RT#42235: Strict password requirments are not disabled for signup portal [respects agent override]

5 files changed, 17 insertions, 2 deletions

diff --git a/FS/FS/ClientAPI/MyAccount.pm b/FS/FS/ClientAPI/MyAccount.pm
index 5b2421b75..9564e9c9f 100644
--- a/FS/FS/ClientAPI/MyAccount.pm
+++ b/FS/FS/ClientAPI/MyAccount.pm
@@ -3282,6 +3282,13 @@ sub validate_passwd {
     # end false laziness
   }
 
+  unless ($svc_acct) {
+    my $conf = new FS::Conf;
+    my $agentnum = $p->{'agentnum'};
+    return { %result, 'password_valid' => 1 }
+      if $conf->config_bool('password-insecure', $p->{'agentnum'});
+  }
+
   $svc_acct ||= new FS::svc_acct {};
 
   my $error = $svc_acct->is_password_allowed($p->{'check_password'});
diff --git a/FS/FS/ClientAPI/Signup.pm b/FS/FS/ClientAPI/Signup.pm
index a9678b051..7c70a6717 100644
--- a/FS/FS/ClientAPI/Signup.pm
+++ b/FS/FS/ClientAPI/Signup.pm
@@ -700,6 +700,7 @@ sub new_customer {
       };
       
       my $error = $svc->is_password_allowed($packet->{_password});
+      $error = '' if $conf->config_bool('password-insecure', $agentnum);
       return { error => $error } if $error;
 
       my @acct_snarf;
diff --git a/FS/FS/Password_Mixin.pm b/FS/FS/Password_Mixin.pm
index fc2e03e89..b80708116 100644
--- a/FS/FS/Password_Mixin.pm
+++ b/FS/FS/Password_Mixin.pm
@@ -54,6 +54,7 @@ sub is_password_allowed {
     my $cust_pkg = FS::cust_pkg->by_key($self->get('pkgnum'));
     $cust_main = $cust_pkg->cust_main if $cust_pkg;
   }
+  # selfservice signup invokes this without customer, but it checks this conf separately
   warn "is_password_allowed: no customer could be identified" if !$cust_main;
   return '' if $cust_main && $conf->config_bool('password-insecure', $cust_main->agentnum);
 
diff --git a/fs_selfservice/FS-SelfService/cgi/add_password_validation.js b/fs_selfservice/FS-SelfService/cgi/add_password_validation.js
index e2e3227f1..b585cd107 100644
--- a/fs_selfservice/FS-SelfService/cgi/add_password_validation.js
+++ b/fs_selfservice/FS-SelfService/cgi/add_password_validation.js
@@ -4,15 +4,21 @@ function add_password_validation (fieldid,nologin) {
     var fieldid = this.id+'_result';
     var resultfield = document.getElementById(fieldid);
     var svcnum = '';
+    var agentnum = '';
     var svcfield = document.getElementById(this.id+'_svcnum');
     if (svcfield) {
       svcnum = svcfield.options[svcfield.selectedIndex].value;
+    } else {
+      var agentfield = document.getElementsByName('agentnum');
+      if (agentfield[0]) {
+        agentnum = agentfield[0].value;
+      }
     }
     if (this.value) {
       resultfield.innerHTML = '<SPAN STYLE="color: blue;">Validating password...</SPAN>';
       var action = nologin ? 'validate_password_nologin' : 'validate_password';
       send_xmlhttp('selfservice.cgi',
-        ['action',action,'fieldid',fieldid,'svcnum',svcnum,'check_password',this.value],
+        ['action',action,'fieldid',fieldid,'svcnum',svcnum,'check_password',this.value,'agentnum',agentnum],
         function (result) {
           result = JSON.parse(result);
           var resultfield = document.getElementById(result.fieldid);
diff --git a/fs_selfservice/FS-SelfService/cgi/selfservice.cgi b/fs_selfservice/FS-SelfService/cgi/selfservice.cgi
index eac5a9874..b00ff4d1c 100755
--- a/fs_selfservice/FS-SelfService/cgi/selfservice.cgi
+++ b/fs_selfservice/FS-SelfService/cgi/selfservice.cgi
@@ -1123,7 +1123,7 @@ sub validate_password_nologin {
   $action = 'validate_password'; #use same landing page
   validate_passwd(
     map { $_ => scalar($cgi->param($_)) }
-      qw( fieldid check_password )
+      qw( fieldid check_password agentnum )
   )
 }