diff options
author | Mark Wells <mark@freeside.biz> | 2015-11-19 14:52:42 -0800 |
---|---|---|
committer | Mark Wells <mark@freeside.biz> | 2015-11-19 16:27:36 -0800 |
commit | a68f2e9239ad5cde3bd25ca7aea6af7e0f2ce75f (patch) | |
tree | 42c7b379349b820159ecc11abf84ccdc1d5461c8 /FS/FS/contact.pm | |
parent | 86d92aec66af195a25fb0a5fd5505adde99fd66c (diff) |
password policy enforcement for contacts, #32456
Diffstat (limited to 'FS/FS/contact.pm')
-rw-r--r-- | FS/FS/contact.pm | 35 |
1 files changed, 28 insertions, 7 deletions
diff --git a/FS/FS/contact.pm b/FS/FS/contact.pm index 0428d89..e5ddcdc 100644 --- a/FS/FS/contact.pm +++ b/FS/FS/contact.pm @@ -1,5 +1,6 @@ package FS::contact; -use base qw( FS::Record ); +use base qw( FS::Password_Mixin + FS::Record ); use strict; use vars qw( $skip_fuzzyfiles ); @@ -187,22 +188,26 @@ sub insert { } + my $error; if ( $existing_contact ) { $self->$_($existing_contact->$_()) for qw( contactnum _password _password_encoding ); - $self->SUPER::replace($existing_contact); + $error = $self->SUPER::replace($existing_contact); } else { - my $error = $self->SUPER::insert; - if ( $error ) { - $dbh->rollback if $oldAutoCommit; - return $error; - } + $error = $self->SUPER::insert; } + $error ||= $self->insert_password_history; + + if ( $error ) { + $dbh->rollback if $oldAutoCommit; + return $error; + } + my $cust_contact = ''; if ( $custnum ) { my %hash = ( 'contactnum' => $self->contactnum, @@ -426,6 +431,9 @@ sub replace { } my $error = $self->SUPER::replace($old); + if ( $old->_password ne $self->_password ) { + $error ||= $self->insert_password_history; + } if ( $error ) { $dbh->rollback if $oldAutoCommit; return $error; @@ -790,9 +798,22 @@ sub authenticate_password { } +=item change_password NEW_PASSWORD + +Changes the contact's selfservice access password to NEW_PASSWORD. This does +not check password policy rules (see C<is_password_allowed>) and will return +an error only if editing the record fails for some reason. + +If NEW_PASSWORD is the same as the existing password, this does nothing. + +=cut + sub change_password { my($self, $new_password) = @_; + # do nothing if the password is unchanged + return if $self->authenticate_password($new_password); + $self->change_password_fields( $new_password ); $self->replace; |