diff --git a/ZScoDoc.py b/ZScoDoc.py
index 08aaab66..4b567877 100644
--- a/ZScoDoc.py
+++ b/ZScoDoc.py
@@ -59,7 +59,7 @@ except:
from sco_utils import *
from notes_log import log
import sco_find_etud
-from ZScoUsers import pwdFascistCheck
+import sco_users
class ZScoDoc(ObjectManager, PropertyManager, RoleManager, Item, Persistent, Implicit):
@@ -201,7 +201,7 @@ class ZScoDoc(ObjectManager, PropertyManager, RoleManager, Item, Persistent, Imp
raise AccessDenied("vous n'avez pas le droit d'effectuer cette opération")
log("trying to change admin password")
# 1-- check strong password
- if pwdFascistCheck(password) != None:
+ if not sco_users.is_valid_password(password):
log("refusing weak password")
return REQUEST.RESPONSE.redirect(
"change_admin_user_form?message=Mot%20de%20passe%20trop%20simple,%20recommencez"
diff --git a/ZScoUsers.py b/ZScoUsers.py
index 0e03a39e..9e9dd924 100644
--- a/ZScoUsers.py
+++ b/ZScoUsers.py
@@ -47,24 +47,7 @@ from TrivialFormulator import TrivialFormulator, TF
from gen_tables import GenTable
import scolars
import sco_cache
-
-# ----------------- password checking
-import cracklib
-
-
-def pwdFascistCheck(cleartxt):
- "returns None if OK"
- if (
- hasattr(CONFIG, "MIN_PASSWORD_LENGTH")
- and CONFIG.MIN_PASSWORD_LENGTH > 0
- and len(cleartxt) < CONFIG.MIN_PASSWORD_LENGTH
- ):
- return True # invalid
- try:
- x = cracklib.FascistCheck(cleartxt)
- return None
- except ValueError as e:
- return str(e)
+import sco_users
# ---------------
@@ -358,10 +341,6 @@ class ZScoUsers(
else:
return False
- def _is_valid_passwd(self, passwd):
- "check if passwd is secure enough"
- return not pwdFascistCheck(passwd)
-
def do_change_password(self, user_name, password):
user = self._user_list(args={"user_name": user_name})
assert len(user) == 1, "database inconsistency: len(user)=%d" % len(user)
@@ -407,7 +386,7 @@ class ZScoUsers(
% user_name
)
else:
- if not self._is_valid_passwd(password):
+ if not sco_users.is_valid_password(password):
H.append(
"""
ce mot de passe n\'est pas assez compliqué !
(oui, il faut un mot de passe vraiment compliqué !)
Recommencer
@@ -890,7 +869,7 @@ class ZScoUsers(
"""Les deux mots de passes ne correspondent pas !"""
)
return "\n".join(H) + msg + "\n" + tf[1] + F
- if not self._is_valid_passwd(vals["passwd"]):
+ if not sco_users.is_valid_password(vals["passwd"]):
msg = tf_error_message(
"""Mot de passe trop simple, recommencez !"""
)
diff --git a/sco_users.py b/sco_users.py
new file mode 100644
index 00000000..703d6b18
--- /dev/null
+++ b/sco_users.py
@@ -0,0 +1,53 @@
+# -*- mode: python -*-
+# -*- coding: utf-8 -*-
+
+##############################################################################
+#
+# Gestion scolarite IUT
+#
+# Copyright (c) 1999 - 2021 Emmanuel Viennet. All rights reserved.
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+#
+# Emmanuel Viennet emmanuel.viennet@viennet.net
+#
+##############################################################################
+
+"""Fonctions sur les utilisateurs
+"""
+
+# Anciennement dans ZScoUsers.py, séparé pour migration
+
+import cracklib # pylint: disable=import-error
+
+import sco_utils as scu
+from sco_utils import CONFIG, SCO_ENCODING
+
+
+def is_valid_password(cleartxt):
+ """Check password.
+ returns True if OK.
+ """
+ if (
+ hasattr(CONFIG, "MIN_PASSWORD_LENGTH")
+ and CONFIG.MIN_PASSWORD_LENGTH > 0
+ and len(cleartxt) < CONFIG.MIN_PASSWORD_LENGTH
+ ):
+ return False # invalid: too short
+ try:
+ _ = cracklib.FascistCheck(cleartxt)
+ return True
+ except ValueError:
+ return False