Koha/koha-tmpl/intranet-tmpl/prog/en/modules/members/member-password.tt
Josef Moravec be4d4a8e28 Bug 19908: Password fields in edit/add patron form should respect BorrowerMandatoryField preference
Test plan:
0) Do not apply the patch, note the password field is always required
1) Apply the patch
2) Try to add and edit patron with and without "password" in BorrowerMandatoryField, it should always respect this setting
3) Use "Change password" button in patron toolbar, the password field
should be never required here - when leaved blank, the password is
unchanged
4) Play with  minPasswordLength and  RequireStrongPassword preferences,
    to ensure they work as expected

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2018-03-19 12:23:12 -03:00

154 lines
6.5 KiB
Text

[% USE Koha %]
[% USE Branches %]
[% SET footerjs = 1 %]
[% INCLUDE 'doc-head-open.inc' %]
<title>Koha &rsaquo; Patrons &rsaquo; [% IF ( newpassword ) %]Password updated [% ELSE %]Update password for [% patron.surname %], [% patron.firstname %][% END %]</title>
[% INCLUDE 'doc-head-close.inc' %]
</head>
<body id="pat_member-password" class="pat">
[% INCLUDE 'header.inc' %]
[% INCLUDE 'patron-search.inc' %]
<div id="breadcrumbs"><a href="/cgi-bin/koha/mainpage.pl">Home</a> &rsaquo; <a href="/cgi-bin/koha/members/members-home.pl">Patrons</a> &rsaquo; <a href="/cgi-bin/koha/members/moremember.pl?borrowernumber=[% patron.borrowernumber %]">[% patron.firstname %] [% patron.surname %]</a> &rsaquo; [% IF ( newpassword ) %]Password Updated[% ELSE %]Change username and/or password[% END %]</div>
<div id="doc3" class="yui-t2">
<div id="bd">
<div id="yui-main">
<div class="yui-b">
[% INCLUDE 'members-toolbar.inc' %]
[% IF ( newpassword ) %]
<h1>Password Updated</h1>
[% ELSE %]
<form method="post" id="changepasswordf" action="/cgi-bin/koha/members/member-password.pl">
<input type="hidden" name="destination" value="[% destination %]" />
<input type="hidden" name="cardnumber" value="[% patron.cardnumber %]" />
<input type="hidden" name="borrowernumber" id="borrowernumber" value="[% patron.borrowernumber %]" />
[% IF ( errormsg ) %]
<div class="dialog alert">
<h4>The following errors have occurred:</h4>
<ul>
[% IF ( BADUSERID ) %]
<li>You have entered a username that already exists. Please choose another one.</li>
[% END %]
[% IF ( ERROR_password_too_short ) %]
<li id="ERROR_short_password">Password must be at least [% Koha.Preference('minPasswordLength') %] characters long.</li>
[% END %]
[% IF ( ERROR_password_too_weak ) %]
<li id="ERROR_weak_password">Password must contain at least one digit, one lowercase and one uppercase.</li>
[% END %]
[% IF ( ERROR_password_has_whitespaces ) %]
<li id="ERROR_weak_password">Password must not contain leading or trailing whitespaces.</li>
[% END %]
[% IF ( NOPERMISSION ) %]
<li>You do not have permission to edit this patron's login information.</li>
[% END %]
[% IF ( NOMATCH ) %]
<li><strong>The passwords entered do not match</strong>. Please re-enter the new password.</li>
[% END %]
</ul>
</div>
[% END %]
<fieldset class="brief"><legend>Change username and/or password for [% patron.firstname %] [% patron.surname %]</legend>
<ol>
<li><label for="newuserid">New username:</label>
<input type="hidden" name="member" value="[% patron.borrowernumber %]" /><input type="text" id="newuserid" name="newuserid" size="20" value="[% patron.userid %]" /></li>
[% SET password_pattern = ".{" _ Koha.Preference('minPasswordLength') _ ",}" %]
[% IF Koha.Preference('RequireStrongPassword') %]
[% SET password_pattern = '(?=.*\d)(?=.*[a-z])(?=.*[A-Z]).{' _ Koha.Preference('minPasswordLength') _ ',}' %]
[% END %]
<li>
<label for="newpassword">New password:</label>
<div class="hint">Koha cannot display existing passwords. Leave the field blank to leave password unchanged.</div>
<input name="newpassword" id="newpassword" type="password" size="20" />
</li>
<li>
<label for="newpassword2">Confirm new password:</label>
<input name="newpassword2" id="newpassword2" type="password" size="20" />
</li>
</ol>
</fieldset>
<fieldset class="action">
<input type="hidden" name="csrf_token" value="[% csrf_token %]" />
<input type="submit" value="Save" />
<a class="cancel" href="/cgi-bin/koha/members/moremember.pl?borrowernumber=[% patron.borrowernumber %]">Cancel</a>
</fieldset>
</form>[% END %]
</div>
</div>
<div class="loading hide"><strong>Processing...</strong><img src="[% interface %]/[% theme %]/img/loading.gif" alt="" /></div>
<div class="yui-b">
[% INCLUDE 'circ-menu.inc' %]
</div>
</div>
[% MACRO jsinclude BLOCK %]
<script type="text/javascript" src="[% interface %]/[% theme %]/js/members-menu_[% KOHA_VERSION %].js"></script>
<script type="text/JavaScript">
function generate_password() {
// Always generate a strong password
var chars = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
var length = [% Koha.Preference('minPasswordLength') %];
if ( length < 8 ) length = 8;
var password='';
for ( var i = 0 ; i < length ; i++){
password += chars.charAt(Math.floor(Math.random()*chars.length));
}
return password;
}
$(document).ready(function() {
$("body").on('click', "#fillrandom",function(e) {
e.preventDefault();
var password = '';
var pattern_regex = /(?=.*\d)(?=.*[a-z])(?=.*[A-Z]).{[% Koha.Preference('minPasswordLength') %],}/;
while ( ! pattern_regex.test( password ) ) {
password = generate_password();
}
$("#newpassword").val(password);
$("#newpassword").attr('type', 'text');
$("#newpassword2").val(password);
$("#newpassword2").attr('type', 'text');
});
$("div.hint").eq(0).after(" <div class=\"hint\"><a href=\"#\" id=\"fillrandom\">"+_("Click to fill with a randomly generated suggestion. ")+"<strong>"+_("Passwords will be displayed as text")+"</strong>.</a></div>");
$(document).ajaxStart(function () {
$("input[name^=newpassword]").hide();
$("label[for=newpassword2]").hide();
$(".hint:last").after($(".loading").show());
});
$(document).ajaxStop(function () {
$("input[name^=newpassword]").show();
$("label[for=newpassword2]").show();
$(".loading").hide();
$("label.error").hide();
});
[% IF NOMATCH %]
$("#newpassword").addClass('focus');
[% END %]
$("#changepasswordf").validate({
rules: {
newpassword: {
password_strong: true,
password_no_spaces: true
},
newpassword2: {
password_match: true
}
}
});
});
</script>
[% PROCESS 'password_check.inc' %]
[% PROCESS 'add_password_check' new_password => 'newpassword' %]
[% END %]
[% INCLUDE 'intranet-bottom.inc' %]