From: Llewellyn Marshall Date: Mon, 13 Jun 2022 20:59:54 +0000 (-0400) Subject: SQL for database insertions. Added ability to check password age against variable... X-Git-Url: https://old-git.evergreen-ils.org/?a=commitdiff_plain;h=e85cffe0684ae9681c81c87624719e3c187091fb;p=working%2FEvergreen.git SQL for database insertions. Added ability to check password age against variable reference date. Added documentation on API call. Created a test case for password age. wrap all english text in i18n functions, fix error in seed vals & upgrade sql change "action" to "actor" in field mapped class remove log, show message 7 days earlier on staff splash --- diff --git a/Open-ILS/examples/fm_IDL.xml b/Open-ILS/examples/fm_IDL.xml index 013ee908ee..91c39153a1 100644 --- a/Open-ILS/examples/fm_IDL.xml +++ b/Open-ILS/examples/fm_IDL.xml @@ -2409,7 +2409,7 @@ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA - + diff --git a/Open-ILS/src/perlmods/lib/OpenILS/Application/Actor.pm b/Open-ILS/src/perlmods/lib/OpenILS/Application/Actor.pm index 46dda80ccf..432cacd440 100644 --- a/Open-ILS/src/perlmods/lib/OpenILS/Application/Actor.pm +++ b/Open-ILS/src/perlmods/lib/OpenILS/Application/Actor.pm @@ -4997,11 +4997,20 @@ sub get_barcodes { __PACKAGE__->register_method( method => "get_password_last_edit_age", - api_name => "open-ils.actor.get_password_age" + api_name => "open-ils.actor.get_password_age", + signature => { + desc => "Finds the number of days since a user's password was last updated.", + params => [ + {desc => 'Authentication token', type => 'string'}, + {desc => 'Patron ID', type => 'number'}, + {desc => 'Reference Time', type => 'string'}, + ], + return => {desc => 'Number of days since password update'} + } ); sub get_password_last_edit_age { - my( $self, $client, $auth, $patron_id ) = @_; + my( $self, $client, $auth, $patron_id, $ref_time ) = @_; my $e = new_editor(authtoken => $auth); return $e->event unless $e->checkauth; my $patron = $e->retrieve_actor_user($patron_id); @@ -5021,13 +5030,12 @@ sub get_password_last_edit_age { }); if(defined $aupsds){ - my $pwd = $aupsds->[0]; - #convert the dates with the DateTime module + my $pwd = $aupsds->[0]; if($pwd){ + #convert the dates with the DateTime module my $edit_datetime = DateTime::Format::ISO8601->parse_datetime(clean_ISO8601($pwd->{'edit_date'})); - #get time in days since last password update - #my $now = DateTime->today()->iso8601(); - my $now = DateTime->now(); + #get the time we are subtracting from, use ref_time if it's defined or the current datetime otherwise + my $now = defined($ref_time) ? DateTime::Format::ISO8601->parse_datetime(clean_ISO8601($ref_time)) : DateTime->now(); my $duration = $now->subtract_datetime_absolute($edit_datetime)->delta_seconds / (24*60*60); return int($duration); diff --git a/Open-ILS/src/perlmods/live_t/33-password-age.t b/Open-ILS/src/perlmods/live_t/33-password-age.t new file mode 100644 index 0000000000..f2d2007eeb --- /dev/null +++ b/Open-ILS/src/perlmods/live_t/33-password-age.t @@ -0,0 +1,87 @@ +#!perl +use constant FUTURE_DAYS => 150; +use strict; use warnings; +use Test::More tests => 4; +use OpenILS::Utils::TestUtils; +use OpenILS::Const qw(:const); +use OpenILS::Utils::CStoreEditor qw/:funcs/; +use OpenILS::Utils::Fieldmapper; +use DateTime; +use DateTime::Format::ISO8601; + +diag("test password age"); + +my $U = 'OpenILS::Application::AppUtils'; + +my $script = OpenILS::Utils::TestUtils->new(); +$script->bootstrap; + +$script->authenticate({ + username => 'admin', + password => 'demo123', + type => 'staff' +}); + +my $authtoken = $script->authtoken; +ok($authtoken, 'was able to authenticate'); + +my $new_user = Fieldmapper::actor::user->new(); +my $new_card = Fieldmapper::actor::card->new(); + +$new_card->barcode("lew_$$"); +$new_card->id(-1); # virtual ID +$new_card->usr(undef); +$new_card->isnew(1); + +$new_user->cards([ $new_card ]); +$new_user->card($new_card); +$new_user->usrname("lew_$$"); +$new_user->passwd('lew_$$'); +$new_user->family_name('Marshall'); +$new_user->first_given_name('Llewellyn'); +$new_user->profile(2); +$new_user->home_ou(4); +$new_user->ident_type(1); +$new_user->isnew(1); + +my $resp = $U->simplereq( + 'open-ils.actor', + 'open-ils.actor.patron.update', + $authtoken, + $new_user +); + +isa_ok($resp, 'Fieldmapper::actor::user', 'new patron'); + +my $new_id = $resp->id(); + +$resp = $U->simplereq( + 'open-ils.actor', + 'open-ils.actor.get_password_age', + $authtoken, + $new_id +); + +cmp_ok($resp, '==', 0, 'Password age on new user is 0 days'); + +my $dt = DateTime->now(); + +$dt->add( days => FUTURE_DAYS ); + +$resp = $U->simplereq( + 'open-ils.actor', + 'open-ils.actor.get_password_age', + $authtoken, + $new_id, + $dt->iso8601() +); + +cmp_ok($resp, '==', FUTURE_DAYS, FUTURE_DAYS." days from now, Password age on new user is ".FUTURE_DAYS." days"); + +# clean up +$U->simplereq( + 'open-ils.actor', + 'open-ils.actor.user.delete', + $authtoken, + $new_id +); \ No newline at end of file diff --git a/Open-ILS/src/sql/Pg/950.data.seed-values.sql b/Open-ILS/src/sql/Pg/950.data.seed-values.sql index ad3c3e5dfc..299354438a 100644 --- a/Open-ILS/src/sql/Pg/950.data.seed-values.sql +++ b/Open-ILS/src/sql/Pg/950.data.seed-values.sql @@ -21305,6 +21305,40 @@ INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable) aout.name = 'Consortium' AND (perm.code = 'ADMIN_GEOLOCATION_SERVICES' OR perm.code = 'VIEW_GEOLOCATION_SERVICES'); +-- Password age reset + +INSERT INTO config.org_unit_setting_type + (name, grp, label, description, datatype) + VALUES ( + 'global.password_reset_age', + 'glob', + oils_i18n_gettext( + 'global.password_reset_age', + 'Password Reset Age', + 'coust', + 'label' + ), + oils_i18n_gettext( + 'global.password_reset_age', + 'The number of days after a password has been changed before ' || + 'users will be alerted that they should update it.', + 'coust', + 'description' + ), + 'integer' + ); + +INSERT INTO action_trigger.hook (key,core_type,description,passive) VALUES ( + 'au.passwd_changed', + 'au', + 'A user\'s password was updated', + false +); + +INSERT INTO action_trigger.validator (module, description) VALUES ( + 'PatronOldPassword', 'Confirm that the patron has not updated their password since this event was created.' +); + ------------------- Disabled example A/T defintions ------------------------------ -- Create a "dummy" slot when applicable, and trigger the "offer curbside" events diff --git a/Open-ILS/src/sql/Pg/upgrade/xxxx.data.password_age_reset.sql b/Open-ILS/src/sql/Pg/upgrade/xxxx.data.password_age_reset.sql new file mode 100644 index 0000000000..63a3c87e4a --- /dev/null +++ b/Open-ILS/src/sql/Pg/upgrade/xxxx.data.password_age_reset.sql @@ -0,0 +1,40 @@ +BEGIN; + +--SELECT evergreen.upgrade_deps_block_check('xxxx', :eg_version); + +-- password age display setting + +INSERT INTO config.org_unit_setting_type + (name, grp, label, description, datatype) + VALUES ( + 'global.password_reset_age', + 'glob', + oils_i18n_gettext( + 'global.password_reset_age', + 'Password Reset Age', + 'coust', + 'label' + ), + oils_i18n_gettext( + 'global.password_reset_age', + 'The number of days after a password