Uploaded image for project: 'eZ Publish / Platform'
  1. eZ Publish / Platform
  2. EZP-29122

As a developer, I want to configure password policies in ezuser Field Definitions

    Details

      Description

      It should be possible to configure password policies through ezuser fields definitions.

      Constraints list:

      label input type default
      Minimum password length number 8
      Require at least one uppercase letter checkbox checked
      Require at least one lowercase letter checkbox checked
      Require at least one number checkbox checked
      Require at least one nonalphanumeric character checkbox checked

      Validation by regular expression

      As an alternative to the above, a (perl compatible) regular expression can be entered. When it is, the "simple" constraints in the previous chapter are disabled (greyed out), and not applied. The regular expression's validity must be tested when the form is submitted.

      Error text

      Independently of the chosen validation method, an input field sets the validation error message shown when the constraints aren't met.

      Validation scope

      Validation should happen in all contexts where a user password can be set:

      • User register
      • User edit
      • Change password (user profile, up v2.1)
      • REST API
      • Public API

      Backward compatibility

      Existing installations shouldn't have any of those options enabled. It can be detected in the converter / fieldtype, since the configuration for them won't exist in the database.

      New installations should have the defaults indicated above, prestored in the default user_account field definition.

        Issue Links

          Activity

          Hide
          Barbara Grajczyk added a comment -

          QA approved.

          Show
          Barbara Grajczyk added a comment - QA approved.
          Show
          Barbara Grajczyk added a comment - PR merged: https://github.com/ezsystems/ezpublish-kernel/commit/ca35b890be6dc61e242a180d2fc9d33b9a8bfa1e https://github.com/ezsystems/repository-forms/commit/23af1373498403d877ea553ef3ef78e0e19fbb32 https://github.com/ezsystems/ezplatform-admin-ui/commit/d4d50d3c30bcc8a06c491ed6d92ae625a5e646b2
          Hide
          Sylvain Guittard added a comment -

          Bertrand Dunogier

          For instance, can you both input a regex AND check the various "simple" options ? Shouldn't they be mutually exclusive ?

          Let's do something simple: regex OR simple options.

          Show
          Sylvain Guittard added a comment - Bertrand Dunogier For instance, can you both input a regex AND check the various "simple" options ? Shouldn't they be mutually exclusive ? Let's do something simple: regex OR simple options.
          Hide
          Bertrand Dunogier added a comment -

          I kind of like the idea of customizing constraints from the field definition edit form. It would need some UI specification though. For instance, can you both input a regex AND check the various "simple" options ? Shouldn't they be mutually exclusive ?

          Sylvain Guittard, what do you think ? The specification I wrote mentioned classic configuration, but this is also a valid option. One limitation would be custom validation, that doesn't really make sense together with this approach.

          Show
          Bertrand Dunogier added a comment - I kind of like the idea of customizing constraints from the field definition edit form. It would need some UI specification though. For instance, can you both input a regex AND check the various "simple" options ? Shouldn't they be mutually exclusive ? Sylvain Guittard , what do you think ? The specification I wrote mentioned classic configuration, but this is also a valid option. One limitation would be custom validation, that doesn't really make sense together with this approach.
          Hide
          Bertrand Dunogier added a comment -

          Moved this to a story as the feature makes a lot of sense, and was already under consideration.

          Show
          Bertrand Dunogier added a comment - Moved this to a story as the feature makes a lot of sense, and was already under consideration.

            People

            • Assignee:
              Unassigned
              Reporter:
              Ramzi Arfaoui
            • Votes:
              1 Vote for this issue
              Watchers:
              8 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: