mirror of
https://github.com/opf/openproject.git
synced 2026-06-14 03:30:14 +00:00
Oliver Günther
163 lines
5.6 KiB
Ruby
163 lines
5.6 KiB
Ruby
# frozen_string_literal: true
|
|
|
|
#-- copyright
|
|
# OpenProject is an open source project management software.
|
|
# Copyright (C) the OpenProject GmbH
|
|
#
|
|
# This program is free software; you can redistribute it and/or
|
|
# modify it under the terms of the GNU General Public License version 3.
|
|
#
|
|
# OpenProject is a fork of ChiliProject, which is a fork of Redmine. The copyright follows:
|
|
# Copyright (C) 2006-2013 Jean-Philippe Lang
|
|
# Copyright (C) 2010-2013 the ChiliProject Team
|
|
#
|
|
# This program is free software; you can redistribute it and/or
|
|
# modify it under the terms of the GNU General Public License
|
|
# as published by the Free Software Foundation; either version 2
|
|
# of the License, or (at your option) any later version.
|
|
#
|
|
# This program is distributed in the hope that it will be useful,
|
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
# GNU General Public License for more details.
|
|
#
|
|
# You should have received a copy of the GNU General Public License
|
|
# along with this program; if not, write to the Free Software
|
|
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
|
|
#
|
|
# See COPYRIGHT and LICENSE files for more details.
|
|
#++
|
|
|
|
module OpenProject
|
|
##
|
|
# Evaluate and generate passwords
|
|
#
|
|
module Passwords
|
|
##
|
|
# Evaluates passwords and generates error messages for the evaluated
|
|
# passwords based on password complexity settings like minimum password
|
|
# length and other complexity rules.
|
|
#
|
|
module Evaluator
|
|
RULES = { "uppercase" => /.*[A-Z].*/u,
|
|
"lowercase" => /.*[a-z].*/u,
|
|
"special" => /.*[^\da-zA-Z].*/u,
|
|
"numeric" => /.*\d.*/u }
|
|
# Check whether password conforms to password complexity settings.
|
|
# Checks complexity rules and password length.
|
|
def self.conforming?(password)
|
|
password_long_enough(password) and password_conforms_to_rules(password)
|
|
end
|
|
|
|
# Returns corresponding error messages if +password+ doesn't conform to
|
|
# password complexity settings.
|
|
def self.errors_for_password(password)
|
|
errors = []
|
|
unless password_conforms_to_rules(password)
|
|
errors << rules_description
|
|
end
|
|
unless password_long_enough(password)
|
|
errors << I18n.t("activerecord.errors.messages.too_short",
|
|
count: OpenProject::Passwords::Evaluator.min_length)
|
|
end
|
|
errors
|
|
end
|
|
|
|
# Returns the names of known rules, e.g. ['uppercase'].
|
|
def self.known_rules
|
|
RULES.keys
|
|
end
|
|
|
|
# Returns the names of rules activated in settings.
|
|
def self.active_rules
|
|
Setting.password_active_rules
|
|
end
|
|
|
|
def self.active_rule?(rule)
|
|
Setting.password_active_rules.include?(rule.to_s)
|
|
end
|
|
|
|
# Checks whether password adheres to complexity rules.
|
|
# Does not check length.
|
|
def self.password_conforms_to_rules(password)
|
|
size_active_rules_adhered_by(password) >= min_adhered_rules
|
|
end
|
|
|
|
# Checks whether password matches minimum length specified in settings.
|
|
def self.password_long_enough(password)
|
|
password.length >= min_length
|
|
end
|
|
|
|
# Minimum number of rules password adheres to matches the minimum
|
|
# number of active rules specified in settings.
|
|
def self.min_adhered_rules
|
|
active_rules.size
|
|
end
|
|
|
|
# Returns the minimum password length as specified in settings.
|
|
def self.min_length
|
|
Setting.password_min_length.to_i
|
|
end
|
|
|
|
# Returns a text describing the active password complexity rules.
|
|
def self.rules_description
|
|
return "" if active_rules.empty?
|
|
|
|
rules = active_rules_list.join(", ")
|
|
rules_description_locale(rules)
|
|
end
|
|
|
|
# Returns a text describing the minimum length of a password.
|
|
def self.min_length_description
|
|
I18n.t(:text_caracters_minimum,
|
|
count: OpenProject::Passwords::Evaluator.min_length)
|
|
end
|
|
|
|
# Returns the number of active rules password adheres to.
|
|
def self.size_active_rules_adhered_by(password)
|
|
active_rules.count do |name|
|
|
password&.match?(RULES[name]) ? true : false
|
|
end
|
|
end
|
|
|
|
# Return a collection with active rules
|
|
def self.active_rules_list
|
|
active_rules.map do |rule|
|
|
I18n.t(rule.to_sym,
|
|
scope: %i[activerecord errors models user attributes password])
|
|
end
|
|
end
|
|
|
|
def self.rules_description_locale(rules)
|
|
I18n.t("activerecord.errors.models.user.attributes.password.requirements_not_met", rules:)
|
|
end
|
|
end
|
|
|
|
##
|
|
# Generates random passwords that conform to password complexity settings
|
|
#
|
|
module Generator
|
|
RANDOM_PASSWORD_MIN_LENGTH = 15
|
|
|
|
# Generates a random password with a minimum length of 15 or the minimum
|
|
# password length, whichever is higher.
|
|
# The generated password conforms to the active password rules.
|
|
def self.random_password
|
|
chars = ("a".."z").to_a +
|
|
("A".."Z").to_a +
|
|
("0".."9").to_a +
|
|
["!", "\"", "#", "$", "%", "&", "'", "(", ")", "*", "+",
|
|
",", "-", ".", "/", ":", ";", "<", "=", ">", "?", "@", "[", "\\",
|
|
"]", "^", "_", "`", "{", "|", "}", "~"]
|
|
|
|
begin
|
|
password = +""
|
|
length = [RANDOM_PASSWORD_MIN_LENGTH, Evaluator.min_length].max
|
|
length.times { |_i| password << chars[SecureRandom.random_number(chars.size - 1)] }
|
|
end while not Evaluator.conforming? password
|
|
password
|
|
end
|
|
end
|
|
end
|
|
end
|