Issue #494 has been updated by Clément OUDOT. Status changed from New to Assigned Assigned to set to Clément OUDOT Target version changed from self-service-password-0.8 to self-service-password-?
Seems a huge change in the code, planning it for a further release ---------------------------------------- Feature #494: Refactor local password policy rules using OO http://tools.lsc-project.org/issues/494 Author: Luiz Fernando Severnini Status: Assigned Priority: Normal Assigned to: Clément OUDOT Category: Self Service Password Target version: self-service-password-? The idea is to create a structure of rules as a chain, so a credential is passed along the chain and if for some rule is not satisfied an error code is reported back. -Create a credential class for login info (login, old password, new password): Credential -Create an interface to be implemented by rules: Rule The rule will have three methods: one to check the rule against a credential, one to get the policy message of the rule and other to get next rule -Create a class to every rule Create a basic implementation of Rule with common behaviour of all rules. The constructor receive all necessary values for rule validation. -Create a class that implement the policy: PasswordPolicy The PasswordPolicy class does the orchestration of all rules, and provides a method to show the policy. -Create an import file with all classes of password policy *Steps for refactoring/implementing* 1- add a 'class' folder to the root of application 2- unpack the classes attached (rulesOO.tar.gz) 3- Edit file index.php and add import for classes/classes.php <pre>require_once("classes/classes.inc.php");</pre> 4- Edit file lib/functions.inc.php Change funcion show_policy() to: <pre> function show_policy( $messages, $pw_policy_config, $result ) { $passwordPolicy = new PasswordPolicy($messages, $pw_policy_config); echo $passwordPolicy->showPolicy($result); } </pre> Change funcion check_password_strength() to: <pre> function check_password_strength( Credential $credential, $messages, $pw_policy_config ) { $passwordPolicy = new PasswordPolicy($messages, $pw_policy_config); $result = $passwordPolicy->checkPassword($credential); return $result; } </pre> 5- Edit file pages/change.php Look for the call to check_password_strength() and change it to: <pre> #============================================================================== # Check password strength #============================================================================== if ( $result === "" ) { $credential = new Credential($login, $newpassword, $oldpassword); $result = check_password_strength($credential, $messages, $pw_policy_config); } </pre> 6- Edit file page/resetbyquestions.php Look for the call to check_password_strength() and change it to: <pre> # Check password strength if ( $result === "" ) { $credential = new Credential($login, $newpassword, ''); $result = check_password_strength($credential, $messages, $pw_policy_config); } </pre> 7- Edit file page/resetbytoken.php Look for the call to check_password_strength() and change it to: <pre> # Check password strength if ( $result === "" ) { $credential = new Credential($login, $newpassword, ''); $result = check_password_strength($credential, $messages, $pw_policy_config); } </pre> -- You have received this notification because you have either subscribed to it, or are involved in it. To change your notification preferences, please click here: http://tools.lsc-project.org/my/account
_______________________________________________ ltb-dev mailing list [email protected] http://lists.ltb-project.org/listinfo/ltb-dev
