This is patch is more like a draft.

I'm not sure where to display the 'password is going to expire' notification.


I was deciding between:
 1) red bold text in Web UI header
 2) popup dialog after Web UI initialization

I don't like unwanted pop-up dialogs so I used first option.

I didn't make a 'password reset link' because it is done in user's detail page and a link there is right next to this notification.

Patch description:

This patch adds pending password expiration notification support to Web UI. When user's password is going to expire in less or equal than configure days a bold red text 'Your password expires in N days' is shown in Web UI's header (on the left next to 'Logged in as...').

https://fedorahosted.org/freeipa/ticket/2625
--
Petr Vobornik
From bf386e2bcdb13e8115a0927d24e256ed4b16b4d4 Mon Sep 17 00:00:00 2001
From: Petr Vobornik <pvobo...@redhat.com>
Date: Tue, 26 Jun 2012 16:19:58 +0200
Subject: [PATCH] Web UI password is going to expire in n days notification

This patch adds pending password expiration notification support to Web UI. When user's password is going to expire in less or equal than configure days a bold red text 'Your password expires in N days' is shown in Web UI's header (on the left next to 'Logged in as...').

https://fedorahosted.org/freeipa/ticket/2625
---
 install/ui/index.html              |    1 +
 install/ui/ipa.css                 |    8 ++++
 install/ui/ipa.js                  |   64 ++++++++++++++++++++++++++++++++++++
 install/ui/test/data/ipa_init.json |   56 +++++++++++++++++++++++++++++++-
 install/ui/widget.js               |   25 +-------------
 ipalib/plugins/internal.py         |    1 +
 6 files changed, 131 insertions(+), 24 deletions(-)

diff --git a/install/ui/index.html b/install/ui/index.html
index 653704b7bca323febb7c5874e24b47034f9c898e..33c0923c197d53824d79591488b18dda2ea90ad2 100644
--- a/install/ui/index.html
+++ b/install/ui/index.html
@@ -70,6 +70,7 @@
                 <a href="#"><img src="images/ipa-logo.png" /><img src="images/ipa-banner.png" /></a>
             </span>
             <span class="header-right">
+                <span class="header-passwordexpires"></span>
                 <span id="loggedinas" class="header-loggedinas">
                     <a href="#"><span id="login_header">Logged in as</span>: <strong>u...@freeipa.org</strong></a>
                 </span>
diff --git a/install/ui/ipa.css b/install/ui/ipa.css
index c0cec89a44532e22103474910ae18110597d76ac..d28735e9daf3f6f0995632594eea4728f22978fc 100644
--- a/install/ui/ipa.css
+++ b/install/ui/ipa.css
@@ -240,6 +240,14 @@ body {
     border: 0;
 }
 
+/* ---- Password expiration */
+
+.header-passwordexpires {
+    margin-right: 30px;
+    color: red;
+    font-weight: bold;
+}
+
 /* ---- Logged-in As ---- */
 .header-right {
     float: right;
diff --git a/install/ui/ipa.js b/install/ui/ipa.js
index f0ad01c3215291fe308d8729e66c9202d3a1c248..4723400b3b1f18db34ff6cade295d42f5cd6263f 100644
--- a/install/ui/ipa.js
+++ b/install/ui/ipa.js
@@ -144,6 +144,15 @@ var IPA = function() {
             }
         }));
 
+        batch.add_command(IPA.command({
+            entity: 'config',
+            method: 'show',
+            on_success: function(data, text_status, xhr) {
+                that.server_config = data.result;
+                that.update_password_expiration();
+            }
+        }));
+
         batch.execute();
     };
 
@@ -459,6 +468,61 @@ IPA.reset_password = function(username, old_password, new_password) {
     return result;
 };
 
