[Bps-public-commit] rt-extension-resetpassword branch, master, updated. 1.09-4-gf830313
? sunnavy
sunnavy at bestpractical.com
Tue Mar 2 06:46:53 EST 2021
The branch, master has been updated
via f8303135e445ac3807be2b2c3ca09f5cb10cd878 (commit)
via abee4685935b617f13da32ff1d98762ed09ce942 (commit)
via dbf9b15dbb9cd7606fbde542a66e9e4783c0ed2d (commit)
via 4aff3216ca3b23d0c46828e8daa978ee77e21905 (commit)
from ce01719e5bfed86c84a355de15a9f8528bf88e14 (commit)
Summary of changes:
Changes | 4 +++
META.yml | 2 +-
README | 9 +++++
.../Admin/Users/Modify.html/BeforeUpdate | 14 ++++++++
html/Elements/EditPassword | 40 ++++++++++++++++++++++
lib/RT/Extension/ResetPassword.pm | 40 +++++++++++++++++++++-
6 files changed, 107 insertions(+), 2 deletions(-)
- Log -----------------------------------------------------------------
commit 4aff3216ca3b23d0c46828e8daa978ee77e21905
Author: Jim Brandt <jbrandt at bestpractical.com>
Date: Mon Mar 1 15:49:26 2021 -0500
Provide a way to delete a user's password
RT's default password controls always require a new value
once a password has been set, so there is no way to clear
a password once set.
Provide a way to do this since ResetPassword has an option to
allow or deny password resets based on a password already
being set.
diff --git a/README b/README
index 8418396..dd44569 100644
--- a/README
+++ b/README
@@ -99,6 +99,14 @@ CONFIGURATION
not have a password value to send themselves a reset password email
and set a password.
+ Setting this to false (0) requires a user to already have a password
+ to use the reset feature. This is useful for managing access and not
+ automatically allowing new accounts to get a password.
+
+ This extension adds a "Delete password" option to the user admin
+ page to allow you to clear passwords if a user should no longer have
+ access.
+
$CreateNewUserAsPrivileged
Set this config value to true if users creating a new account should
default to privileged users.
diff --git a/html/Callbacks/RT-Extension-ResetPassword/Admin/Users/Modify.html/BeforeUpdate b/html/Callbacks/RT-Extension-ResetPassword/Admin/Users/Modify.html/BeforeUpdate
index b1ff0b2..193dda9 100644
--- a/html/Callbacks/RT-Extension-ResetPassword/Admin/Users/Modify.html/BeforeUpdate
+++ b/html/Callbacks/RT-Extension-ResetPassword/Admin/Users/Modify.html/BeforeUpdate
@@ -18,6 +18,20 @@ if ( ( $ARGS{'SendPasswordResetEmail'} || $session{'SendPasswordResetEmail'} ) &
}
}
delete $session{'SendPasswordResetEmail'};
+
+# Handle DeleteUserPassword
+if ( $ARGS{'DeleteUserPassword'} ) {
+ my ($ret, $msg) = $User->UnsetPassword();
+ if ( $ret ) {
+ push @{$Results}, $msg;
+ }
+ else {
+ push @{$Results}, 'Unable to delete password';
+ RT::Logger->error( "$msg" );
+ }
+}
+
+
</%INIT>
<%ARGS>
$Results
diff --git a/html/Elements/EditPassword b/html/Elements/EditPassword
index aa408f0..750bbd8 100644
--- a/html/Elements/EditPassword
+++ b/html/Elements/EditPassword
@@ -54,6 +54,16 @@
</div>
</div>
</div>
+% if ( $User->HasPassword ) {
+ <div class="form-row">
+ <div class="col-12">
+ <div class="custom-control custom-checkbox">
+ <input value="1" class="custom-control-input checkbox" id="DeleteUserPassword" name="DeleteUserPassword" type="checkbox" />
+ <label class="custom-control-label" for="DeleteUserPassword"><&|/l&>Delete password (User will have no password set)</&></label>
+ </div>
+ </div>
+ </div>
+% }
% unless ( $cond{'CanSet'} ) {
