@ -38,7 +38,7 @@ class ResUsers(models.Model):
@api.multi
@api.multi
def write ( self , vals ) :
def write ( self , vals ) :
if vals . get ( ' password ' ) :
if vals . get ( ' password ' ) :
self . check_password ( vals [ ' password ' ] )
self . _ check_password( vals [ ' password ' ] )
vals [ ' password_write_date ' ] = fields . Datetime . now ( )
vals [ ' password_write_date ' ] = fields . Datetime . now ( )
return super ( ResUsers , self ) . write ( vals )
return super ( ResUsers , self ) . write ( vals )
@ -55,7 +55,7 @@ class ResUsers(models.Model):
message . append ( ' \n * ' + _ ( ' Numeric digit ' ) )
message . append ( ' \n * ' + _ ( ' Numeric digit ' ) )
if company_id . password_special :
if company_id . password_special :
message . append ( ' \n * ' + _ ( ' Special character ' ) )
message . append ( ' \n * ' + _ ( ' Special character ' ) )
if len ( message ) :
if message :
message = [ _ ( ' Must contain the following: ' ) ] + message
message = [ _ ( ' Must contain the following: ' ) ] + message
if company_id . password_length :
if company_id . password_length :
message = [
message = [
@ -65,7 +65,13 @@ class ResUsers(models.Model):
return ' \r ' . join ( message )
return ' \r ' . join ( message )
@api.multi
@api.multi
def check_password ( self , password ) :
def _check_password ( self , password ) :
self . _check_password_rules ( password )
self . _check_password_history ( password )
return True
@api.multi
def _check_password_rules ( self , password ) :
self . ensure_one ( )
self . ensure_one ( )
if not password :
if not password :
return True
return True
@ -81,7 +87,7 @@ class ResUsers(models.Model):
password_regex . append ( r ' (?=.*? \ W) ' )
password_regex . append ( r ' (?=.*? \ W) ' )
password_regex . append ( ' .{ %d ,}$ ' % company_id . password_length )
password_regex . append ( ' .{ %d ,}$ ' % company_id . password_length )
if not re . search ( ' ' . join ( password_regex ) , password ) :
if not re . search ( ' ' . join ( password_regex ) , password ) :
raise PassError ( _ ( self . password_match_message ( ) ) )
raise PassError ( self . password_match_message ( ) )
return True
return True
@api.multi
@api.multi
@ -125,7 +131,7 @@ class ResUsers(models.Model):
return True
return True
@api.multi
@api.multi
def _set_password ( self , password ) :
def _check_password_history ( self , password ) :
""" It validates proposed password against existing history
""" It validates proposed password against existing history
: raises : PassError on reused password
: raises : PassError on reused password
"""
"""
@ -138,14 +144,12 @@ class ResUsers(models.Model):
recent_passes = rec_id . password_history_ids [
recent_passes = rec_id . password_history_ids [
0 : recent_passes - 1
0 : recent_passes - 1
]
]
if len ( recent_passes . filtered (
lambda r : crypt . verify ( password , r . password_crypt )
) ) :
if recent_passes . filtered (
lambda r : crypt . verify ( password , r . password_crypt ) ) :
raise PassError (
raise PassError (
_ ( ' Cannot use the most recent %d passwords ' ) %
_ ( ' Cannot use the most recent %d passwords ' ) %
rec_id . company_id . password_history
rec_id . company_id . password_history
)
)
super ( ResUsers , self ) . _set_password ( password )
@api.multi
@api.multi
def _set_encrypted_password ( self , encrypted ) :
def _set_encrypted_password ( self , encrypted ) :