Merge pull request #2000 from Devensys/Develop-MajPasswordPattern

New modGeneratePass with personal conf

htdocs/admin/security.php

@@ -165,6 +165,16 @@ else if ($action == 'disable_MAIN_SECURITY_DISABLEFORGETPASSLINK')
 	exit;
 }
 
+if ($action == 'maj_pattern')
+{
+	dolibarr_set_const($db, "USER_PASSWORD_PATTERN", GETPOST("pattern"),'chaine',0,'',$conf->entity);
+	header("Location: security.php");
+	exit;
+}
+
+
+
+
 
 
 
@@ -265,6 +275,113 @@ foreach ($arrayhandler as $key => $module)
 print '</table>';
 print '</form>';
 
+//if($conf->global->MAIN_SECURITY_DISABLEFORGETPASSLINK == 1)
+// Patter for Password Perso
+if ($conf->global->USER_PASSWORD_GENERATED == "Perso"){
+$var=!$var;
+
+	$tabConf = explode(";",$conf->global->USER_PASSWORD_PATTERN);
+	/*$this->length2 = $tabConf[0];
+	$this->NbMaj = $tabConf[1];
+	$this->NbNum = $tabConf[2];
+	$this->NbSpe = $tabConf[3];
+	$this->NbRepeat = $tabConf[4];
+	$this->WithoutAmbi = $tabConf[5];
+	*/
+	print '<table class="noborder" width="100%">';
+	print '<tr class="liste_titre">';
+	print '<td colspan="3"> '.$langs->trans("PasswordPatternDesc").'</td>';
+	print '</tr>';
+
+	$var=!$var;
+	print "<tr ".$bc[$var].">";
+	print '<td>' . $langs->trans("MinLength")."</td>";
+	print '<td colspan="2"><input type="number" value="'.$tabConf[0].'" id="minlenght" min="1"></td>';
+	print '</tr>';
+
+	$var=!$var;
+	print "<tr ".$bc[$var].">";
+	print '<td>' . $langs->trans("NbMajMin")."</td>";
+	print '<td colspan="2"><input type="number" value="'.$tabConf[1].'" id="NbMajMin" min="0"></td>';
+	print '</tr>';
+
+	$var=!$var;
+	print "<tr ".$bc[$var].">";
+	print '<td>' . $langs->trans("NbNumMin")."</td>";
+	print '<td colspan="2"><input type="number" value="'.$tabConf[2].'" id="NbNumMin" min="0"></td>';
+	print '</tr>';
+
+	$var=!$var;
+	print "<tr ".$bc[$var].">";
+	print '<td>' . $langs->trans("NbSpeMin")."</td>";
+	print '<td colspan="2"><input type="number" value="'.$tabConf[3].'" id="NbSpeMin" min="0"></td>';
+	print '</tr>';
+
+	$var=!$var;
+	print "<tr ".$bc[$var].">";
+	print '<td>' . $langs->trans("NbIteConsecutive")."</td>";
+	print '<td colspan="2"><input type="number" value="'.$tabConf[4].'" id="NbIteConsecutive" min="0"></td>';
+	print '</tr>';
+
+	$var=!$var;
+	print "<tr ".$bc[$var].">";
+	print '<td>' . $langs->trans("NoAmbiCaracAutoGeneration")."</td>";
+	print '<td colspan="2"><input type="checkbox" id="NoAmbiCaracAutoGeneration" '.($tabConf[5] ? "checked" : "").' min="0"> <span id="textcheckbox">'.($tabConf[5] ? $langs->trans("Activated") : $langs->trans("Disabled")).'</span></td>';
+	print '</tr>';
+
+	$var=!$var;
+	print "<tr ".$bc[$var].">";
+	print '<td colspan="2"></td><td width="103" align="center"><a id="linkChangePattern">'.$langs->trans("Save").'</a></td>';
+	print '</tr>';
+	print '</table>';
+
+	print '<script type="text/javascript">';
+	print '	function getStringArg(){';
+	print '		var pattern = "";';
+	print '		pattern += $("#minlenght").val() + ";";';
+	print '		pattern += $("#NbMajMin").val() + ";";';
+	print '		pattern += $("#NbNumMin").val() + ";";';
+	print '		pattern += $("#NbSpeMin").val() + ";";';
+	print '		pattern += $("#NbIteConsecutive").val() + ";";';
+	print '		pattern += $("#NoAmbiCaracAutoGeneration")[0].checked ? "1" : "0";';
+	print '		return pattern;';
+	print '	}';
+
+	print '	function valuePossible(){';
+	print '		var length = parseInt($("#minlenght").val());';
+	print '		var length_mini = parseInt($("#NbMajMin").val()) + parseInt($("#NbNumMin").val()) + parseInt($("#NbSpeMin").val());';
+	print '		return length >= length_mini;';
+	print '	}';
+
+	print '	function generatelink(){';
+	print '		return "security.php?action=maj_pattern&pattern="+getStringArg();';
+	print '	}';
+
+	print '	function valuePatternChange(){';
+	print '		var lang_save = "'.$langs->trans("Save").'";';
+	print '		var lang_error = "'.$langs->trans("Error").'";';
+	print '		var lang_Disabled = "'.$langs->trans("Disabled").'";';
+	print '		var lang_Activated = "'.$langs->trans("Activated").'";';
+	print '		$("#textcheckbox").html($("#NoAmbiCaracAutoGeneration")[0].checked ? unescape(lang_Activated) : unescape(lang_Disabled));';
+	print '		if(valuePossible()){';
+	print '			$("#linkChangePattern").attr("href",generatelink()).text(lang_save);';
+	print '		}';
+	print '		else{';
+	print '			$("#linkChangePattern").attr("href", null).text(lang_error);';
+	print '		}';
+	print '	}';
+
+	print '	$("#minlenght").change(function(){valuePatternChange();});';
+	print '	$("#NbMajMin").change(function(){valuePatternChange();});';
+	print '	$("#NbNumMin").change(function(){valuePatternChange();});';
+	print '	$("#NbSpeMin").change(function(){valuePatternChange();});';
+	print '	$("#NbIteConsecutive").change(function(){valuePatternChange();});';
+	print '	$("#NoAmbiCaracAutoGeneration").change(function(){valuePatternChange();});';
+
+	print '</script>';
+}
+
+
 // Cryptage mot de passe
 print '<br>';
 $var=true;

