summaryrefslogtreecommitdiffstats
path: root/Bugzilla/User.pm
diff options
context:
space:
mode:
Diffstat (limited to 'Bugzilla/User.pm')
-rw-r--r--Bugzilla/User.pm35
1 files changed, 26 insertions, 9 deletions
diff --git a/Bugzilla/User.pm b/Bugzilla/User.pm
index 20cc061dd..d9adec4c7 100644
--- a/Bugzilla/User.pm
+++ b/Bugzilla/User.pm
@@ -63,7 +63,7 @@ use URI::QueryParam;
use base qw(Bugzilla::Object Exporter);
@Bugzilla::User::EXPORT = qw(is_available_username
- login_to_id user_id_to_login validate_password
+ login_to_id user_id_to_login validate_password validate_password_check
USER_MATCH_MULTIPLE USER_MATCH_FAILED USER_MATCH_SUCCESS
MATCH_SKIP_CONFIRM
);
@@ -2376,29 +2376,35 @@ sub user_id_to_login {
}
sub validate_password {
+ my $check = validate_password_check(@_);
+ ThrowUserError($check) if $check;
+ return 1;
+}
+
+sub validate_password_check {
my ($password, $matchpassword) = @_;
if (length($password) < USER_PASSWORD_MIN_LENGTH) {
- ThrowUserError('password_too_short');
+ return 'password_too_short';
} elsif ((defined $matchpassword) && ($password ne $matchpassword)) {
- ThrowUserError('passwords_dont_match');
+ return 'passwords_dont_match';
}
-
+
my $complexity_level = Bugzilla->params->{password_complexity};
if ($complexity_level eq 'letters_numbers_specialchars') {
- ThrowUserError('password_not_complex')
+ return 'password_not_complex'
if ($password !~ /[[:alpha:]]/ || $password !~ /\d/ || $password !~ /[[:punct:]]/);
} elsif ($complexity_level eq 'letters_numbers') {
- ThrowUserError('password_not_complex')
+ return 'password_not_complex'
if ($password !~ /[[:lower:]]/ || $password !~ /[[:upper:]]/ || $password !~ /\d/);
} elsif ($complexity_level eq 'mixed_letters') {
- ThrowUserError('password_not_complex')
+ return 'password_not_complex'
if ($password !~ /[[:lower:]]/ || $password !~ /[[:upper:]]/);
}
# Having done these checks makes us consider the password untainted.
trick_taint($_[0]);
- return 1;
+ return;
}
@@ -3023,12 +3029,23 @@ we return an empty string.
=item C<validate_password($passwd1, $passwd2)>
Returns true if a password is valid (i.e. meets Bugzilla's
-requirements for length and content), else returns false.
+requirements for length and content), else throws an error.
Untaints C<$passwd1> if successful.
If a second password is passed in, this function also verifies that
the two passwords match.
+=item C<validate_password_check($passwd1, $passwd2)>
+
+This sub routine is similair to C<validate_password>, except that it allows
+the calling code to handle its own errors.
+
+Returns undef and untaints C<$passwd1> if a password is valid (i.e. meets
+Bugzilla's requirements for length and content), else returns the error.
+
+If a second password is passed in, this function also verifies that
+the two passwords match.
+
=item C<match_field($data, $fields, $behavior)>
=over