FOUR-12571 Password Policy Configuration new screen in Admin Settings

ProcessMaker/Http/Controllers/Auth/LoginController.php

@@ -48,7 +48,7 @@ class LoginController extends Controller
     public function __construct()
     {
         $this->middleware('guest')->except(['logout', 'beforeLogout', 'keepAlive']);
-        $this->maxAttempts = (int) config('password-policies.login_attempts');
+        $this->maxAttempts = (int) config('password-policies.login_attempts', 5);
     }
 
     /**

ProcessMaker/Http/Middleware/VerifyChangePasswordNeeded.php

@@ -39,7 +39,7 @@ public function checkForForceChangePassword()
 
     public function checkPasswordExpiration()
     {
-        $validationRequired = config('password-policies.expiration_days') &&
+        $validationRequired = config('password-policies.expiration_days', false) &&
             Auth::user() && Auth::user()->password_changed_at;
 
         return $validationRequired &&

ProcessMaker/Models/Setting.php

@@ -66,6 +66,8 @@ class Setting extends ProcessMakerModel implements HasMedia
 
     public const COLLECTION_CSS_FAVICON = 'favicon';
 
+    public const PASSWORD_POLICIES_GROUP = 'Password Policies';
+
     /**
      * The attributes that aren't mass assignable.
      *

ProcessMaker/Models/User.php

@@ -190,17 +190,17 @@ public static function passwordRules(self $existing = null)
             $existing ? 'sometimes' : '',
         ];
         // Configurable policies
-        $passwordRules = Password::min(config('password-policies.minimum_length'));
-        if (config('password-policies.maximum_length')) {
+        $passwordRules = Password::min((int) config('password-policies.minimum_length', 8));
+        if (config('password-policies.maximum_length', false)) {
             $passwordPolicies[] = 'max:' . config('password-policies.maximum_length');
         }
-        if (config('password-policies.numbers')) {
+        if (config('password-policies.numbers', true)) {
             $passwordRules->numbers();
         }
-        if (config('password-policies.uppercase')) {
+        if (config('password-policies.uppercase', true)) {
             $passwordPolicies[] = new StringHasAtLeastOneUpperCaseCharacter();
         }
-        if (config('password-policies.special')) {
+        if (config('password-policies.special', true)) {
             $passwordRules->symbols();
         }
         $passwordPolicies[] = $passwordRules;

resources/lang/de.json

@@ -1802,5 +1802,22 @@
   "This environment already contains the same version of the {{ item }} named '{{ name }}.'": "Diese Umgebung enthält bereits die gleiche Version des {{ item }} namens '{{ name }}'.",
   "Visit our Gallery for more Templates": "Besuchen Sie unsere Galerie für mehr Vorlagen",
   "Start a new process from a blank canvas, a text description, or a preset template.": "Starten Sie einen neuen Prozess von einer leeren Leinwand, einer Textbeschreibung oder einer voreingestellten Vorlage.",
-  "Your password has expired.": "Your password has expired."
+  "Password Policies": "Password Policies",
+  "Your password has expired.": "Your password has expired.",
+  "Password set by user": "Password set by user",
+  "Allow to users to change their own password.": "Allow to users to change their own password.",
+  "Numeric characters": "Numeric characters",
+  "Passwords must contain minimum one numeric character.": "Passwords must contain minimum one numeric character.",
+  "Uppercase characters": "Uppercase characters",
+  "Passwords must contain minimum one uppercase character.": "Passwords must contain minimum one uppercase character.",
+  "Special characters": "Special characters",
+  "Passwords must contain minimum one special character.": "Passwords must contain minimum one special character.",
+  "Maximum length": "Maximum length",
+  "Maximum password length allowed.": "Maximum password length allowed.",
+  "Minimum length": "Minimum length",
+  "Minimum password length allowed.": "Minimum password length allowed.",
+  "Password expiration": "Password expiration",
+  "Password will expire in the days configured here.": "Password will expire in the days configured here.",
+  "Login failed": "Login failed",
+  "Number of consecutive unsuccessful login attempts before block the login action momentarily.": "Number of consecutive unsuccessful login attempts before block the login action momentarily."
 }

