From 101264df51f2ae06f9cabf4b394bbee3bc7fedf9 Mon Sep 17 00:00:00 2001
From: Mark Wells <mark@freeside.biz>
Date: Thu, 19 Nov 2015 16:38:13 -0800
Subject: password policy enforcement for access_users, #32456

---
 httemplate/edit/process/access_user.html | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

(limited to 'httemplate/edit')

diff --git a/httemplate/edit/process/access_user.html b/httemplate/edit/process/access_user.html
index 0554bb940..bbe4268be 100644
--- a/httemplate/edit/process/access_user.html
+++ b/httemplate/edit/process/access_user.html
@@ -43,7 +43,8 @@ sub post_new_object_callback {
 
   if ( length($cgi->param('_password')) ) {
     my $password = scalar($cgi->param('_password'));
-    $access_user->change_password_fields($password);
+    my $error = $access_user->is_password_allowed($password)
+             || $access_user->change_password($password);
   }
 
 }
-- 
cgit v1.2.1


From 42ebaebeafc054ca0c3a924efd7a53154fdcf35e Mon Sep 17 00:00:00 2001
From: Mark Wells <mark@freeside.biz>
Date: Fri, 20 Nov 2015 14:52:24 -0800
Subject: password policy enforcement for svc_dsl, #32456

---
 httemplate/edit/process/svc_dsl.html | 15 +++++++++++++++
 1 file changed, 15 insertions(+)

(limited to 'httemplate/edit')

diff --git a/httemplate/edit/process/svc_dsl.html b/httemplate/edit/process/svc_dsl.html
index 627329a00..889366e07 100644
--- a/httemplate/edit/process/svc_dsl.html
+++ b/httemplate/edit/process/svc_dsl.html
@@ -1,5 +1,6 @@
 <% include( 'elements/svc_Common.html',
                'table'    => 'svc_dsl',
+               'precheck_callback' => $precheck_callback,
            )
 %>
 <%init>
@@ -7,4 +8,18 @@
 die "access denied"
   unless $FS::CurrentUser::CurrentUser->access_right('Provision customer service'); #something else more specific?
 
+my $precheck_callback = sub {
+  my $cgi = shift;
+  my $svcnum = $cgi->param('svcnum');
+  my $error = '';
+  if ( $svcnum ) {
+    my $old = FS::svc_dsl->by_key($svcnum);
+    my $newpass = $cgi->param('password');
+    if ( $old and $newpass ne $old->password ) {
+      $error ||= $old->is_password_allowed($newpass);
+    }
+  }
+  $error;
+};
+
 </%init>
-- 
cgit v1.2.1


From 45d0f6c6325fb8ab5fdc478a7dc278872defa479 Mon Sep 17 00:00:00 2001
From: Jonathan Prykop <jonathan@freeside.biz>
Date: Sat, 21 Nov 2015 01:54:21 -0600
Subject: RT#29354: Password Security in Email

---
 httemplate/edit/svc_acct.cgi | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

(limited to 'httemplate/edit')

diff --git a/httemplate/edit/svc_acct.cgi b/httemplate/edit/svc_acct.cgi
index 31678a991..0cf0c20e1 100755
--- a/httemplate/edit/svc_acct.cgi
+++ b/httemplate/edit/svc_acct.cgi
@@ -50,7 +50,12 @@
      'required' => $part_svc->part_svc_column('_password')->required ) %>
   <TD>
     <INPUT TYPE="text" ID="clear_password" NAME="clear_password" VALUE="<% $password %>" SIZE=<% $pmax2 %> MAXLENGTH=<% $pmax %>>
-    <& /elements/random_pass.html, 'clear_password' &>
+    <& /elements/random_pass.html, 'clear_password' &><BR>
+    <DIV ID="clear_password_result" STYLE="font-size: smaller"></DIV>
+    <& '/elements/validate_password.html', 
+         'fieldid' => 'clear_password',
+         'svcnum' => $svcnum 
+    &>
   </TD>
 </TR>
 %}else{
-- 
cgit v1.2.1