Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-67950

Logical inconsistency between $CFG->passwordpolicy between check_password_policy vs print_password_policy

XMLWordPrintable

    • MOODLE_38_STABLE, MOODLE_39_STABLE
    • MOODLE_39_STABLE
    • MDL-67950-passwordpolicy-callback
    • Hide

      1) Turn policy off

      php admin/cli/cfg.php --name=passwordpolicy --set=0

      2) Confirm you can set poor passwords

      php admin/cli/reset_password.php --username=admin --password=admin

      3) Add a callback to mod/assign/lib/php

      function mod_assign_check_password_policy(){
          return 'always fail';
      }

      4) Purge cache to pick it up

      php admin/cli/purge_caches.php

      5) Turn policy on

      php admin/cli/cfg.php --name=passwordpolicy --set=1

      6) Attempt reset and confirm you get 'always fail':

      php admin/cli/reset_password.php --username=admin --password=admin
      Passwords must be at least 8 characters long.
      Passwords must have at least 1 digit(s).
      Passwords must have at least 1 upper case letter(s).
      Passwords must have at least 1 non-alphanumeric character(s) such as as *, -, or #.
      always fail

      7) Retry with confirm ignored and confirm it still works

      php admin/cli/reset_password.php --username=admin --password=admin --ignore-password-policy
      Password changed

       

       

      Show
      1) Turn policy off php admin/cli/cfg.php --name=passwordpolicy --set=0 2) Confirm you can set poor passwords php admin/cli/reset_password.php --username=admin --password=admin 3) Add a callback to mod/assign/lib/php function mod_assign_check_password_policy() {     return 'always fail'; } 4) Purge cache to pick it up php admin/cli/purge_caches.php 5) Turn policy on php admin/cli/cfg.php --name=passwordpolicy --set=1 6) Attempt reset and confirm you get 'always fail': php admin/cli/reset_password.php --username=admin --password=admin Passwords must be at least 8 characters long. Passwords must have at least 1 digit(s). Passwords must have at least 1 upper case letter(s). Passwords must have at least 1 non-alphanumeric character(s) such as as *, -, or #. always fail 7) Retry with confirm ignored and confirm it still works php admin/cli/reset_password.php --username=admin --password=admin --ignore-password-policy Password changed    

      There is a $CFG->passwordpolicy mismatch between the actually policy and the help for the policy, ie:

      https://github.com/moodle/moodle/blob/master/lib/weblib.php#L3619-L3644

      vs

      https://github.com/moodle/moodle/blob/master/lib/moodlelib.php#L4989-L5021

            brendanheywood Brendan Heywood
            brendanheywood Brendan Heywood
            Peter Burnett Peter Burnett
            Eloy Lafuente (stronk7) Eloy Lafuente (stronk7)
            Janelle Barcega Janelle Barcega
            Votes:
            1 Vote for this issue
            Watchers:
            5 Start watching this issue

              Created:
              Updated:
              Resolved:

                Estimated:
                Original Estimate - Not Specified
                Not Specified
                Remaining:
                Remaining Estimate - 0 minutes
                0m
                Logged:
                Time Spent - 25 minutes
                25m

                  Error rendering 'clockify-timesheets-time-tracking-reports:timer-sidebar'. Please contact your Jira administrators.