From 061e95f4b170053b395830e29d9c959abcb0bd43 Mon Sep 17 00:00:00 2001
From: Owen Leonard <oleonard@myacpl.org>
Date: Fri, 22 Mar 2019 12:57:31 +0000
Subject: [PATCH] Bug 22561: Forgotten password requirements hint doesn't list
 all rules for new passwords

This patch modifies a few templates in the OPAC so that all available
information on password requirements is displayed for each case where
the patron is setting a password:

 - If the RequireStrongPassword system preference is set, a message
   should appear listing strong password requirements and minimum
   password length.
 - If RequireStrongPassword is not set, the message should only ask for
   a minimum password length.

To test, apply the patch and enable the PatronSelfRegistration and
OpacResetPassword preferences.

On the following pages, test with RequireStrongPassword both on and
off. The correct messages should appear.

 - OPAC -> Forgot password. Follow the process to reset your password
   until you reach the step where you are entering the new password.
 - OPAC -> Register here. Check the password section of the registration
   form.
 - OPAC -> Log in -> Change your password.

Signed-off-by: Liz Rea <wizzyrea@gmail.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
(cherry picked from commit 50be1c4006e0a1d7e3b537bd849bc77f7a6bb56f)
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit e3e64974d830a8699e8648a82d21a7ffce502955)

Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
---
 .../opac-tmpl/bootstrap/en/modules/opac-memberentry.tt    | 8 ++++++--
 koha-tmpl/opac-tmpl/bootstrap/en/modules/opac-passwd.tt   | 7 ++++++-
 .../bootstrap/en/modules/opac-password-recovery.tt        | 8 ++++++--
 3 files changed, 18 insertions(+), 5 deletions(-)

diff --git a/koha-tmpl/opac-tmpl/bootstrap/en/modules/opac-memberentry.tt b/koha-tmpl/opac-tmpl/bootstrap/en/modules/opac-memberentry.tt
index 7b391960af..330e146b4c 100644
--- a/koha-tmpl/opac-tmpl/bootstrap/en/modules/opac-memberentry.tt
+++ b/koha-tmpl/opac-tmpl/bootstrap/en/modules/opac-memberentry.tt
@@ -808,9 +808,13 @@
                     <fieldset class="rows" id="memberentry_password">
                         <legend id="contact_legend">Password</legend>
                         <div class="alert alert-info">
-                            <p>Your password must be at least [% Koha.Preference('minPasswordLength') %] characters long.</p>
+                            [% IF ( Koha.Preference('RequireStrongPassword') ) %]
+                                <p>Your password must contain at least [% Koha.Preference('minPasswordLength') | html %] characters, including UPPERCASE, lowercase and numbers.</p>
+                            [% ELSE %]
+                                <p>Your password must be at least [% Koha.Preference('minPasswordLength') | html %] characters long.</p>
+                            [% END %]
                             [% UNLESS mandatory.defined('password') %]
-                                <div>If you do not enter a password a system generated password will be created.</div>
+                                <p>If you do not enter a password a system generated password will be created.</p>
                             [% END %]
                         </div>
 
diff --git a/koha-tmpl/opac-tmpl/bootstrap/en/modules/opac-passwd.tt b/koha-tmpl/opac-tmpl/bootstrap/en/modules/opac-passwd.tt
index f34b9193a7..b62192365b 100644
--- a/koha-tmpl/opac-tmpl/bootstrap/en/modules/opac-passwd.tt
+++ b/koha-tmpl/opac-tmpl/bootstrap/en/modules/opac-passwd.tt
@@ -53,9 +53,14 @@
                     [% IF ( OpacPasswordChange ) %]
                         [% IF ( Ask_data ) %]
 
+
                             <form action="/cgi-bin/koha/opac-passwd.pl" name="mainform" id="mainform" method="post" autocomplete="off">
                                 <fieldset>
-                                    [% UNLESS ( ShortPass ) %]<div class="alert alert-info">Your password must be at least [% minPasswordLength%] characters long.</div>[% END %]
+                                    [% IF ( Koha.Preference('RequireStrongPassword') ) %]
+                                        <div class="alert alert-info">Your password must contain at least [% Koha.Preference('minPasswordLength') | html %] characters, including UPPERCASE, lowercase and numbers.</div>
+                                    [% ELSE %]
+                                        <div class="alert alert-info">Your password must be at least [% Koha.Preference('minPasswordLength') | html %] characters long.</div>
+                                    [% END %]
                                     <label for="Oldkey">Current password:</label> <input type="password" id="Oldkey" size="25"  name="Oldkey" />
                                     <label for="Newkey">New password:</label> <input type="password" id="Newkey"  size="25"  name="Newkey" />
                                     <label for="Confirm">Re-type new password:</label> <input type="password"  id="Confirm" size="25" name="Confirm" />
diff --git a/koha-tmpl/opac-tmpl/bootstrap/en/modules/opac-password-recovery.tt b/koha-tmpl/opac-tmpl/bootstrap/en/modules/opac-password-recovery.tt
index e1b4ba0a06..aca5a532a3 100644
--- a/koha-tmpl/opac-tmpl/bootstrap/en/modules/opac-password-recovery.tt
+++ b/koha-tmpl/opac-tmpl/bootstrap/en/modules/opac-password-recovery.tt
@@ -103,7 +103,11 @@
                     <form action="/cgi-bin/koha/opac-password-recovery.pl" method="post" autocomplete="off">
                         <input type="hidden" name="koha_login_context" value="opac" />
                         <fieldset>
-                            <div class="alert alert-info">The password must contain at least [% minPasswordLength %] characters.</div>
+                            [% IF ( Koha.Preference('RequireStrongPassword') ) %]
+                                <div class="alert alert-info">Your password must contain at least [% Koha.Preference('minPasswordLength') | html %] characters, including UPPERCASE, lowercase and numbers.</div>
+                            [% ELSE %]
+                                <div class="alert alert-info">Your password must be at least [% Koha.Preference('minPasswordLength') | html %] characters long.</div>
+                            [% END %]
                             <label for="password">New password:</label>
                             <input type="password" id="password" size="40" name="password" />
                             <label for="repeatPassword">Confirm new password:</label>
@@ -122,7 +126,7 @@
                             <br/>Please click the link in this email to finish the process of resetting your password.
                             <br/>This link is valid for 2 days starting now.
                         </p>
-                        <a href="/cgi-bin/koha/opac-main.pl"">Return to the main page</a>
+                        <a href="/cgi-bin/koha/opac-main.pl">Return to the main page</a>
                     </div>
 [% ELSIF (password_reset_done) %]
                     <div class="alert alert-success">
-- 
2.39.5