From 73465ed3cf0367913ffacc27f4aec0858fceb63b Mon Sep 17 00:00:00 2001 From: Llewellyn Marshall Date: Wed, 29 Jun 2022 16:33:11 -0400 Subject: [PATCH] add home ou to aupsd so it can be used as a context org for passive event filter. change to passive event for password change --- Open-ILS/examples/fm_IDL.xml | 6 +++- .../src/perlmods/lib/OpenILS/Application/Actor.pm | 11 ++---- .../lib/OpenILS/Application/Trigger/Validator.pm | 29 --------------- Open-ILS/src/sql/Pg/950.data.seed-values.sql | 39 ++++++++++++++++---- .../Pg/upgrade/xxxx.data.password_age_reset.sql | 42 +++++++++++++++++----- 5 files changed, 74 insertions(+), 53 deletions(-) diff --git a/Open-ILS/examples/fm_IDL.xml b/Open-ILS/examples/fm_IDL.xml index 91c39153a1..8ad8019e05 100644 --- a/Open-ILS/examples/fm_IDL.xml +++ b/Open-ILS/examples/fm_IDL.xml @@ -2411,15 +2411,19 @@ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + + diff --git a/Open-ILS/src/perlmods/lib/OpenILS/Application/Actor.pm b/Open-ILS/src/perlmods/lib/OpenILS/Application/Actor.pm index 432cacd440..9ad9956284 100644 --- a/Open-ILS/src/perlmods/lib/OpenILS/Application/Actor.pm +++ b/Open-ILS/src/perlmods/lib/OpenILS/Application/Actor.pm @@ -525,7 +525,6 @@ sub update_patron { my $old_patron; my $barred_hook = ''; my $renew_hook = ''; - my $password_hook = ''; if($patron->isnew()) { ( $new_patron, $evt ) = _add_patron($e, _clone_patron($patron)); @@ -556,8 +555,6 @@ sub update_patron { modify_migrated_user_password($e, $patron->id, $patron->passwd); $new_patron->passwd(''); # subsequent update will set # actor.usr.passwd to MD5('') - #$U->create_events_for_hook('au.passwd_changed', $db_user, $e->requestor->ws_ou); - $password_hook = 'au.passwd_changed'; } } @@ -606,9 +603,6 @@ sub update_patron { $tses->request('open-ils.trigger.event.autocreate', $barred_hook, $new_patron, $new_patron->home_ou) if $barred_hook; - - $tses->request('open-ils.trigger.event.autocreate', $password_hook, - $new_patron, $new_patron->home_ou) if $password_hook; } $e->xact_begin; # $e->rollback is called in new_flesh_user @@ -1658,7 +1652,7 @@ sub update_passwd { # would be required. Noting here for future reference. modify_migrated_user_password($e, $db_user->id, $new_val); $db_user->passwd(''); - $U->create_events_for_hook('au.passwd_changed', $db_user, $e->requestor->ws_ou); + } else { # if we don't clear the password, the user will be updated with @@ -4433,8 +4427,7 @@ sub commit_password_reset { # All is well; update the password modify_migrated_user_password($e, $user->id, $password); - $U->create_events_for_hook('au.passwd_changed', $user, $user->home_ou); - + # And flag that this password reset request has been honoured $aupr->[0]->has_been_reset('t'); $e->update_actor_usr_password_reset($aupr->[0]); diff --git a/Open-ILS/src/perlmods/lib/OpenILS/Application/Trigger/Validator.pm b/Open-ILS/src/perlmods/lib/OpenILS/Application/Trigger/Validator.pm index 6be4329d76..ad4e4f4fb6 100644 --- a/Open-ILS/src/perlmods/lib/OpenILS/Application/Trigger/Validator.pm +++ b/Open-ILS/src/perlmods/lib/OpenILS/Application/Trigger/Validator.pm @@ -166,35 +166,6 @@ sub PatronNotBarred { return !PatronBarred(@_); } -# returns invalid if the patron's password was updated in the time -# between now and the parent event being created -sub PatronOldPassword { - my ($self, $env) = @_; - my $event = $env->{event}; - # get add time of the event - my $add_time = DateTime::Format::ISO8601->new->parse_datetime(clean_ISO8601($event->add_time)); - # get the last time the user changed their password - my $aupsds = new_editor()->json_query({ - select => {aupsd => ['create_date','edit_date']}, - from => 'aupsd', - where => { - usr => $env->{target}->id - } - }); - - if(defined $aupsds){ - my $pwd = $aupsds->[0]; - #convert the dates with the DateTime module - if($pwd){ - my $edit_datetime = DateTime::Format::ISO8601->parse_datetime(clean_ISO8601($pwd->{'edit_date'})); - # if the change time is after the add time, return invalid - return $edit_datetime <= $add_time; - } - } - - return 1; -} - # core type "circ". # Being "In Collections" means having the PATRON_IN_COLLECTIONS penalty # applied to the user at or above the circ_lib of the target circ. diff --git