b/lam/HISTORY index 5466ec25..3807f0fc 100644 --- a/lam/HISTORY +++ b/lam/HISTORY @@ -10,6 +10,7 @@ March 2016 5.3 - LAM Pro: -> Support for LDAP views based on nsview object class -> Password notification jobs support to print expiration date in email + -> PPolicy password notification job takes pwdExpireWarning into account 15.12.2015 5.2 diff --git a/lam/docs/manual-sources/howto.xml b/lam/docs/manual-sources/howto.xml index b259e501..4f8d01b8 100644 --- a/lam/docs/manual-sources/howto.xml +++ b/lam/docs/manual-sources/howto.xml @@ -2006,8 +2006,22 @@ mysql> GRANT ALL PRIVILEGES ON lam_cron.* TO 'lam_cron'@'localhost'; second warning at a later time). LAM calculates the expiration date based on the last password - change and the assigned password policy (or the default - policy). + change and the assigned password policy (or the default policy) + using attributes pwdMaxAge and pwdExpireWarning. + + Examples: + + Warning time (pwdExpireWarning) = 14 days, notification period + = 10: LAM will send out the email 24 days before the password + expires + + Warning time (pwdExpireWarning) = 14 days, notification period + = 0: LAM will send out the email 14 days before the password + expires + + No warning time (pwdExpireWarning), notification period = 10: + LAM will send out the email 10 days before the password + expires diff --git a/lam/tests/lib/modules/ppolicyUserTest.php b/lam/tests/lib/modules/ppolicyUserTest.php index 0b69f91d..71fbd343 100644 --- a/lam/tests/lib/modules/ppolicyUserTest.php +++ b/lam/tests/lib/modules/ppolicyUserTest.php @@ -52,9 +52,9 @@ class PPolicyUserPasswordNotifyJobTest extends PHPUnit_Framework_TestCase { $this->job->method('getConfigPrefix')->willReturn('test'); $this->job->method('sendMail')->willReturn(true); $this->job->method('getPolicyOptions')->willReturn(array( - PPolicyUserPasswordNotifyJobTest::ONE_YEAR_POLICY => 365 * 3600 * 24, - PPolicyUserPasswordNotifyJobTest::DEFAULT_POLICY => 14 * 3600 * 24, - PPolicyUserPasswordNotifyJobTest::NOEXPIRE_POLICY => 0, + PPolicyUserPasswordNotifyJobTest::ONE_YEAR_POLICY => array('pwdmaxage' => 365 * 3600 * 24), + PPolicyUserPasswordNotifyJobTest::DEFAULT_POLICY => array('pwdmaxage' => 14 * 3600 * 24), + PPolicyUserPasswordNotifyJobTest::NOEXPIRE_POLICY => array('pwdmaxage' => 0), )); $this->options['test_mailNotificationPeriod' . PPolicyUserPasswordNotifyJobTest::JOB_ID][0] = PPolicyUserPasswordNotifyJobTest::WARNING; $this->options['test_mailDefaultPolicy' . PPolicyUserPasswordNotifyJobTest::JOB_ID][0] = PPolicyUserPasswordNotifyJobTest::DEFAULT_POLICY; @@ -188,6 +188,32 @@ class PPolicyUserPasswordNotifyJobTest extends PHPUnit_Framework_TestCase { $this->job->execute(PPolicyUserPasswordNotifyJobTest::JOB_ID, $this->options, $pdo, true); } + public function testGetWarningTimeInSeconds() { + $confDays = 7; + $policy = array('pwdmaxage' => 365 * 3600 * 24, 'pwdexpirewarning' => 10000); + + $seconds = $this->job->getWarningTimeInSeconds($confDays, $policy); + + $this->assertEquals((7*3600*24 + 10000), $seconds); + + + $confDays = 0; + $policy = array('pwdmaxage' => 365 * 3600 * 24, 'pwdexpirewarning' => 10000); + + $seconds = $this->job->getWarningTimeInSeconds($confDays, $policy); + + $this->assertEquals(10000, $seconds); + + + $confDays = 7; + $policy = array('pwdmaxage' => 365 * 3600 * 24); + + $seconds = $this->job->getWarningTimeInSeconds($confDays, $policy); + + $this->assertEquals(7*3600*24, $seconds); + + } + }