--- loncom/interface/domainprefs.pm 2019/07/23 01:30:35 1.364 +++ loncom/interface/domainprefs.pm 2019/08/25 02:42:55 1.365 @@ -1,7 +1,7 @@ # The LearningOnline Network with CAPA # Handler to set domain-wide configuration settings # -# $Id: domainprefs.pm,v 1.364 2019/07/23 01:30:35 raeburn Exp $ +# $Id: domainprefs.pm,v 1.365 2019/08/25 02:42:55 raeburn Exp $ # # Copyright Michigan State University Board of Trustees # @@ -6256,6 +6256,7 @@ sub print_passwords { } } elsif ($position eq 'lower') { my ($min,$max,%chars,$expire,$numsaved); + $min = $Apache::lonnet::passwdmin; if (ref($settings) eq 'HASH') { if ($settings->{min}) { $min = $settings->{min}; @@ -6272,8 +6273,6 @@ sub print_passwords { if ($settings->{numsaved}) { $numsaved = $settings->{numsaved}; } - } else { - $min = '7'; } my %rulenames = &Apache::lonlocal::texthash( uc => 'At least one upper case letter', @@ -6284,14 +6283,16 @@ sub print_passwords { $css_class = $itemcount%2?' class="LC_odd_row"':''; $datatable .= ''.$titles{'min'}.''. ''. - ''. - ' '.&mt('(Leave blank for no minimum)').''. + ''. + ' '.&mt('(Enter an integer: 7 or larger)').''. ''; $itemcount ++; $css_class = $itemcount%2?' class="LC_odd_row"':''; $datatable .= ''.$titles{'max'}.''. ''. - ''. + ''. ' '.&mt('(Leave blank for no maximum)').''. ''; $itemcount ++; @@ -6331,7 +6332,8 @@ sub print_passwords { $css_class = $itemcount%2?' class="LC_odd_row"':''; $datatable .= ''.$titles{'expire'}.''. ''. - ''. + ''. ' '.&mt('(Leave blank for no expiration)').''. ''; $itemcount ++; @@ -9295,16 +9297,22 @@ ENDSCRIPT } sub passwords_javascript { - my $intauthcheck = &mt('Warning: disallowing login for an authenticated user if the stored cost is less than the default will require a password reset by/for the user.'); - my $intauthcost = &mt('Warning: bcrypt encryption cost for internal authentication must be an integer.'); - &js_escape(\$intauthcheck); - &js_escape(\$intauthcost); + my %intalert = &Apache::lonlocal::texthash ( + authcheck => 'Warning: disallowing login for an authenticated user if the stored cost is less than the default will require a password reset by/for the user.', + authcost => 'Warning: bcrypt encryption cost for internal authentication must be an integer.', + passmin => 'Warning: minimum password length must be a positive integer greater than 6.', + passmax => 'Warning: maximum password length must be a positive integer (or blank).', + passexp => 'Warning: days before password expiration must be a positive integer (or blank).', + passnum => 'Warning: number of previous passwords to save must be a positive integer (or blank).', + ); + &js_escape(\%intalert); + my $defmin = $Apache::lonnet::passwdmin; my $intauthjs = <<"ENDSCRIPT"; function warnIntAuth(field) { if (field.name == 'intauth_check') { if (field.value == '2') { - alert('$intauthcheck'); + alert('$intalert{authcheck}'); } } if (field.name == 'intauth_cost') { @@ -9312,7 +9320,60 @@ function warnIntAuth(field) { if (field.value != '') { var regexdigit=/^\\d+\$/; if (!regexdigit.test(field.value)) { - alert('$intauthcost'); + alert('$intalert{authcost}'); + } + } + } + return; +} + +function warnIntPass(field) { + field.value.replace(/^\s+/,''); + field.value.replace(/\s+\$/,''); + var regexdigit=/^\\d+\$/; + if (field.name == 'passwords_min') { + if (field.value == '') { + alert('$intalert{passmin}'); + field.value = '$defmin'; + } else { + if (!regexdigit.test(field.value)) { + alert('$intalert{passmin}'); + field.value = '$defmin'; + } + var minval = parseFloat(field.value,10); + if (minval < $defmin) { + alert('$intalert{passmin}'); + field.value = '$defmin'; + } + } + } else { + if (field.value == '0') { + field.value = ''; + } + if (field.value != '') { + if (field.name == 'passwords_expire') { + var regexpposnum=/^\\d+(|\\.\\d*)\$/; + if (!regexpposnum.test(field.value)) { + alert('$intalert{passexp}'); + field.value = ''; + } else { + var expval = parseFloat(field.value); + if (expval == 0) { + alert('$intalert{passexp}'); + field.value = ''; + } + } + } else { + if (!regexdigit.test(field.value)) { + if (field.name == 'passwords_max') { + alert('$intalert{passmax}'); + } else { + if (field.name == 'passwords_numsaved') { + alert('$intalert{passnum}'); + } + } + } + field.value = ''; } } } @@ -14490,8 +14551,8 @@ sub modify_passwords { 'intauth_cost' => 10, 'intauth_check' => 0, 'intauth_switch' => 0, - 'min' => 7, ); + $staticdefaults{'min'} = $Apache::lonnet::passwdmin; foreach my $type (@oktypes) { $staticdefaults{'resetpostlink'}{$type} = ['email','username']; } @@ -14672,10 +14733,18 @@ sub modify_passwords { $env{'form.passwords_'.$rule} =~ s/^\s+|\s+$//g; my $ruleok; if ($rule eq 'expire') { - if ($env{'form.passwords_'.$rule} =~ /^\d+(|\.\d*)$/) { + if (($env{'form.passwords_'.$rule} =~ /^\d+(|\.\d*)$/) && + ($env{'form.passwords_'.$rule} ne '0')) { $ruleok = 1; } - } elsif ($env{'form.passwords_'.$rule} =~ /^\d+$/) { + } elsif ($rule eq 'min') { + if ($env{'form.passwords_'.$rule} =~ /^\d+$/) { + if ($env{'form.passwords_'.$rule} >= $Apache::lonnet::passwdmin) { + $ruleok = 1; + } + } + } elsif (($env{'form.passwords_'.$rule} =~ /^\d+$/) && + ($env{'form.passwords_'.$rule} ne '0')) { $ruleok = 1; } if ($ruleok) { @@ -14885,7 +14954,8 @@ sub modify_passwords { if ($confighash{'passwords'}{$rule} eq '') { if ($rule eq 'min') { $resulttext .= '
  • '.&mt('[_1] not set.',$titles{$rule}); - ' '.&mt('Default of 7 will be used').'
    • '; + ' '.&mt('Default of [_1] will be used', + $Apache::lonnet::passwdmin).''; } else { $resulttext .= '
  • '.&mt('[_1] set to none',$titles{$rule}).'
    • '; }