+IPA.update_password_expiration = function() {
+
+    var now, expires, notify_days, diff, message;
+
+    expires = IPA.whoami.krbpasswordexpiration;
+    expires = expires ? IPA.parse_utc_date(expires[0]) : null;
+
+    notify_days = IPA.server_config.ipapwdexpadvnotify;
+    notify_days = notify_days ? notify_days[0] : 0;
+
+    now = new Date();
+
+    if (expires) {
+
+        diff = expires.getTime() - now.getTime();
+        diff = Math.floor(diff / 86400000);
+
+        if (diff <= notify_days) {
+            message = IPA.messages.password.expires_in;
+            message = message.replace('${days}', diff);
+
+            $('.header-passwordexpires').text(message);
+        }
+    }
+};
+
+IPA.parse_utc_date = function(value) {
+
+    if (!value) return null;
+
+    // verify length
+    if (value.length  != 'YYYYmmddHHMMSSZ'.length) {
+        return null;
+    }
+
+    // We only handle GMT
+    if (value.charAt(value.length -1) !== 'Z') {
+        return null;
+    }
+
+    var date = new Date();
+
+    date.setUTCFullYear(
+        value.substring(0, 4),    // YYYY
+        value.substring(4, 6)-1,  // mm (0-11)
+        value.substring(6, 8));   // dd (1-31)
+
+    date.setUTCHours(
+        value.substring(8, 10),   // HH (0-23)
+        value.substring(10, 12),  // MM (0-59)
+        value.substring(12, 14)); // SS (0-59)
+
+    return date;
+};
+
 /**
  * Call an IPA command over JSON-RPC.
  *
diff --git a/install/ui/test/data/ipa_init.json b/install/ui/test/data/ipa_init.json
index 6621fe56f1d43f9ac0e2caba30375dbe8416bdea..0dcc4ef172f3128ad72ee107d8cbaa33ed5d53a5 100644
--- a/install/ui/test/data/ipa_init.json
+++ b/install/ui/test/data/ipa_init.json
@@ -439,6 +439,7 @@
                     "password": {
                         "current_password": "Current Password",
                         "current_password_required": "Current password is required",
+                        "expires_in": "Your password expires in ${days} days.",
                         "invalid_password": "The password or username you entered is incorrect.",
                         "new_password": "New Password",
                         "new_password_required": "New password is required",
@@ -534,7 +535,7 @@
                             "20120110142413Z"
                         ],
                         "krbpasswordexpiration": [
-                            "20111212052109Z"
+                            "20141212052109Z"
                         ],
                         "krbprincipalname": [
                             "ad...@dev.example.com"
@@ -656,6 +657,59 @@
                 "result": true,
                 "summary": null,
                 "value": ""
+            },
+            {
+                "error": null,
+                "result": {
+                    "dn": "cn=ipaconfig,cn=etc,dc=test,dc=example,dc=com",
+                    "ipacertificatesubjectbase": [
+                        "O=EXAMPLE.COM"
+                    ],
+                    "ipaconfigstring": [
+                        "AllowNThash"
+                    ],
+                    "ipadefaultemaildomain": [
+                        "example.com"
+                    ],
+                    "ipadefaultloginshell": [
+                        "/bin/sh"
+                    ],
+                    "ipadefaultprimarygroup": [
+                        "ipausers"
+                    ],
+                    "ipagroupsearchfields": [
+                        "cn,description"
+                    ],
+                    "ipahomesrootdir": [
+                        "/home"
+                    ],
+                    "ipamaxusernamelength": [
+                        "32"
+                    ],
+                    "ipamigrationenabled": [
+                        "FALSE"
+                    ],
+                    "ipapwdexpadvnotify": [
+                        "4"
+                    ],
+                    "ipasearchrecordslimit": [
+                        "100"
+                    ],
+                    "ipasearchtimelimit": [
+                        "2"
+                    ],
+                    "ipaselinuxusermapdefault": [
+                        "guest_u:s0"
+                    ],
+                    "ipaselinuxusermaporder": [
+                        "guest_u:s0$xguest_u:s0$user_u:s0-s0:c0.c1023$staff_u:s0-s0:c0.c1023$unconfined_u:s0-s0:c0.c1023"
+                    ],
+                    "ipausersearchfields": [
+                        "uid,givenname,sn,telephonenumber,ou,title"
+                    ]
+                },
+                "summary": null,
+                "value": ""
             }
         ]
     }
diff --git a/install/ui/widget.js b/install/ui/widget.js
index 503897554421ac71b6a6bad5a7074ff32d34ec55..a55cc347f49cc2e61f00422f12c47ab4c1c70449 100644
--- a/install/ui/widget.js
+++ b/install/ui/widget.js
@@ -1125,29 +1125,8 @@ IPA.utc_date_formatter = function(spec) {
     that.format = function(value) {
 
         if (!value) return '';
-
-        // verify length
-        if (value.length  != 'YYYYmmddHHMMSSZ'.length) {
-            return value;
-        }
-
-        /* We only handle GMT */
-        if (value.charAt(value.length -1) !== 'Z') {
-            return value;
-        }
-
-        var date = new Date();
-
-        date.setUTCFullYear(
-            value.substring(0, 4),    // YYYY
-            value.substring(4, 6)-1,  // mm (0-11)
-            value.substring(6, 8));   // dd (1-31)
-
-        date.setUTCHours(
-            value.substring(8, 10),   // HH (0-23)
-            value.substring(10, 12),  // MM (0-59)
-            value.substring(12, 14)); // SS (0-59)
-
+        var date =  IPA.parse_utc_date(value);
+        if (!date) return value;
         return date.toString();
     };
 
diff --git a/ipalib/plugins/internal.py b/ipalib/plugins/internal.py
index 0ba2aa8597549ff351a4a5b085aa310ece890ab1..15b9dbd599835fe57728d681b712889bea7dd5f9 100644
--- a/ipalib/plugins/internal.py
+++ b/ipalib/plugins/internal.py
@@ -578,6 +578,7 @@ class i18n_messages(Command):
         "password": {
             "current_password": _("Current Password"),
             "current_password_required": _("Current password is required"),
+            "expires_in": _("Your password expires in ${days} days."),
             "invalid_password": _("The password or username you entered is incorrect."),
             "new_password": _("New Password"),
             "new_password_required": _("New password is required"),
-- 
1.7.7.6

_______________________________________________
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel

Reply via email to