htdocs/core/modules/security/generate/modGeneratePassPerso.class.php

+<?php
+/* Copyright (C) 2006-2011 Laurent Destailleur <eldy@users.sourceforge.net>
+ * Copyright (C) 2014 Teddy Andreotti <125155@supinfo.com>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ * or see http://www.gnu.org/
+ */
+
+/**
+ *      \file       htdocs/core/modules/security/generate/modGeneratePassPerso.class.php
+ *      \ingroup    core
+ *      \brief      File to manage no password generation.
+ */
+
+require_once DOL_DOCUMENT_ROOT .'/core/modules/security/generate/modules_genpassword.php';
+
+
+/**
+ *	    \class      modGeneratePassPerso
+ *		\brief      Class to generate a password according to personal rules
+ */
+class modGeneratePassPerso extends ModeleGenPassword
+{
+	var $id;
+	var $length;
+	var $length2; // didn't overright display
+	var $NbMaj;
+	var $NbNum;
+	var $NbSpe;
+	var $NbRepeat;
+	var $WithoutAmbi;
+
+	var $db;
+	var $conf;
+	var $lang;
+	var $user;
+
+	var $Maj;
+	var $Min;
+	var $Nb;
+	var $Spe;
+	var $Ambi;
+	var $All;
+
+	/**
+	 *	Constructor
+	 *
+	 *  @param		DoliDB		$db			Database handler
+	 *	@param		Conf		$conf		Handler de conf
+	 *	@param		Translate	$langs		Handler de langue
+	 *	@param		User		$user		Handler du user connecte
+	 */
+	function __construct($db, $conf, $langs, $user)
+	{
+		$this->id = "Perso";
+		$this->length = $langs->trans("SetupPerso");
+
+		$this->db=$db;
+		$this->conf=$conf;
+		$this->langs=$langs;
+		$this->user=$user;
+
+		if(empty($conf->global->USER_PASSWORD_PATTERN)){
+			// default value (8carac, 1maj, 1digit, 1spe,  3 repeat, no ambi at auto generation.
+			dolibarr_set_const($db, "USER_PASSWORD_PATTERN", '8;1;1;1;3;1','chaine',0,'',$conf->entity);
+		}
+
+		$this->Maj = "ABCDEFGHIJKLMNOPQRSTUVWXYZ";
+		$this->Min = strtolower($this->Maj);
+		$this->Nb = "0123456789";
+		$this->Spe = "!@#$%&*()_-+={}[]\\|:;'/";
+		$this->Ambi = array("1","I","l","|","O","0");
+
+		$tabConf = explode(";",$conf->global->USER_PASSWORD_PATTERN);
+		$this->length2 = $tabConf[0];
+		$this->NbMaj = $tabConf[1];
+		$this->NbNum = $tabConf[2];
+		$this->NbSpe = $tabConf[3];
+		$this->NbRepeat = $tabConf[4];
+		$this->WithoutAmbi = $tabConf[5];
+
+		if($this->WithoutAmbi){
+			$this->Maj = str_replace($this->Ambi,"",$this->Maj );
+			$this->Min = str_replace($this->Ambi,"",$this->Min );
+			$this->Nb  = str_replace($this->Ambi,"",$this->Nb  );
+			$this->Spe = str_replace($this->Ambi,"",$this->Spe );
+		}
+
+		$this->All = str_shuffle($this->Maj. $this->Min. $this->Nb. $this->Spe);
+		//$this->All = $this->Maj. $this->Min. $this->Nb. $this->Spe;
+		//$this->All =  $this->Spe;
+
+	}
+
+	/**
+	 *		Return description of module
+	 *
+	 *      @return     string      Description of text
+	 */
+	function getDescription()
+	{
+		global $langs;
+		return $langs->trans("PasswordGenerationPerso");
+	}
+
+	/**
+	 * 		Return an example of password generated by this module
+	 *
+	 *      @return     string      Example of password
+	 */
+	function getExample()
+	{
+		return $this->getNewGeneratedPassword();
+	}
+
+	/**
+	 * 		Build new password
+	 *
+	 *      @return     string      Return a new generated password
+	 */
+	function getNewGeneratedPassword()
+	{
+		$pass = "";
+		for($i=0; $i<$this->NbMaj; $i++){ // Y
+			$pass .= $this->Maj[rand(0,strlen($this->Maj) - 1)];
+		}
+
+		for($i=0; $i<$this->NbNum; $i++){ // X
+			$pass .= $this->Nb[rand(0,strlen($this->Nb) - 1)];
+		}
+
+		for($i=0; $i<$this->NbSpe; $i++){ // @
+			$pass .= $this->Spe[rand(0,strlen($this->Spe) - 1)];
+		}
+
+		for($i=strlen($pass);$i<$this->length2; $i++){ // y
+			$pass .= $this->All[rand(0,strlen($this->All) -1)];
+		}
+
+		$pass = str_shuffle($pass) ;
+
+		if($this->validatePassword($pass)) {
+			return $pass;
+		}
+		return $this->getNewGeneratedPassword();
+	}
+
+	/**
+	 * 		Validate a password
+	 *
+	 *		@param		string	$password	Password to check
+	 *      @return     int					0 if KO, >0 if OK
+	 */
+	function validatePassword($password)
+	{
+		$password_a = str_split($password);
+		$maj = str_split($this->Maj);
+		$num = str_split($this->Nb);
+		$spe = str_split($this->Spe);
+
+		if(count(array_intersect($password_a, $maj)) < $this->NbMaj){
+			return 0;
+		}
+
+		if(count(array_intersect($password_a, $num)) < $this->NbNum){
+			return 0;
+		}
+
+		if(count(array_intersect($password_a, $spe)) < $this->NbSpe){
+			return 0;
+		}
+
+		if(!$this->consecutiveInterationSameCharacter($password)){
+			return 0;
+		}
+
+		return 1;
+	}
+
+	/**
+	 * 		consecutive iterations of the same character
+	 *
+	 *		@param		string	$password	Password to check
+	 *      @return     int					0 if KO, >0 if OK
+	 */
+	function consecutiveInterationSameCharacter($password){
+		$last = "";
+		$count = 0;
+		$char = str_split($password);
+		foreach($char as $c){
+			if($c != $last){
+				$last = $c;
+				$count = 0;
+			}else{
+				$count++;
+			}
+
+			if($count >= $this->NbRepeat) {
+				return 0;
+			}
+		}
+		return 1;
+	}
+}
+

