Bug 33462: Add ability to force password change for new patrons entered by staff
This patch attempts to force a password change for new staff created patrons.
This is done by setting the password_expiration_date to an expired date when
adding a new patron. This patch adds a new system preference
'ForcePasswordResetWhenSetByStaff' and a new column to the categories table
'force_password_reset_when_set_by_staff.
To test:
1) Apply patch, restart_all, updatedatabase, and also be sure to update schema.
2) Visit Administration->Sytem Preferences and search for 'EnableExpiredPasswordReset'.
Make sure this is set to enable. Now search for 'ForcePasswordResetWhenSetByStaff'.
This should be defaulted to 'Don't force'.
3) Keep that tab open and visit Administration->Patron categories. Click on edit
on the Board category. Noitce that there is a now a 'Force new patron password reset'
section. Notice that the by default, this is set to follow the
ForcePasswordResetWhenSetByStaff system preference (currently set to don't force).
Click on the dropdown and change it to 'Force'. Save changes
4) Click on the Patrons tab to visit members-home.pl and then click 'New Patron'.
Select on Patron. Fill in the required information and also enter a password.
5) Submit this form and notice that the patron's password expiration date is set
to never. This should be the case because the default for 'Force new patron
password reset' follows the sys. pref. which is still set to 'Don't force' (You
could have some expiry date in this step, but it should at least be set to a
date that is not expired. this depends on whether or not you have a defalut
password expiration date set in patron categories )
6) Log into the OPAC with this patron and notice it works as expected and log in
was successful.
7) Go back to the patron home page and click to add a new patron. This time select
'Board'. Once again fill out the required info, enter a password, and then save
the form.
8) Notice that for this patron, the password expiration date is set for today's
date. This is because we changed the setting for the 'Board' patron category to
force.
9) Log into the OPAC with this patron. You should be redirected to a page with an
error that says: "It's your first login! You need to reset your password." Click
on the reset password link below this message.
10) You should be sent to a page where you can reset your password. Fill in the
form and click 'Update password'. Attempt to sign into the OPAC with this new
password. Everything works as expected.
11) Go back to the staff interface and view this patron's detail page. Notice the
password expiration date is now set to what the default is in the patron
category.
12) Edit this patrons information and set their password expiration date to
yesterday. Go back to the OPAC and try to sign in with this patron again. Note
that this time, you are also redirected but the message says "Error: Your
password has expired!"
13) Go back to the staff interface and visit the sys. pref tab we left open. Set
it to the 'Force' option and save changes.
14) Visit the patron home page and click add patron, now select the patron
category again. Fill in required info and enter password. Submit form and note
that the patron's password expiration date is set to today. Try to login to
the OPAC with this patron, you should be redirected to the page with the error
that says "Error: It's your first login! You need to reset your password."
15) Sign-off :)
Signed-off-by: Laura_Escamilla <laura.escamilla@bywatersolutions.com> Signed-off-by: Olivier V <olivier.vezina@inLibro.com> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
projects / koha.git / commit