From 76d7a21ec7fbdcb0f2b4c4d12ced34a6b4d3c81b Mon Sep 17 00:00:00 2001 From: Emmanuel Viennet Date: Sat, 16 Jan 2021 14:02:18 +0100 Subject: [PATCH] Begins separation of user management functions --- ZScoDoc.py | 4 ++-- ZScoUsers.py | 27 +++----------------------- sco_users.py | 53 ++++++++++++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 58 insertions(+), 26 deletions(-) create mode 100644 sco_users.py diff --git a/ZScoDoc.py b/ZScoDoc.py index 08aaab6..4b56787 100644 --- a/ZScoDoc.py +++ b/ZScoDoc.py @@ -59,7 +59,7 @@ except: from sco_utils import * from notes_log import log import sco_find_etud -from ZScoUsers import pwdFascistCheck +import sco_users class ZScoDoc(ObjectManager, PropertyManager, RoleManager, Item, Persistent, Implicit): @@ -201,7 +201,7 @@ class ZScoDoc(ObjectManager, PropertyManager, RoleManager, Item, Persistent, Imp raise AccessDenied("vous n'avez pas le droit d'effectuer cette opération") log("trying to change admin password") # 1-- check strong password - if pwdFascistCheck(password) != None: + if not sco_users.is_valid_password(password): log("refusing weak password") return REQUEST.RESPONSE.redirect( "change_admin_user_form?message=Mot%20de%20passe%20trop%20simple,%20recommencez" diff --git a/ZScoUsers.py b/ZScoUsers.py index 0e03a39..9e9dd92 100644 --- a/ZScoUsers.py +++ b/ZScoUsers.py @@ -47,24 +47,7 @@ from TrivialFormulator import TrivialFormulator, TF from gen_tables import GenTable import scolars import sco_cache - -# ----------------- password checking -import cracklib - - -def pwdFascistCheck(cleartxt): - "returns None if OK" - if ( - hasattr(CONFIG, "MIN_PASSWORD_LENGTH") - and CONFIG.MIN_PASSWORD_LENGTH > 0 - and len(cleartxt) < CONFIG.MIN_PASSWORD_LENGTH - ): - return True # invalid - try: - x = cracklib.FascistCheck(cleartxt) - return None - except ValueError as e: - return str(e) +import sco_users # --------------- @@ -358,10 +341,6 @@ class ZScoUsers( else: return False - def _is_valid_passwd(self, passwd): - "check if passwd is secure enough" - return not pwdFascistCheck(passwd) - def do_change_password(self, user_name, password): user = self._user_list(args={"user_name": user_name}) assert len(user) == 1, "database inconsistency: len(user)=%d" % len(user) @@ -407,7 +386,7 @@ class ZScoUsers( % user_name ) else: - if not self._is_valid_passwd(password): + if not sco_users.is_valid_password(password): H.append( """

ce mot de passe n\'est pas assez compliqué !
(oui, il faut un mot de passe vraiment compliqué !)

Recommencer

@@ -890,7 +869,7 @@ class ZScoUsers( """Les deux mots de passes ne correspondent pas !""" ) return "\n".join(H) + msg + "\n" + tf[1] + F - if not self._is_valid_passwd(vals["passwd"]): + if not sco_users.is_valid_password(vals["passwd"]): msg = tf_error_message( """Mot de passe trop simple, recommencez !""" ) diff --git a/sco_users.py b/sco_users.py new file mode 100644 index 0000000..703d6b1 --- /dev/null +++ b/sco_users.py @@ -0,0 +1,53 @@ +# -*- mode: python -*- +# -*- coding: utf-8 -*- + +############################################################################## +# +# Gestion scolarite IUT +# +# Copyright (c) 1999 - 2021 Emmanuel Viennet. All rights reserved. +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA +# +# Emmanuel Viennet emmanuel.viennet@viennet.net +# +############################################################################## + +"""Fonctions sur les utilisateurs +""" + +# Anciennement dans ZScoUsers.py, séparé pour migration + +import cracklib # pylint: disable=import-error + +import sco_utils as scu +from sco_utils import CONFIG, SCO_ENCODING + + +def is_valid_password(cleartxt): + """Check password. + returns True if OK. + """ + if ( + hasattr(CONFIG, "MIN_PASSWORD_LENGTH") + and CONFIG.MIN_PASSWORD_LENGTH > 0 + and len(cleartxt) < CONFIG.MIN_PASSWORD_LENGTH + ): + return False # invalid: too short + try: + _ = cracklib.FascistCheck(cleartxt) + return True + except ValueError: + return False