<% $cond{'Reason'} %><br />
@@ -92,6 +102,10 @@
% else {
<input value="1" <% $session{'SendPasswordResetEmail'} ? 'checked' : '' %> id="SendPasswordResetEmail" name="SendPasswordResetEmail" type="checkbox"></input>
<label for="SendPasswordResetEmail"><&|/l&>Send new password email</&></label><br />
+% if ( $User->HasPassword ) {
+<input value="1" class="checkbox" id="DeleteUserPassword" name="DeleteUserPassword" type="checkbox" />
+<label for="DeleteUserPassword"><&|/l&>Delete password (User will have no password set)</&></label>
+% }
% unless ( $cond{'CanSet'} ) {
<% $cond{'Reason'} %><br />
diff --git a/lib/RT/Extension/ResetPassword.pm b/lib/RT/Extension/ResetPassword.pm
index 01f712a..1ad7522 100644
--- a/lib/RT/Extension/ResetPassword.pm
+++ b/lib/RT/Extension/ResetPassword.pm
@@ -55,6 +55,35 @@ sub CreateTokenAndResetPassword {
return ($status, $msg);
}
+
+# Add to RT::User for possible addition to core RT in the future.
+
+package RT::User;
+
+# Set the password for this user back to no value. This is useful for
+# features like ResetPassword that might use the existence of a password
+# to determine if a user should be allowed to reset. Also possibly useful
+# for clearing old passwords after switching to different authentication
+# for RT.
+
+sub UnsetPassword {
+ my $self = shift;
+
+ unless ( $self->CurrentUserCanModify('Password') ) {
+ return ( 0, $self->loc('Password: Permission Denied') );
+ }
+
+ my ( $val, $msg ) = $self->_Set(Field => 'Password', Value => '');
+ if ($val) {
+ return ( 1, $self->loc("Password unset") );
+ }
+ else {
+ return ( $val, $msg );
+ }
+}
+
+package RT::Extension::ResetPassword;
+
=head1 NAME
RT::Extension::ResetPassword - add "forgot your password?" link to RT instance
@@ -173,6 +202,14 @@ Setting this config option to true will allow existing users who do
not have a password value to send themselves a reset password email
and set a password.
+Setting this to false (0) requires a user to already have a password
+to use the reset feature. This is useful for managing access and
+not automatically allowing new accounts to get a password.
+
+This extension adds a "Delete password" option to the user admin
+page to allow you to clear passwords if a user should no longer have
+access.
+
=item C<$CreateNewUserAsPrivileged>
Set this config value to true if users creating a new account should
commit dbf9b15dbb9cd7606fbde542a66e9e4783c0ed2d
Author: Jim Brandt <jbrandt at bestpractical.com>
Date: Mon Mar 1 16:32:09 2021 -0500
Display password status on the user admin page
Without this display, there is no way for an RT admin
to tell whether a user currently has a password set
and might therefore be able to use the password reset
feature to get access to RT.
diff --git a/README b/README
index dd44569..a8a2d7c 100644
--- a/README
+++ b/README
@@ -103,9 +103,10 @@ CONFIGURATION
to use the reset feature. This is useful for managing access and not
automatically allowing new accounts to get a password.
- This extension adds a "Delete password" option to the user admin
- page to allow you to clear passwords if a user should no longer have
- access.
+ This extension adds a "Password Status" at the bottom of the Access
+ control section on the user admin page which shows whether the user
+ currently has a password set. The "Delete password" option allows
+ you to clear passwords if a user should no longer have access.
