Merge branch '3710-authorized-users-with-blank-password' into '1.4-dev'

Resolve "Authorized users with blank password" See merge request fusiondirectory/fd!170

Merge branch '3710-authorized-users-with-blank-password' into '1.4-dev'
Resolve "Authorized users with blank password" See merge request fusiondirectory/fd!170
ff43076b · Côme Chilliet · 595a6269 · c8e08561 · ff43076b · ff43076b
Commit ff43076b authored 6 years ago by Côme Chilliet
Hide whitespace changes
Inline Side-by-side

Showing

with 100 additions and 15 deletions
+100 -15
--- a/include/password-methods/class_password-methods-clear.inc
+++ b/include/password-methods/class_password-methods-clear.inc
@@ -33,6 +33,8 @@ class passwordMethodClear extends passwordMethod
 {
  protected $lockable = FALSE;

+  public $hash = 'clear';
+
  /*!
   * \brief passwordMethodClear Constructor
   */

--- a/include/password-methods/class_password-methods-empty.inc
+++ b/include/password-methods/class_password-methods-empty.inc
+<?php
+/*
+  This code is part of FusionDirectory (http://www.fusiondirectory.org/)
+  Copyright (C) 2003-2010  Cajus Pollmeier
+  Copyright (C) 2011-2018  FusionDirectory
+
+  This program is free software; you can redistribute it and/or modify
+  it under the terms of the GNU General Public License as published by
+  the Free Software Foundation; either version 2 of the License, or
+  (at your option) any later version.
+
+  This program is distributed in the hope that it will be useful,
+  but WITHOUT ANY WARRANTY; without even the implied warranty of
+  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+  GNU General Public License for more details.
+
+  You should have received a copy of the GNU General Public License
+  along with this program; if not, write to the Free Software
+  Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA.
+*/
+
+/*!
+ * \file class_password-methods-empty.inc
+ * Source code for class passwordMethodEmpty
+ */
+
+/*!
+ * \brief This class contains all the functions for empty password method
+ * \see passwordMethod
+ */
+class passwordMethodEmpty extends passwordMethod
+{
+  protected $lockable = FALSE;
+
+  public $hash = 'empty';
+
+  /*!
+   * \brief passwordMethodClear Constructor
+   */
+  function __construct()
+  {
+  }
+
+  /*!
+   * \brief Is available
+   *
+   * \return TRUE
+   */
+  function is_available()
+  {
+    return TRUE;
+  }
+
+  /*!
+   * \brief Generate template hash
+   *
+   * \param string $pwd Password
+   */
+  function generate_hash($pwd)
+  {
+    return '';
+  }
+
+  /*!
+   * \brief Get the hash name
+   */
+  static function get_hash_name()
+  {
+    return 'empty';
+  }
+
+  /*!
+   * \brief Password needed
+   *
+   * \return boolean FALSE
+   */
+  function need_password()
+  {
+    return FALSE;
+  }
+}
+?>
--- a/include/password-methods/class_password-methods.inc
+++ b/include/password-methods/class_password-methods.inc
@@ -299,6 +299,11 @@ class passwordMethod
  {
    $methods = passwordMethod::get_available_methods();

+    if (empty($password_hash) && passwordMethodEmpty::is_available()) {
+      $method = new passwordMethodEmpty($dn);
+      return $method;
+    }
+
    foreach ($methods['class'] as $class) {
      $method = $class::_extract_method($class, $password_hash);
      if ($method != "") {
@@ -309,7 +314,6 @@ class passwordMethod
    }

    $method = new passwordMethodClear($dn);
-    $method->set_hash('clear');
    return $method;
  }


--- a/plugins/personal/generic/class_user.inc
+++ b/plugins/personal/generic/class_user.inc
@@ -114,14 +114,10 @@ class UserPasswordAttribute extends CompositeAttribute
  {
    if (isset($attrs[$this->getLdapName()])) {
      $this->setValue($this->inputValue($attrs[$this->getLdapName()][0]));
-      $this->setRequired(FALSE);
-      $this->attributes[1]->setRequired(FALSE);
-      $this->attributes[2]->setRequired(FALSE);
+    } elseif ($this->plugin->initially_was_account) {
+      $this->setValue($this->inputValue(''));
    } else {
-      $this->setRequired(TRUE);
      $this->attributes[0]->resetToDefault();
-      $this->attributes[1]->setRequired(TRUE);
-      $this->attributes[2]->setRequired(TRUE);
      $this->checkIfMethodNeedsPassword();
    }
  }
@@ -148,11 +144,16 @@ class UserPasswordAttribute extends CompositeAttribute
    $method = $this->attributes[0]->getValue();
    if ($method != $this->previousMethod) {
      if ($this->needPassword[$method]) {
+        $hashEmpty = ($this->attributes[3]->getValue() == '');
        $this->attributes[1]->setVisible(TRUE);
+        $this->attributes[1]->setRequired($hashEmpty);
        $this->attributes[2]->setVisible(TRUE);
+        $this->attributes[2]->setRequired($hashEmpty);
      } else {
+        $this->attributes[1]->setRequired(FALSE);
        $this->attributes[1]->setVisible(FALSE);
        $this->attributes[1]->setValue('');
+        $this->attributes[2]->setRequired(FALSE);
        $this->attributes[2]->setVisible(FALSE);
        $this->attributes[2]->setValue('');
      }
@@ -178,10 +179,10 @@ class UserPasswordAttribute extends CompositeAttribute
          $value = $tmp->generate_hash($password);
        }
      }
-    } else {
-      if ($value != '') {
-        $pw_storage = 'clear';
-      }
+    } elseif ($value != '') {
+      $pw_storage = 'clear';
+    } elseif ($this->plugin->initially_was_account) {
+      $pw_storage = 'empty';
    }
    return array($pw_storage, $password, $password, $value, $locked);
  }
@@ -212,10 +213,6 @@ class UserPasswordAttribute extends CompositeAttribute
  function check()
  {
    $method = $this->attributes[0]->getValue();
-    if (!$this->needPassword[$method]) {
-      $this->attributes[1]->setRequired(FALSE);
-      $this->attributes[2]->setRequired(FALSE);
-    }
    $error = parent::check();
    if (!empty($error)) {
      return $error;