Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-67950

Logical inconsistency between $CFG->passwordpolicy between check_password_policy vs print_password_policy

    XMLWordPrintable

Details

    • MOODLE_38_STABLE, MOODLE_39_STABLE
    • MOODLE_39_STABLE
    • MDL-67950-passwordpolicy-callback
    • Hide

      1) Turn policy off

      php admin/cli/cfg.php --name=passwordpolicy --set=0

      2) Confirm you can set poor passwords

      php admin/cli/reset_password.php --username=admin --password=admin

      3) Add a callback to mod/assign/lib/php

      function mod_assign_check_password_policy(){
          return 'always fail';
      }

      4) Purge cache to pick it up

      php admin/cli/purge_caches.php

      5) Turn policy on

      php admin/cli/cfg.php --name=passwordpolicy --set=1

      6) Attempt reset and confirm you get 'always fail':

      php admin/cli/reset_password.php --username=admin --password=admin
      Passwords must be at least 8 characters long.
      Passwords must have at least 1 digit(s).
      Passwords must have at least 1 upper case letter(s).
      Passwords must have at least 1 non-alphanumeric character(s) such as as *, -, or #.
      always fail

      7) Retry with confirm ignored and confirm it still works

      php admin/cli/reset_password.php --username=admin --password=admin --ignore-password-policy
      Password changed

       

       

      Show
      1) Turn policy off php admin/cli/cfg.php --name=passwordpolicy --set=0 2) Confirm you can set poor passwords php admin/cli/reset_password.php --username=admin --password=admin 3) Add a callback to mod/assign/lib/php function mod_assign_check_password_policy() {     return 'always fail'; } 4) Purge cache to pick it up php admin/cli/purge_caches.php 5) Turn policy on php admin/cli/cfg.php --name=passwordpolicy --set=1 6) Attempt reset and confirm you get 'always fail': php admin/cli/reset_password.php --username=admin --password=admin Passwords must be at least 8 characters long. Passwords must have at least 1 digit(s). Passwords must have at least 1 upper case letter(s). Passwords must have at least 1 non-alphanumeric character(s) such as as *, -, or #. always fail 7) Retry with confirm ignored and confirm it still works php admin/cli/reset_password.php --username=admin --password=admin --ignore-password-policy Password changed    

    Description

      There is a $CFG->passwordpolicy mismatch between the actually policy and the help for the policy, ie:

      https://github.com/moodle/moodle/blob/master/lib/weblib.php#L3619-L3644

      vs

      https://github.com/moodle/moodle/blob/master/lib/moodlelib.php#L4989-L5021

      Attachments

        Issue Links

          Activity

            People

              brendanheywood Brendan Heywood
              brendanheywood Brendan Heywood
              Peter Burnett Peter Burnett
              Eloy Lafuente (stronk7) Eloy Lafuente (stronk7)
              Janelle Barcega Janelle Barcega
              Andrew Lyons, Huong Nguyen, Jun Pataleta, Michael Hawkins, Shamim Rezaie, Simey Lameze, Stevani Andolo, Adrian Greeve, Jake Dallimore, Mathew May, Mihail Geshoski
              Votes:
              1 Vote for this issue
              Watchers:
              5 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:
                15/Jun/20

                Time Tracking

                  Estimated:
                  Original Estimate - Not Specified
                  Not Specified
                  Remaining:
                  Remaining Estimate - 0 minutes
                  0m
                  Logged:
                  Time Spent - 25 minutes
                  25m