Password: README, Style, CS improvements, bump version, update changelog

pull/6517/head
Aleksander Machniak 6 years ago
parent 75d6687cac
commit cd9ec7983b

@ -13,6 +13,11 @@ CHANGELOG Roundcube Webmail
- Password: Added 'modoboa' driver (#6361)
- Password: Fix bug where password_dovecotpw_with_method setting could be ignored (#6436)
- Password: Fix bug where new users could skip forced password change (#6434)
- Password: Allow drivers to override default password comparisons (eg new is not same as current) (#6473)
- Password: Allow drivers to override default strength checks (eg allow for 'not the same as last x passwords') (#246)
- Passowrd: Allow drivers to define password strength rules displayed to the user
- Password: Allow separate password saving and strength drivers for use of strength checking services (#5040)
- Password: Add zxcvbn driver for checking password strength (#6479)
- Elastic: On touch devices display attachment icons on messages list (#6296)
- Elastic: Make menu button inactive if all subactions are inactive (#6444)
- Elastic: On mobile/tablet jump to the list on folder selection (#6415)

@ -23,30 +23,33 @@
1. Configuration
2. Drivers
2.1. Database (sql)
2.2. Cyrus/SASL (sasl)
2.3. Poppassd/Courierpassd (poppassd)
2.4. LDAP (ldap)
2.5. DirectAdmin Control Panel (directadmin)
2.6. cPanel
2.6.1. cPanel WHM (cpanel)
2.6.2. cPanel Webmail (cpanel_webmail)
2.7. XIMSS/Communigate (ximms)
2.8. Virtualmin (virtualmin)
2.9. hMailServer (hmail)
2.10. PAM (pam)
2.11. Chpasswd (chpasswd)
2.12. LDAP - no PEAR (ldap_simple)
2.13. XMail (xmail)
2.14. Pw (pw_usermod)
2.15. domainFACTORY (domainfactory)
2.16. DBMail (dbmail)
2.17. Expect (expect)
2.18. Samba (smb)
2.19. Vpopmail daemon (vpopmaild)
2.20. Plesk (Plesk RPC-API)
2.21. Kpasswd
2.22. Modoboa
2.1. Password Change Drivers
2.1.1. Database (sql)
2.1.2. Cyrus/SASL (sasl)
2.1.3. Poppassd/Courierpassd (poppassd)
2.1.4. LDAP (ldap)
2.1.5. DirectAdmin Control Panel (directadmin)
2.1.6. cPanel
2.1.6.1. cPanel WHM (cpanel)
2.1.6.2. cPanel Webmail (cpanel_webmail)
2.1.7. XIMSS/Communigate (ximms)
2.1.8. Virtualmin (virtualmin)
2.1.9. hMailServer (hmail)
2.1.10. PAM (pam)
2.1.11. Chpasswd (chpasswd)
2.1.12. LDAP - no PEAR (ldap_simple)
2.1.13. XMail (xmail)
2.1.14. Pw (pw_usermod)
2.1.15. domainFACTORY (domainfactory)
2.1.16. DBMail (dbmail)
2.1.17. Expect (expect)
2.1.18. Samba (smb)
2.1.19. Vpopmail daemon (vpopmaild)
2.1.20. Plesk (Plesk RPC-API)
2.1.21. Kpasswd
2.1.22. Modoboa
2.2. Password Strength Drivers
2.2.1. Zxcvbn
3. Driver API
4. Sudo setup
@ -68,6 +71,7 @@
Password plugin supports many password change mechanisms which are
handled by included drivers. Just pass driver name in 'password_driver' option.
2.1.1. Database (sql)
---------------------
@ -384,6 +388,8 @@
-------------
Driver to use the Zxcvbn library to check password strength. Requires zxcvbn-php library.
The library is not distributed with Roundcube (see composer.json-dist).
Note: Required PHP's memory_limit >= 24M.
Set $config['password_zxcvbn_min_score'] to define minimum acceptable password strength score.
@ -399,8 +405,8 @@
containing this method can be used in `password_strength_driver` (the strength driver). To enable
strength checks ensure `password_check_strength` is set to true.
The save() method, used for changing the password has two arguments:
First - current password, second - new password.
The save() method, used for changing the password has three arguments:
First - current password, second - new password, third - current username.
This method should return PASSWORD_SUCCESS on success or any of PASSWORD_CONNECT_ERROR,
PASSWORD_CRYPT_ERROR, PASSWORD_ERROR when driver was unable to change password.
Extended result (as a hash-array with 'message' and 'code' items) can be returned

