diff options
| author | Jean-Philippe Lang <jp_lang@yahoo.fr> | 2015-05-10 10:26:55 +0000 |
|---|---|---|
| committer | Jean-Philippe Lang <jp_lang@yahoo.fr> | 2015-05-10 10:26:55 +0000 |
| commit | 51f7060aa8464f51f78403f87b3556a7ffaa1995 (patch) | |
| tree | cb7a82d8d788a2e71bb57de7e536bd7048e956f8 /app | |
| parent | 92833d0b10e7c46477e1485a4bf616649aee544e (diff) | |
| download | redmine-51f7060aa8464f51f78403f87b3556a7ffaa1995.tar.gz redmine-51f7060aa8464f51f78403f87b3556a7ffaa1995.zip | |
Add the ability to expire passwords after a configurable number of days (#19458).
Patch by Holger Just and Go MAEDA.
git-svn-id: http://svn.redmine.org/redmine/trunk@14264 e93f8b46-1217-0410-a6f0-8f06a7374b81
Diffstat (limited to 'app')
| -rw-r--r-- | app/controllers/application_controller.rb | 1 | ||||
| -rw-r--r-- | app/models/user.rb | 13 | ||||
| -rw-r--r-- | app/views/my/password.html.erb | 2 | ||||
| -rw-r--r-- | app/views/settings/_authentication.html.erb | 4 |
4 files changed, 18 insertions, 2 deletions
diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index b6e2eb120..e1bc6a97f 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -204,6 +204,7 @@ class ApplicationController < ActionController::Base def check_password_change if session[:pwd] if User.current.must_change_password? + flash[:error] = l(:error_password_expired) redirect_to my_password_path else session.delete(:pwd) diff --git a/app/models/user.rb b/app/models/user.rb index 8811a65fd..5978f06de 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -323,8 +323,19 @@ class User < Principal return auth_source.allow_password_changes? end + def password_expired? + changed_on = self.passwd_changed_on || Time.at(0) + period = Setting.password_max_age.to_i + + if period.zero? + false + else + changed_on < period.days.ago + end + end + def must_change_password? - must_change_passwd? && change_password_allowed? + (must_change_passwd? || password_expired?) && change_password_allowed? end def generate_password? diff --git a/app/views/my/password.html.erb b/app/views/my/password.html.erb index c3f86b99f..6ba2bfc40 100644 --- a/app/views/my/password.html.erb +++ b/app/views/my/password.html.erb @@ -17,7 +17,7 @@ <%= submit_tag l(:button_apply) %> <% end %> -<% unless @user.must_change_passwd? %> +<% unless @user.must_change_passwd? || @user.password_expired? %> <% content_for :sidebar do %> <%= render :partial => 'sidebar' %> <% end %> diff --git a/app/views/settings/_authentication.html.erb b/app/views/settings/_authentication.html.erb index 77b5afced..80fb4bd5a 100644 --- a/app/views/settings/_authentication.html.erb +++ b/app/views/settings/_authentication.html.erb @@ -14,6 +14,10 @@ <p><%= setting_text_field :password_min_length, :size => 6 %></p> +<p> + <%= setting_select :password_max_age, [[l(:label_disabled), 0]] + [7, 30, 60, 90, 180, 365].collect{|days| [l('datetime.distance_in_words.x_days', :count => days), days.to_s]} %> +</p> + <p><%= setting_check_box :lost_password, :label => :label_password_lost %></p> <p><%= setting_text_field :max_additional_emails, :size => 6 %></p> |