resources/lang/en.json

@@ -90,6 +90,7 @@
   "Allow additional loops": "Allow additional loops",
   "Allow Multiple Selections": "Allow Multiple Selections",
   "Allow Reassignment": "Allow Reassignment",
+  "Allow to users to change their own password.": "Allow to users to change their own password.",
   "Allowed Group": "Allowed Group",
   "Allowed Groups": "Allowed Groups",
   "Allowed User": "Allowed User",
@@ -846,6 +847,7 @@
   "Log": "Log",
   "Logged Event": "Logged Event",
   "Logged Events": "Logged Events",
+  "Login failed": "Login failed",
   "Login Information": "Login Information",
   "Login Page Footer": "Login Page Footer",
   "Login": "Login",
@@ -865,6 +867,8 @@
   "Max": "Max",
   "Maximum Date": "Maximum Date",
   "Maximum Iterations": "Maximum Iterations",
+  "Maximum length": "Maximum length",
+  "Maximum password length allowed.": "Maximum password length allowed.",
   "Message End Event": "Message End Event",
   "Message Event Identifier": "Message Event Identifier",
   "Message Flow": "Message Flow",
@@ -887,7 +891,9 @@
   "Min Length": "Min Length",
   "Min": "Min",
   "Minimum Date": "Minimum Date",
+  "Minimum length": "Minimum length",
   "Minimum of 8 characters in length": "Minimum of 8 characters in length",
+  "Minimum password length allowed.": "Minimum password length allowed.",
   "minute": "minute",
   "Modeler": "Modeler",
   "Modified By Tasks": "Modified By Tasks",
@@ -998,8 +1004,10 @@
   "Notify Participants": "Notify Participants",
   "Notify Process Manager": "Notify Process Manager",
   "Notify Requester": "Notify Requester",
+  "Number of consecutive unsuccessful login attempts before block the login action momentarily.": "Number of consecutive unsuccessful login attempts before block the login action momentarily.",
   "Number of times to retry. Leave empty to use script default. Set to 0 for no retry attempts. This setting is only used when running a script task in a process.": "Number of times to retry. Leave empty to use script default. Set to 0 for no retry attempts. This setting is only used when running a script task in a process.",
   "Number of times to show the loop. Value must be greater than zero.": "Number of times to show the loop. Value must be greater than zero.",
+  "Numeric characters": "Numeric characters",
   "Object": "Object",
   "Occurred At": "Occurred At",
   "occurrences": "occurrences",
@@ -1045,13 +1053,20 @@
   "Params": "Params",
   "Participants": "Participants",
   "participants": "participants",
+  "Password": "Password",
   "Password Grant Client ID": "Password Grant Client ID",
   "Password Grant Secret": "Password Grant Secret",
+  "Password Policies": "Password Policies",
   "Password Requirements": "Password Requirements",
   "Password Reset": "Password Reset",
   "Password_client": "Password Client",
-  "Password": "Password",
+  "Password expiration": "Password expiration",
+  "Password set by user": "Password set by user",
+  "Password will expire in the days configured here.": "Password will expire in the days configured here.",
   "Passwords must be at least six characters and match the confirmation.": "Passwords must be at least six characters and match the confirmation.",
+  "Passwords must contain minimum one numeric character.": "Passwords must contain minimum one numeric character.",
+  "Passwords must contain minimum one special character.": "Passwords must contain minimum one special character.",
+  "Passwords must contain minimum one uppercase character.": "Passwords must contain minimum one uppercase character.",
   "passwords.password": "Passwords must be at least six characters and match the confirmation.",
   "passwords.reset": "Your password has been reset!",
   "passwords.sent": "We have e-mailed your password reset link!",
@@ -1410,6 +1425,7 @@
   "Source Type": "Source Type",
   "Source": "Source",
   "Spanish": "Spanish",
+  "Special characters": "Special characters",
   "Specifies the file storage service, server, or file access protocol through which your Microsoft Excel files are stored and retreived.": "Specifies the file storage service, server, or file access protocol through which your Microsoft Excel files are stored and retreived.",
   "Specify Expression": "Specify Expression",
   "Specify Request Variable": "Specify Data Variable",
@@ -1723,6 +1739,7 @@
   "Uploaded": "Uploaded",
   "Uploaded By": "Uploaded By",
   "Uploading...": "Uploading...",
+  "Uppercase characters": "Uppercase characters",
   "URI": "URI",
   "URL": "URL",
   "Use a transparent PNG at :size pixels for best results.": "Use a transparent PNG at :size pixels for best results.",

