Bug 19514: Implement password restrictions into onboarding tool

Test plan:
1. Drop and recreate your database
2. Restart memcached
3. Go through the web installer
4. In the onboarding tool create a patron with a password of only 2 characters in length
5. Notice the patron is successfully created and no warning message is
displayed
6. Repeat step 1,2,3 and create a patron with a password of 3 characters
none of which are a uppercase letter or number and notice the patron is
successfully created and no warning message is displayed
7. Apply patch
8. Repeat steps 1,2,3 and create a patron with a password consisting of
2 characters, notice that after submitting the form the same form is
loaded again and there is a warning message at the top of the page
informing you the patron wasn't created
9. Repeat steps 1,2,3 and create a patron with a password consisting of
3 characters (all lower case) and submit the form, notice the same form
is reloaded and a warning message at the top of the page informs you
that the patron wasn't created because the password was weak
10. Repeat steps 1,2,3 and create a patron with a password consisting of
3 characters (one lower case letter, one upper case letter and one
number) and submit the form and notice this time the next form in the onboarding is displayed with the message at the top of the screen informing you that the patron was successfully created

Sponsored-By: Catalyst IT
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: David Bourgault <david.bourgault@inlibro.com>
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

diff --git a/installer/onboarding.pl b/installer/onboarding.pl
index 8b032c9..76cc708 100755 (executable)
--- a/installer/onboarding.pl
+++ b/installer/onboarding.pl
@@ -146,6 +146,8 @@ if ( $step == 3 ) {
         my $cardnumber     = $input->param('cardnumber');
         my $userid         = $input->param('userid');
 
+        my ( $is_valid, $passworderror) = Koha::AuthUtils::is_password_valid( $firstpassword );
+
         if ( my $error_code = checkcardnumber($cardnumber) ) {
             if ( $error_code == 1 ) {
                 push @messages, { code => 'ERROR_cardnumber_already_exists' };
@@ -158,8 +160,13 @@ if ( $step == 3 ) {
 
             push @messages, { code => 'ERROR_password_mismatch' };
         }
-        else {
+        elsif ( $passworderror) {
+                push @messages, { code => 'ERROR_password_too_short'} if $passworderror eq 'too_short';
+                push @messages, { code => 'ERROR_password_too_weak'} if $passworderror eq 'too_weak';
+                push @messages, { code => 'ERROR_password_has_whitespaces'} if $passworderror eq 'has_whitespaces';
 
+        }
+        else {
             my $patron_data = {
                 surname      => scalar $input->param('surname'),
                 firstname    => scalar $input->param('firstname'),

diff --git a/koha-tmpl/intranet-tmpl/prog/en/includes/onboarding_messages.inc b/koha-tmpl/intranet-tmpl/prog/en/includes/onboarding_messages.inc
index d817401..fbe0d3a 100644 (file)
--- a/koha-tmpl/intranet-tmpl/prog/en/includes/onboarding_messages.inc
+++ b/koha-tmpl/intranet-tmpl/prog/en/includes/onboarding_messages.inc
@@ -26,6 +26,12 @@
             <div class="alert alert-success">Circulation rule created!</div>
         [% CASE 'error_on_insert_circ_rule' %]
             <div class="alert alert-danger">Circulation rule not created!</div>
+        [% CASE 'ERROR_password_too_short' %]
+            <div class="alert alert-danger">The patron has not been created the entered password was too short</div>
+        [% CASE 'ERROR_password_too_weak' %]
+            <div class="alert alert-danger">The patron has not been created the entered password was too weak, must contain at least one uppercase, and lower case letter and one number</div>
+        [% CASE 'ERROR_password_has_whitespaces' %]
+            <div class="alert alert-danger">The patron has not been created the entered password contained whitespaces</div>
         [% CASE %][% message %]
     [% END %]
 [% END %]