Details
-
Type:
Improvement
-
Status: Closed
-
Priority:
Major
-
Resolution: Fixed
-
Affects Version/s: 5.11.0
-
Fix Version/s: 5.13.0-b1
-
Component/s: Staff Interface
-
Labels:None
Description
By default the only requirement for client passwords is that they be at least 6 characters in length. If I understand, this is defined in /app/models/users.php in getRules, like so:
'new_password' => [
'format' => [
'rule' => 'isPassword',
'message' => $this->_('Users.!error.new_password.format'),
],
isPassword is defined in the Input model /vendors/minphp/input/src/Input.php and it allows a minimum length to be set, as well as some pre-defined regex's including: any, any_no_space, alpha_num, alpha, num, custom. If custom is selected then a custom regex can be supplied.
Add a new option under Settings > Client Options: General Client Settings below the last field "Client ID Increment Value". It will consist of 3 new fields.
- Dropdown field called Rule that contains all the rules supported by the isPassword method, but label them like so: Any Characters (any), No Spaces (any_no_space), Alphanumeric Only (alpha_num), Alpha Only (alpha), Numbers Only (num), and Custom.
- If "Custom" is selected, show an Input field where a custom regex may be entered.
- If Custom is not selected, include an input field called "Length". Default to 6.
The reason the length field is not shown for a custom regex is because the length will be defined in the custom regex.
The fields should default to: Any Characters, Any, and 6 for password length. This makes it work the same as it does now.
Activity
Paul Phillips
created issue -
Paul Phillips
made changes -
| Field | Original Value | New Value |
|---|---|---|
| Rank | Ranked higher |
Paul Phillips
made changes -
| Rank | Ranked lower |
| Story Points | 5 |
| Sprint | 5.13.0 Sprint 2 [ 217 ] |
| Rank | Ranked higher |
| Assignee | Abdy Franco [ abdy ] |
| Status | Open [ 1 ] | In Progress [ 3 ] |
| Remaining Estimate | 0 minutes [ 0 ] | |
| Time Spent | 7 hours, 41 minutes [ 27660 ] | |
| Worklog Id | 17812 [ 17812 ] |
| Status | In Progress [ 3 ] | In Review [ 5 ] |
| Resolution | Fixed [ 1 ] |
| Sprint | 5.13.0 Sprint 2 [ 217 ] | 5.13.0 Sprint 2, 5.13.0 Sprint 3 [ 217, 218 ] |
| Rank | Ranked higher |
| Time Spent | 7 hours, 41 minutes [ 27660 ] | 1 day, 28 minutes [ 30480 ] |
| Worklog Id | 17862 [ 17862 ] |
| Status | In Review [ 5 ] | Closed [ 6 ] |
| Resolution | Fixed [ 1 ] | |
| Status | Closed [ 6 ] | Reopened [ 4 ] |
| Assignee | Abdy Franco [ abdy ] | Jonathan Reissmueller [ jonathan ] |
| Status | Reopened [ 4 ] | In Review [ 5 ] |
| Resolution | Fixed [ 1 ] |
| Status | In Review [ 5 ] | Closed [ 6 ] |
| Resolution | Fixed [ 1 ] | |
| Status | Closed [ 6 ] | Reopened [ 4 ] |
| Time Spent | 1 day, 28 minutes [ 30480 ] | 1 day, 54 minutes [ 32040 ] |
| Worklog Id | 17993 [ 17993 ] |
| Status | Reopened [ 4 ] | Closed [ 6 ] |
| Resolution | Fixed [ 1 ] |
6 char min requirement is not set on install. Error message is always "Please enter a password at least 6 characters in length." It should be specific to the rule. For regexes I think we should allow the user to define their own message. Most of the fields on this page are also included on the client group but this one is not. A placeholder with slashes and the string start/end symbols would be welcome for the regex.