@ -3,7 +3,7 @@
"type": "roundcube-plugin",
"description": "Password Change for Roundcube. Plugin adds a possibility to change user password using many methods (drivers) via Settings/Password tab.",
"license": "GPLv3+",
"version": "4.5",
"version": "5.0",
"authors": [
{
"name": "Aleksander Machniak",

@ -24,8 +24,6 @@
* along with this program. If not, see http://www.gnu.org/licenses/.
*/
use ZxcvbnPhp\Zxcvbn;
class rcube_zxcvbn_password
{
function strength_rules()
@ -42,8 +40,17 @@ class rcube_zxcvbn_password
function check_strength($passwd)
{
if (!class_exists('ZxcvbnPhp\Zxcvbn')) {
rcube::raise_error(array(
'code' => 600,
'file' => __FILE__, 'line' => __LINE__,
'message' => "Password plugin: Zxcvbn library not found."
), true, false);
return;
}
$rcmail = rcmail::get_instance();
$zxcvbn = new Zxcvbn();
$zxcvbn = new ZxcvbnPhp\Zxcvbn();
$strength = $zxcvbn->passwordStrength($passwd);
$result = null;

@ -289,7 +289,7 @@ class password extends rcube_plugin
}
if (!empty($rules)) {
$rules = html::tag('ul', array('id' => 'ruleslist'), $rules);
$rules = html::tag('ul', array('id' => 'ruleslist', 'class' => 'hint proplist'), $rules);
}
$disabled_msg = '';
@ -324,12 +324,12 @@ class password extends rcube_plugin
private function _compare($curpwd, $newpwd, $type)
{
$result = null;
if (!($driver = $this->_load_driver()))
return $this->gettext('internalerror');
$driver = $this->_load_driver();
if (method_exists($driver, 'compare')) {
if (!$driver) {
$result = $this->gettext('internalerror');
}
else if (method_exists($driver, 'compare')) {
$result = $driver->compare($curpwd, $newpwd, $type);
}
else {
@ -350,12 +350,12 @@ class password extends rcube_plugin
private function _strength_rules()
{
$result = null;
if (!($driver = $this->_load_driver('strength')))
return $this->gettext('internalerror');
$driver = $this->_load_driver('strength');
if (method_exists($driver, 'strength_rules')) {
if (!$driver) {
$result = null;
}
else if (method_exists($driver, 'strength_rules')) {
$result = $driver->strength_rules();
}
else {
@ -371,25 +371,24 @@ class password extends rcube_plugin
private function _check_strength($passwd)
{
$result = null;
$driver = $this->_load_driver('strength');
if (!($driver = $this->_load_driver('strength')))
if (!$driver) {
return $this->gettext('internalerror');
}
if (method_exists($driver, 'check_strength')) {
$result = $driver->check_strength($passwd);
}
else {
$result = (!preg_match("/[0-9]/", $passwd) || !preg_match("/[^A-Za-z0-9]/", $passwd)) ? $this->gettext('passwordweak') : null;
return $driver->check_strength($passwd);
}
return $result;
return (!preg_match("/[0-9]/", $passwd) || !preg_match("/[^A-Za-z0-9]/", $passwd)) ? $this->gettext('passwordweak') : null;
}
private function _save($curpass, $passwd)
{
if (!($driver = $this->_load_driver()))
if (!($driver = $this->_load_driver())) {
return $this->gettext('internalerror');
}
$result = $driver->save($curpass, $passwd, self::username());
$message = '';
@ -441,7 +440,7 @@ class password extends rcube_plugin
'code' => 600,
'type' => 'php',
'file' => __FILE__, 'line' => __LINE__,
'message' => "Password plugin: Unable to open driver file ($file)"
'message' => "Password plugin: Driver file does not exist ($file)"
), true, false);
return false;
}
@ -459,12 +458,10 @@ class password extends rcube_plugin
}
$this->drivers[$type] = new $class;
return $this->drivers[$type];
}
else {
return $this->drivers[$type];
}
}
function user_create($args)
{

Loading…
Cancel
Save