resources/lang/es.json

@@ -1803,5 +1803,22 @@
   "This environment already contains the same version of the {{ item }} named '{{ name }}.'": "Este entorno ya contiene la misma versión del {{ item }} llamado '{{ name }}'.",
   "Visit our Gallery for more Templates": "Visita nuestra Galería para más Plantillas",
   "Start a new process from a blank canvas, a text description, or a preset template.": "Inicie un nuevo proceso desde un lienzo en blanco, una descripción de texto o una plantilla preestablecida.",
-  "Your password has expired.": "Tu contraseña ha expirado."
+  "Password Policies": "Password Policies",
+  "Your password has expired.": "Tu contraseña ha expirado.",
+  "Password set by user": "Password set by user",
+  "Allow to users to change their own password.": "Allow to users to change their own password.",
+  "Numeric characters": "Numeric characters",
+  "Passwords must contain minimum one numeric character.": "Passwords must contain minimum one numeric character.",
+  "Uppercase characters": "Uppercase characters",
+  "Passwords must contain minimum one uppercase character.": "Passwords must contain minimum one uppercase character.",
+  "Special characters": "Special characters",
+  "Passwords must contain minimum one special character.": "Passwords must contain minimum one special character.",
+  "Maximum length": "Maximum length",
+  "Maximum password length allowed.": "Maximum password length allowed.",
+  "Minimum length": "Minimum length",
+  "Minimum password length allowed.": "Minimum password length allowed.",
+  "Password expiration": "Password expiration",
+  "Password will expire in the days configured here.": "Password will expire in the days configured here.",
+  "Login failed": "Login failed",
+  "Number of consecutive unsuccessful login attempts before block the login action momentarily.": "Number of consecutive unsuccessful login attempts before block the login action momentarily."
 }

resources/lang/fr.json

@@ -1802,5 +1802,22 @@
   "This environment already contains the same version of the {{ item }} named '{{ name }}.'": "Cet environnement contient déjà la même version de l'{{ item }} nommé '{{ name }}'.",
   "Visit our Gallery for more Templates": "Visitez notre Galerie pour plus de Modèles",
   "Start a new process from a blank canvas, a text description, or a preset template.": "Démarrez un nouveau processus à partir d'une toile vierge, d'une description textuelle ou d'un modèle prédéfini.",
-  "Your password has expired.": "Your password has expired."
+  "Password Policies": "Password Policies",
+  "Your password has expired.": "Your password has expired.",
+  "Password set by user": "Password set by user",
+  "Allow to users to change their own password.": "Allow to users to change their own password.",
+  "Numeric characters": "Numeric characters",
+  "Passwords must contain minimum one numeric character.": "Passwords must contain minimum one numeric character.",
+  "Uppercase characters": "Uppercase characters",
+  "Passwords must contain minimum one uppercase character.": "Passwords must contain minimum one uppercase character.",
+  "Special characters": "Special characters",
+  "Passwords must contain minimum one special character.": "Passwords must contain minimum one special character.",
+  "Maximum length": "Maximum length",
+  "Maximum password length allowed.": "Maximum password length allowed.",
+  "Minimum length": "Minimum length",
+  "Minimum password length allowed.": "Minimum password length allowed.",
+  "Password expiration": "Password expiration",
+  "Password will expire in the days configured here.": "Password will expire in the days configured here.",
+  "Login failed": "Login failed",
+  "Number of consecutive unsuccessful login attempts before block the login action momentarily.": "Number of consecutive unsuccessful login attempts before block the login action momentarily."
 }

resources/views/shared/users/sidebar.blade.php

@@ -39,6 +39,7 @@
                     </small>
                 </div>
             @endcan
+            @if (config('password-policies.users_can_change', true))
             <div class="form-group">
                 {!! Form::label('password', __('New Password')) !!}
                 <vue-password v-model="formData.password" :disable-toggle=true>
@@ -57,6 +58,7 @@
                 <div class="invalid-feedback" :style="{display: (errors.password) ? 'block' : 'none' }" role="alert"
                      v-for="(error, index) in errors.password">@{{error}}</div>
             </div>
+            @endif
             @cannot('edit-user-and-password')
                 <div class="form-group">
                     <small class="form-text text-muted">