WIP - Append PP special characters options (#2130)

lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/DefaultValues.pm

@@ -221,7 +221,10 @@ sub defaultValues {
         'passwordPolicyMinDigit'              => 0,
         'passwordPolicyMinLower'              => 0,
         'passwordPolicyMinSize'               => 0,
+        'passwordPolicyMinSpeChar'            => 0,
         'passwordPolicyMinUpper'              => 0,
+        'passwordPolicySpecialChar' =>
+          '! @ # $ % & * ( ) - _ = + [ ] { } ; : , . / ?',
         'passwordResetAllowedRetries' => 3,
         'persistentSessionAttributes' =>
           '_loginHistory _2fDevices notification_',

lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Attributes.pm

@@ -2436,10 +2436,19 @@ qr/^(?:\*\.)?(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][
             'default' => 0,
             'type'    => 'int'
         },
+        'passwordPolicyMinSpeChar' => {
+            'default' => 0,
+            'type'    => 'int'
+        },
         'passwordPolicyMinUpper' => {
             'default' => 0,
             'type'    => 'int'
         },
+        'passwordPolicySpecialChar' => {
+            'default' => '! @ # $ % & * ( ) - _ = + [ ] { } ; : , . / ?',
+            'test'    => qr/^[\s\W_]+$/,
+            'type'    => 'text'
+        },
         'passwordResetAllowedRetries' => {
             'default' => 3,
             'type'    => 'int'

lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Attributes.pm

@@ -1434,6 +1434,17 @@ sub attributes {
             type          => 'int',
             documentation => 'Password policy: minimal digit characters',
         },
+        passwordPolicyMinSpeChar => {
+            default       => 0,
+            type          => 'int',
+            documentation => 'Password policy: minimal special characters',
+        },
+        passwordPolicySpecialChar => {
+            default       => '! @ # $ % & * ( ) - _ = + [ ] { } ; : , . / ?',
+            type          => 'text',
+            test          => qr/^[\s\W_]+$/,
+            documentation => 'Password policy: allowed special characters',
+        },
         portalDisplayPasswordPolicy => {
             default       => 0,
             type          => 'bool',

lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Tree.pm

@@ -83,6 +83,8 @@ sub tree {
                                         'passwordPolicyMinLower',
                                         'passwordPolicyMinUpper',
                                         'passwordPolicyMinDigit',
+                                        'passwordPolicyMinSpeChar',
+                                        'passwordPolicySpecialChar',
                                         'portalDisplayPasswordPolicy',
                                     ]
                                 },

lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Password/Base.pm

@@ -8,14 +8,14 @@ use Lemonldap::NG::Portal::Main::Constants qw(
   PE_BADOLDPASSWORD
   PE_PASSWORD_OK
   PE_PASSWORD_MISMATCH
-  PE_PP_MUST_SUPPLY_OLD_PASSWORD
   PE_PP_PASSWORD_TOO_SHORT
+  PE_PP_MUST_SUPPLY_OLD_PASSWORD
   PE_PP_INSUFFICIENT_PASSWORD_QUALITY
 );
 
 extends 'Lemonldap::NG::Portal::Main::Plugin';
 
-our $VERSION = '2.0.6';
+our $VERSION = '2.0.8';
 
 # INITIALIZATION
 
@@ -25,7 +25,7 @@ sub init {
 
 # INTERFACE
 
-sub forAuthUser { '_modifyPassword' }
+use constant forAuthUser => '_modifyPassword';
 
 # RUNNING METHODS
 
@@ -131,6 +131,19 @@ sub checkPasswordQuality {
         }
     }
 
+    # Min special characters
+    if ( $self->conf->{passwordPolicyMinSpeChar} ) {
+        my $spe      = 0;
+        my $speChars = $self->conf->{passwordPolicySpecialChar}
+          || '! @ # $ % & * ( ) - _ = + [ ] { } ; : , . / ?';
+        $speChars =~ s/\s+//g;
+        $spe = $password =~ s/[\Q$speChars\E]//g;
+        if ( $spe < $self->conf->{passwordPolicyMinSpeChar} ) {
+            $self->logger->error("Password has not enough special characters");
+            return PE_PP_INSUFFICIENT_PASSWORD_QUALITY;
+        }
+    }
+
     return PE_OK;
 }