Fixes #3757 Added an option to force password ask for SASL method

2112fb78 · Côme Bernigaud · Benoit Mortier · 628a28de · 2112fb78 · 2112fb78
Commit 2112fb78 authored 9 years ago by Côme Bernigaud Committed by Benoit Mortier 9 years ago
Hide whitespace changes
Inline Side-by-side

Showing

with 21 additions and 4 deletions
+21 -4
--- a/contrib/openldap/core-fd-conf.schema
+++ b/contrib/openldap/core-fd-conf.schema
@@ -404,6 +404,12 @@ attributetype ( 1.3.6.1.4.1.38414.8.19.1 NAME 'fdOGroupRDN'
  SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
  SINGLE-VALUE)
+attributetype ( 1.3.6.1.4.1.38414.8.19.2 NAME 'fdForceSaslPasswordAsk'
+  DESC 'FusionDirectory - Force password ask for SASL users'
+  EQUALITY booleanMatch
+  SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
+  SINGLE-VALUE )
 # merged from dashboard-fd.schema - Needed by Fusion Directory for dashboard options
 attributetype ( 1.3.6.1.4.1.38414.27.1.1 NAME 'fdDashboardPrefix'
@@ -514,7 +520,7 @@ objectclass ( 1.3.6.1.4.1.38414.8.2.2 NAME 'fusionDirectoryPluginsConf'
  DESC 'FusionDirectory plugins configuration'
  SUP top AUXILIARY
  MUST ( cn )
-  MAY ( fdOGroupRDN ) )
+  MAY ( fdOGroupRDN $ fdForceSaslPasswordAsk ) )
 objectclass ( 1.3.6.1.4.1.38414.8.2.3 NAME 'fdPasswordRecoveryConf'
  DESC 'FusionDirectory password recovery configuration'

--- a/include/password-methods/class_password-methods-sasl.inc
+++ b/include/password-methods/class_password-methods-sasl.inc
@@ -103,7 +103,8 @@ class passwordMethodsasl extends passwordMethod {
   */
  function need_password()
  {
-    return FALSE;
+    global $config;
+    return ($config->get_cfg_value('forceSaslPasswordAsk', 'FALSE') == 'TRUE');
  }
 }
 ?>
--- a/plugins/config/class_mainPluginsConfig.inc
+++ b/plugins/config/class_mainPluginsConfig.inc
@@ -38,8 +38,8 @@ class mainPluginsConfig extends simplePlugin
  static function getAttributesInfo ()
  {
    return array(
-      'main' => array(
+      'ogroups' => array(
-        'name'  => _('LDAP tree'),
+        'name'  => _('Object groups'),
        'attrs' => array(
          new StringAttribute (
            _('OGroup RDN'), _('Branch in which object groups will be stored'),
@@ -48,6 +48,16 @@ class mainPluginsConfig extends simplePlugin
          ),
        )
      ),
+      'sasl' => array(
+        'name'  => _('SASL'),
+        'attrs' => array(
+          new BooleanAttribute (
+            _('Force Password asking'), _('Useful if you add a hook using password value when SASL user passwords are edited'),
+            'fdForceSaslPasswordAsk', TRUE,
+            FALSE
+          ),
+        )
+      ),
    );
  }