htdocs/langs/fr_FR/admin.lang

@@ -327,6 +327,12 @@ ModuleDisabled=Module désactivé
 ModuleDisabledSoNoEvent=Module désactivé donc événement jamais créé
 ConfirmPurge=Êtes-vous sûr de vouloir réaliser cette purge ?<br>Ceci effacera définitivement tous vos fichiers (espace GED, pièces jointes, etc...).
 MinLength=Longueur minimale
+NbMajMin=Nombre de majuscule minimum
+NbNumMin=Nombre de chiffre minimum
+NbSpeMin=Nombre de caractère speciaux minimum
+NbIteConsecutive=Nombre maximum d'iterations consecutive du même caractère
+NoAmbiCaracAutoGeneration=Ne pas utiliser les caractère ambigus pour la generation automatique ("1","I","l","|","0","O")
+SetupPerso=Configuration personalisable
 LanguageFilesCachedIntoShmopSharedMemory=Fichiers .lang en mémoire partagée
 ExamplesWithCurrentSetup=Exemples avec le paramétrage actif courant
 ListOfDirectories=Liste des répertoires des modèles OpenDocument
@@ -1057,6 +1063,8 @@ EmptyNumRefModelDesc=Code libre sans vérification. Peut être modifié à tout
 ##### Module password generation
 PasswordGenerationStandard=Renvoie un mot de passe généré selon l'algorithme interne de Dolibarr : 8 caractères, chiffres et caractères en minuscules mélangés.
 PasswordGenerationNone=Ne propose pas de mots de passe générés. Le mot de passe est à saisir manuellement.
+PasswordGenerationPerso=Renvoie un mot de passe généré selon votre configuration.
+PasswordPatternDesc=Pattern utilisé pour la génération de password personalisé
 ##### Users setup #####
 UserGroupSetup=Configuration module utilisateurs et groupes
 GeneratePassword=Proposer un mot de passe généré