Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-67950

Logical inconsistency between $CFG->passwordpolicy between check_password_policy vs print_password_policy

    XMLWordPrintable

Details

    • MOODLE_38_STABLE, MOODLE_39_STABLE
    • MOODLE_39_STABLE
    • MDL-67950-passwordpolicy-callback
    • Hide

      1) Turn policy off

      php admin/cli/cfg.php --name=passwordpolicy --set=0

      2) Confirm you can set poor passwords

      php admin/cli/reset_password.php --username=admin --password=admin

      3) Add a callback to mod/assign/lib/php

      function mod_assign_check_password_policy(){
          return 'always fail';
      }

      4) Purge cache to pick it up

      php admin/cli/purge_caches.php

      5) Turn policy on

      php admin/cli/cfg.php --name=passwordpolicy --set=1

      6) Attempt reset and confirm you get 'always fail':

      php admin/cli/reset_password.php --username=admin --password=admin
      Passwords must be at least 8 characters long.
      Passwords must have at least 1 digit(s).
      Passwords must have at least 1 upper case letter(s).
      Passwords must have at least 1 non-alphanumeric character(s) such as as *, -, or #.
      always fail

      7) Retry with confirm ignored and confirm it still works

      php admin/cli/reset_password.php --username=admin --password=admin --ignore-password-policy
      Password changed

       

       

      Show
      1) Turn policy off php admin/cli/cfg.php --name=passwordpolicy --set=0 2) Confirm you can set poor passwords php admin/cli/reset_password.php --username=admin --password=admin 3) Add a callback to mod/assign/lib/php function mod_assign_check_password_policy() {     return 'always fail'; } 4) Purge cache to pick it up php admin/cli/purge_caches.php 5) Turn policy on php admin/cli/cfg.php --name=passwordpolicy --set=1 6) Attempt reset and confirm you get 'always fail': php admin/cli/reset_password.php --username=admin --password=admin Passwords must be at least 8 characters long. Passwords must have at least 1 digit(s). Passwords must have at least 1 upper case letter(s). Passwords must have at least 1 non-alphanumeric character(s) such as as *, -, or #. always fail 7) Retry with confirm ignored and confirm it still works php admin/cli/reset_password.php --username=admin --password=admin --ignore-password-policy Password changed    

    Description

      There is a $CFG->passwordpolicy mismatch between the actually policy and the help for the policy, ie:

      https://github.com/moodle/moodle/blob/master/lib/weblib.php#L3619-L3644

      vs

      https://github.com/moodle/moodle/blob/master/lib/moodlelib.php#L4989-L5021

      Attachments

        Issue Links

          Activity

            People

              brendanheywood Brendan Heywood
              brendanheywood Brendan Heywood
              Peter Burnett Peter Burnett
              Eloy Lafuente (stronk7) Eloy Lafuente (stronk7)
              Janelle Barcega Janelle Barcega
              Votes:
              1 Vote for this issue
              Watchers:
              5 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:
                15/Jun/20

                Time Tracking

                  Estimated:
                  Original Estimate - Not Specified
                  Not Specified
                  Remaining:
                  Remaining Estimate - 0 minutes
                  0m
                  Logged:
                  Time Spent - 25 minutes
                  25m