a/Open-ILS/src/sql/Pg/950.data.seed-values.sql b/Open-ILS/src/sql/Pg/950.data.seed-values.sql index f7fd081f03..2a12e4694f 100644 --- a/Open-ILS/src/sql/Pg/950.data.seed-values.sql +++ b/Open-ILS/src/sql/Pg/950.data.seed-values.sql @@ -21329,14 +21329,41 @@ INSERT INTO config.org_unit_setting_type ); INSERT INTO action_trigger.hook (key,core_type,description,passive) VALUES ( - 'au.passwd_changed', - 'au', - 'An account password was updated', - false + 'aupsd.passwd_changed', + 'aupsd', + oils_i18n_gettext( + 'au.passwd_changed', + 'An account password was updated', + 'ath', + 'description' + ), + true ); -INSERT INTO action_trigger.validator (module, description) VALUES ( - 'PatronOldPassword', 'Confirm that the patron has not updated their password since this event was created.' +-- Sample Password Update Notice -- + +INSERT INTO action_trigger.event_definition (active, owner, name, delay_field, delay, max_delay, repeat_delay, hook, validator, reactor, template) + VALUES ('f', 1, 'Password Update Notice', 'edit_date','90 days', '91 days','90 days' 'aupsd.passwd_changed', 'NOOP_True', 'SendEmail', +$$ +[%- USE date -%] +[%- user = target.usr -%] +To: [%- params.recipient_email || user.email %] +From: [%- params.sender_email || default_sender || helpers.get_org_setting(user.home_ou, 'org.bounced_emails') %] +Date: [%- date.format(date.now, '%a, %d %b %Y %T -0000', gmt => 1) %] +Subject: Password Update Required +Auto-Submitted: auto-generated + +Dear [% user.family_name %], [% user.first_given_name %] +Regularly updating your password is an essential part of maintaining the security of your account. At the time of writing, your password is 90 days old. Please log in to the system or contact a system administrator to update your password. + +$$); + +INSERT INTO action_trigger.environment ( + event_def, + path +) VALUES ( + currval('action_trigger.event_definition_id_seq'), + 'usr' ); ------------------- Disabled example A/T defintions ------------------------------ diff --git a/Open-ILS/src/sql/Pg/upgrade/xxxx.data.password_age_reset.sql b/Open-ILS/src/sql/Pg/upgrade/xxxx.data.password_age_reset.sql index 01cdafd3ae..9a7ce68469 100644 --- a/Open-ILS/src/sql/Pg/upgrade/xxxx.data.password_age_reset.sql +++ b/Open-ILS/src/sql/Pg/upgrade/xxxx.data.password_age_reset.sql @@ -1,6 +1,6 @@ BEGIN; ---SELECT evergreen.upgrade_deps_block_check('xxxx', :eg_version); +--SELECT evergreen.upgrade_deps_block_check('XXXX', :eg_version); -- password age display setting @@ -26,15 +26,41 @@ INSERT INTO config.org_unit_setting_type ); INSERT INTO action_trigger.hook (key,core_type,description,passive) VALUES ( - 'au.passwd_changed', - 'au', - 'An account password was updated', - false + 'aupsd.passwd_changed', + 'aupsd', + oils_i18n_gettext( + 'au.passwd_changed', + 'An account password was updated', + 'ath', + 'description' + ), + true ); -INSERT INTO action_trigger.validator (module, description) VALUES ( - 'PatronOldPassword', 'Confirm that the patron has not updated their password since this event was created.' -); +-- Sample Password Update Notice -- + +INSERT INTO action_trigger.event_definition (active, owner, name, delay_field, delay, max_delay, repeat_delay, hook, validator, reactor, template) + VALUES ('f', 1, 'Password Update Notice', 'edit_date','90 days', '91 days','90 days' 'aupsd.passwd_changed', 'NOOP_True', 'SendEmail', +$$ +[%- USE date -%] +[%- user = target.usr -%] +To: [%- params.recipient_email || user.email %] +From: [%- params.sender_email || default_sender || helpers.get_org_setting(user.home_ou, 'org.bounced_emails') %] +Date: [%- date.format(date.now, '%a, %d %b %Y %T -0000', gmt => 1) %] +Subject: Password Update Required +Auto-Submitted: auto-generated + +Dear [% user.family_name %], [% user.first_given_name %] +Regularly updating your password is an essential part of maintaining the security of your account. At the time of writing, your password is 90 days old. Please log in to the system or contact a system administrator to update your password. +$$); + +INSERT INTO action_trigger.environment ( + event_def, + path +) VALUES ( + currval('action_trigger.event_definition_id_seq'), + 'usr' +); --ROLLBACK; COMMIT; \ No newline at end of file -- 2.11.0