/
password_requirements.php
146 lines (118 loc) · 4.84 KB
/
password_requirements.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
<?php
namespace Concrete\Controller\SinglePage\Dashboard\System\Registration;
use Concrete\Core\Http\Request;
use Concrete\Core\Page\Controller\DashboardPageController;
class PasswordRequirements extends DashboardPageController
{
public const CONFIG_PREFIX = 'concrete.user.password';
public function view()
{
$config = $this->app->make('config')->get(self::CONFIG_PREFIX);
$this->set('min', (int) max(0, array_get($config, 'minimum', 0)));
$this->set('max', (int) max(0, array_get($config, 'maximum', 0)) ?: null);
$this->set('specialCharacters', (int) max(0, array_get($config, 'required_special_characters', 0)));
$this->set('upperCase', (int) max(0, array_get($config, 'required_upper_case', 0)));
$this->set('lowerCase', (int) max(0, array_get($config, 'required_lower_case', 0)));
$this->set('passwordReuse', (int) max(0, array_get($config, 'reuse', 0)));
if (!array_key_exists('customRegex', $this->getSets())) {
$this->set('customRegex', (array) array_get($config, 'custom_regex', []));
}
}
public function save()
{
if (!$this->token->validate('save_password_requirements')) {
$this->error->add($this->token->getErrorMessage());
}
$this->validate($this->request);
if ($this->error->has()) {
$this->setCustomRegexForView();
return $this->view();
}
$args = $this->request->request->all();
$prefix = self::CONFIG_PREFIX;
$config = $this->app->make('config');
$config->save($prefix . '.minimum', $this->int($args, 'min'));
$config->save($prefix . '.maximum', $this->int($args, 'max'));
$config->save($prefix . '.required_special_characters', $this->int($args, 'specialCharacters'));
$config->save($prefix . '.required_upper_case', $this->int($args, 'upperCase'));
$config->save($prefix . '.required_lower_case', $this->int($args, 'lowerCase'));
$config->save($prefix . '.reuse', $this->int($args, 'passwordReuse'));
$regex = array_get($args, 'regex', []);
$regexDesc = array_get($args, 'regex_desc', []);
$regexWidthDesc = array_combine($regex, $regexDesc);
$regexRequirements = array_get($args, 'regexRequirements', []);
$config->save($prefix . '.custom_regex', array_merge($regexWidthDesc, $regexRequirements));
$this->flash('success', t('Password Options successfully saved.'));
return $this->buildRedirect($this->action());
}
public function reset()
{
if (!$this->token->validate('restore_defaults')) {
$this->error->add($this->token->getErrorMessage());
}
if ($this->error->has()) {
return $this->view();
}
$prefix = self::CONFIG_PREFIX;
$config = $this->app->make('config');
$item = $config->get($prefix);
unset($item['minimum'], $item['maximum'], $item['required_special_characters'], $item['required_upper_case'], $item['required_lower_case'], $item['reuse'], $item['custom_regex']);
$config->save($prefix, $item);
$this->flash('success', t('Password Options successfully reset to default values.'));
return $this->buildRedirect($this->action());
}
protected function validate(Request $request)
{
$result = true;
$regex = $request->request->get('regex', []);
foreach ($regex as $key => $value) {
if (!$this->validateRegex($value)) {
$this->error->add('Invalid custom regex', "regex[{$key}]");
$result = false;
}
}
return $result;
}
/**
* Normalize a given number.
*
* @param array $args
* @param string $key
*
* @return int
*/
protected function int(array $args, $key)
{
return max(0, (int) array_get($args, $key, 0));
}
/**
* Check if a given regular expression is valid.
*
* @param $regex
*
* @return bool
*/
protected function validateRegex($regex)
{
set_error_handler(function () {}, -1);
try {
// If this test returns false it means we have invalid regex
return @preg_match($regex, null) !== false;
} finally {
restore_error_handler();
}
}
/**
* Store in the 'customRegex' "set" the previously specified regular expressions.
* That way, users won't loose what they already typed in case of problems.
*/
protected function setCustomRegexForView(): void
{
$post = $this->request->request;
$regex = $post->get('regex');
$regexDesc = $post->get('regex_desc');
if (is_array($regex) && is_array($regexDesc) && count($regex) === count($regexDesc)) {
$this->set('customRegex', array_combine($regex, $regexDesc));
}
}
}