type => 't',
default => q:.*:,
checker => \&check_regexp
+ },
+
+ {
+ name => 'password_complexity',
+ type => 's',
+ choices => [ 'no_constraints', 'mixed_letters', 'letters_numbers',
+ 'letters_numbers_specialchars' ],
+ default => 'no_constraints',
+ checker => \&check_multi
} );
return @param_list;
}
} elsif ((defined $matchpassword) && ($password ne $matchpassword)) {
ThrowUserError('passwords_dont_match');
}
+
+ my $complexity_level = Bugzilla->params->{password_complexity};
+ if ($complexity_level eq 'letters_numbers_specialchars') {
+ ThrowUserError('password_not_complex')
+ if ($password !~ /\w/ || $password !~ /\d/ || $password !~ /[[:punct:]]/);
+ } elsif ($complexity_level eq 'letters_numbers') {
+ ThrowUserError('password_not_complex')
+ if ($password !~ /[[:lower:]]/ || $password !~ /[[:upper:]]/ || $password !~ /\d/);
+ } elsif ($complexity_level eq 'mixed_letters') {
+ ThrowUserError('password_not_complex')
+ if ($password !~ /[[:lower:]]/ || $password !~ /[[:upper:]]/);
+ }
+
# Having done these checks makes us consider the password untainted.
trick_taint($_[0]);
return 1;
"default (.*) permits any account matching the emailregexp " _
"to be created. If this parameter is left blank, no users " _
"will be permitted to create their own accounts and all accounts " _
- "will have to be created by an administrator." }
+ "will have to be created by an administrator.",
+
+ password_complexity =>
+ "Set the complexity required for passwords. In all cases must the passwords " _
+ "be at least ${constants.USER_PASSWORD_MIN_LENGTH} characters long." _
+ "<ul><li>no_constraints - No complexity required.</li>" _
+ "<li>mixed_letters - Passwords must contain at least one UPPER and one lower " _
+ "case letter.</li>" _
+ "<li>letters_numbers - Passwords must contain at least one UPPER and one " _
+ "lower case letter and a number.</li>" _
+ "<li>letters_numbers_specialchars - Passwords must contain at least one " _
+ "UPPER or one lower case letter, a number and a special character.</li></ul>"
+ }
%]
The password must be at least
[%+ constants.USER_PASSWORD_MIN_LENGTH FILTER html %] characters long.
+ [% ELSIF error == "password_not_complex" %]
+ [% title = "Password Fails Requirements" %]
+ [% passregex = Param('password_complexity') %]
+ The password must contain at least one:
+ <ul>
+ [% IF passregex.search('letters') %]
+ <li>UPPERCASE letter</li>
+ <li>lowercase letter</li>
+ [% END %]
+ [% IF passregex.search('numbers') %]
+ <li>digit</li>
+ [% END %]
+ [% IF passregex.search('specialchars') %]
+ <li>special character</li>
+ [% END %]
+ </ul>
+
[% ELSIF error == "product_access_denied" %]
[% title = "Product Access Denied" %]
Either the product
projects / thirdparty / bugzilla.git / commitdiff