has been changed before ' || + 'users will be alerted that they should update it.', + 'coust', + 'description' + ), + 'integer' + ); + +INSERT INTO action_trigger.hook (key,core_type,description,passive) VALUES ( + 'au.passwd_changed', + 'au', + 'A user\'s password was updated', + false +); + +INSERT INTO action_trigger.validator (module, description) VALUES ( + 'PatronOldPassword', 'Confirm that the patron has not updated their password since this event was created.' +); + +--ROLLBACK; +COMMIT; \ No newline at end of file diff --git a/Open-ILS/src/templates-bootstrap/opac/myopac/main.tt2 b/Open-ILS/src/templates-bootstrap/opac/myopac/main.tt2 index 1454b4d5eb..2a11559b9d 100755 --- a/Open-ILS/src/templates-bootstrap/opac/myopac/main.tt2 +++ b/Open-ILS/src/templates-bootstrap/opac/myopac/main.tt2 @@ -19,9 +19,9 @@ [% need_password_change = ctx.password_age == -1 || ctx.password_age >= ctx.password_age_reminder %]
[% IF ctx.password_age == -1 %] - You have never changed your password. Please consider updating your password. + [% l('You have never changed your password. Please consider updating your password.') %] [% ELSIF ctx.password_age >= (ctx.password_age_reminder - 7) %] - Your password is [% ctx.password_age %] days old[%- IF !need_password_change %], you will be asked to change it soon.[%- ELSE %]. We recommend passwords be updated every [% ctx.password_age_reminder %] days. Please consider updating your password.[% END %] + [% l('Your password is [_1] days old.',ctx.password_age) %][%- IF !need_password_change %] [% l('You will be asked to change your password soon.') %][%- ELSE %] [% l('It is recommended to update your password every [_1] days. Please consider updating your password.',ctx.password_age_reminder) %][% END %] [% END %] [% IF need_password_change %]
diff --git a/Open-ILS/src/templates/staff/circ/patron/t_edit.tt2 b/Open-ILS/src/templates/staff/circ/patron/t_edit.tt2 index a08b05c3bb..25de4ef250 100644 --- a/Open-ILS/src/templates/staff/circ/patron/t_edit.tt2 +++ b/Open-ILS/src/templates/staff/circ/patron/t_edit.tt2 @@ -226,8 +226,8 @@ within the "form" by name for validation.
-
Password last changed {{password_age}} day(s) ago
-
User has never changed their password
+
[% l('Password last changed [_1] day(s) ago', '{{password_age}}') %]
+
[% l('User has never changed their password') %]
diff --git a/Open-ILS/src/templates/staff/t_splash.tt2 b/Open-ILS/src/templates/staff/t_splash.tt2 index b7184a279b..e25febd694 100644 --- a/Open-ILS/src/templates/staff/t_splash.tt2 +++ b/Open-ILS/src/templates/staff/t_splash.tt2 @@ -5,14 +5,14 @@

Evergreen Staff Client Home Page

-
Your password is {{password_age}} days old. It is recommended that passwords be updated every {{password_reset_age}} days. +
[% l('Your password is [_1] days old. It is recommended that passwords be updated every [_2] days.','{{password_age}}','{{password_reset_age}}') %]

- Please contact an adminstrator to have your password changed. + [% l('Please contact an administrator to have your password changed.') %]

diff --git a/Open-ILS/web/js/ui/default/staff/circ/patron/regctl.js b/Open-ILS/web/js/ui/default/staff/circ/patron/regctl.js index de023c3f98..38b9dc0e85 100644 --- a/Open-ILS/web/js/ui/default/staff/circ/patron/regctl.js +++ b/Open-ILS/web/js/ui/default/staff/circ/patron/regctl.js @@ -413,7 +413,6 @@ angular.module('egCoreMod') service.org_settings = settings; if (egCore && egCore.env && !egCore.env.aous) { egCore.env.aous = settings; - console.log('setting egCore.env.aous'); } return service.process_org_settings(settings); });