$CreateNewUserAsPrivileged
Set this config value to true if users creating a new account should
diff --git a/html/Elements/EditPassword b/html/Elements/EditPassword
index 750bbd8..2fe682e 100644
--- a/html/Elements/EditPassword
+++ b/html/Elements/EditPassword
@@ -97,6 +97,17 @@
<input type="password" class="form-control" name="<% $Name[2] %>" size="16" autocomplete="off" />
</div>
</div>
+
+% if ( $User->Id ) {
+ <div class="form-row">
+ <div class="label col-3">
+ <&|/l&>Password Status</&>:
+ </div>
+ <div class="value col-9">
+ <span class="current-value form-control"><% $password_status %></span>
+ </div>
+ </div>
+% }
% }
% }
% else {
@@ -129,6 +140,13 @@
<td class="value"><input type="password" name="<% $Name[2] %>" size="16" autocomplete="off" /></td>
</tr>
+% if ( $User->Id ) {
+<tr>
+<td class="label"><&|/l&>Password Status</&>:</td>
+<td class="value"><% $password_status %></td>
+</tr>
+% }
+
</table>
% }
% }
@@ -140,4 +158,12 @@ $User
my %cond = $User->CurrentUserRequireToSetPassword;
+# Does this user currently have a password?
+my $password_status;
+if ( $User->HasPassword ) {
+ $password_status = loc('Password is set');
+}
+else {
+ $password_status = loc('No password set');
+}
</%INIT>
diff --git a/lib/RT/Extension/ResetPassword.pm b/lib/RT/Extension/ResetPassword.pm
index 1ad7522..3c45359 100644
--- a/lib/RT/Extension/ResetPassword.pm
+++ b/lib/RT/Extension/ResetPassword.pm
@@ -206,9 +206,10 @@ Setting this to false (0) requires a user to already have a password
to use the reset feature. This is useful for managing access and
not automatically allowing new accounts to get a password.
-This extension adds a "Delete password" option to the user admin
-page to allow you to clear passwords if a user should no longer have
-access.
+This extension adds a "Password Status" at the bottom of the Access control
+section on the user admin page which shows whether the user currently
+has a password set. The "Delete password" option allows you to clear
+passwords if a user should no longer have access.
=item C<$CreateNewUserAsPrivileged>
commit abee4685935b617f13da32ff1d98762ed09ce942
Merge: ce01719 dbf9b15
Author: sunnavy <sunnavy at bestpractical.com>
Date: Tue Mar 2 18:58:56 2021 +0800
Merge branch 'show-password-status'
commit f8303135e445ac3807be2b2c3ca09f5cb10cd878
Author: sunnavy <sunnavy at bestpractical.com>
Date: Tue Mar 2 19:00:25 2021 +0800
Prep 1.10 release
diff --git a/Changes b/Changes
index a0f47c4..c20acb4 100644
--- a/Changes
+++ b/Changes
@@ -1,5 +1,9 @@
Revision history for Perl module RT::Extension::ResetPassword
+1.10 2021-03-02
+ - Provide a way to delete a user's password
+ - Display password status on the user admin page
+
1.09 2021-02-22
- Provide a config option($ResetPasswordFromAddress) to set email From address
diff --git a/META.yml b/META.yml
index e5b89ce..e31fceb 100644
--- a/META.yml
+++ b/META.yml
@@ -24,6 +24,6 @@ requires:
perl: 5.8.3
resources:
license: http://opensource.org/licenses/gpl-license.php
-version: '1.09'
+version: '1.10'
x_module_install_rtx_version: '0.42'
x_requires_rt: 4.0.0
diff --git a/lib/RT/Extension/ResetPassword.pm b/lib/RT/Extension/ResetPassword.pm
index 3c45359..c10ccc7 100644
--- a/lib/RT/Extension/ResetPassword.pm
+++ b/lib/RT/Extension/ResetPassword.pm
@@ -5,7 +5,7 @@ use warnings;
use Digest::SHA qw(sha256_hex);
-our $VERSION = '1.09';
+our $VERSION = '1.10';
RT->AddStyleSheets("resetpassword.css");
-----------------------------------------------------------------------
More information about the Bps-public-commit
mailing list