1 Topic by pbf343

  • pbf343
  • Member
  • Offline
  • Registered: 2013-05-30
  • Posts: 243

Topic: Feature -removed add back with additional functionality

==== Required information ====
- iRedMail version (check /etc/iredmail-release):
- Linux/BSD distribution name and version:
- Store mail accounts in which backend (LDAP/MySQL/PGSQL):
- Web server (Apache or Nginx):
- Manage mail accounts with iRedAdmin-Pro?
- Related log if you're reporting an issue:
====

Hello Zhang,

Not sure if this feature has been replaced by some functionality I've yet to find or ever where to post this. 

In previous iRedMail-Pro releases on the "password" tab, it displayed something to the effect of the password must be at least 8 characters.  However, I do not see that in the new version.  Would be nice to have back for groups that admin their own accounts.

Add on:  I think it is tied to the settings/py file:
min_passwd_length = 8
max_passwd_length = 0

If that is correct, it would also be nice to have the option in the control panel to set that numeric values for the variables and/or the password generator use that for producing the random password. 

Thanks for work you do.

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 30,789

Re: Feature -removed add back with additional functionality

pbf343 wrote:

t displayed something to the effect of the password must be at least 8 characters.  However, I do not see that in the new version.  Would be nice to have back for groups that admin their own accounts.

This feature is still there. Did you change below settings in iRedAdmin-Pro config file?

PASSWORD_SPECIAL_CHARACTERS = """#$%&'"*+-,.:;!<=>?@[]/\(){}^_`~"""
PASSWORD_HAS_LETTER = True
PASSWORD_HAS_UPPERCASE = True
PASSWORD_HAS_NUMBER = True
PASSWORD_HAS_SPECIAL_CHAR = True

3 Reply by pbf343 (edited by pbf343 2015-07-14 19:07:21)

  • pbf343
  • Member
  • Offline
  • Registered: 2013-05-30
  • Posts: 243

Re: Feature -removed add back with additional functionality

ZhangHuangbin wrote:
pbf343 wrote:

t displayed something to the effect of the password must be at least 8 characters.  However, I do not see that in the new version.  Would be nice to have back for groups that admin their own accounts.

This feature is still there. Did you change below settings in iRedAdmin-Pro config file?

PASSWORD_SPECIAL_CHARACTERS = """#$%&'"*+-,.:;!<=>?@[]/\(){}^_`~"""
PASSWORD_HAS_LETTER = True
PASSWORD_HAS_UPPERCASE = True
PASSWORD_HAS_NUMBER = True
PASSWORD_HAS_SPECIAL_CHAR = True

No, the file is what was installed by scripts.  Do not even know which file you're referring.  Maybe you could tell me path/name...

Are you referring to the /var/www/iRedAdmin-Pro-SQL-2.1.3/settings.py

##############################################################################
# Place your custom settings below, you can override all settings in this file
# and libs/default_settings.py here.
#
DEFAULT_PASSWORD_SCHEME = 'SSHA512'

Cheers

4 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 30,789

Re: Feature -removed add back with additional functionality

If you didn't change 'PASSWORD_*' settings, iRedAdmin-Pro will show you password rules in user profile page, under tab 'Password'.

5 Reply by pbf343 (edited by pbf343 2015-07-14 22:33:18)

  • pbf343
  • Member
  • Offline
  • Registered: 2013-05-30
  • Posts: 243

Re: Feature -removed add back with additional functionality

ZhangHuangbin wrote:

If you didn't change 'PASSWORD_*' settings, iRedAdmin-Pro will show you password rules in user profile page, under tab 'Password'.


If referring to this file:  less /var/www/iRedAdmin-Pro-SQL-2.1.3/libs/default_settings.py

Below is what the file contains from the install scripts, no changes by me.  Line numbers are turned on for your use/benefit.  I do not see anything about number of characters in this snippet, nor does the web interface show anything about minimum number of characters.  The auto-generated password does have 8 characters in it. 

169 # Password restrictions
170 #
171 # Special characters which can be used in password.
172 PASSWORD_SPECIAL_CHARACTERS = """#$%&'"*+-,.:;!<=>?@[]/\(){}^_`~"""
173 # Must contain at least one letter, one uppercase letter, one number, one special character
174 PASSWORD_HAS_LETTER = True
175 PASSWORD_HAS_UPPERCASE = True
176 PASSWORD_HAS_NUMBER = True
177 PASSWORD_HAS_SPECIAL_CHAR = True



This is true for a new install and is true for an upgraded system. 
Example: for what it is worth, I'm on a domain => user profile => password tab of an upgraded system now which does not have such. 

Screen shot attached.

6 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 30,789

Re: Feature -removed add back with additional functionality

Did you modify below files in iRedAdmin-Pro?

- templates/default/macros/general.html
- libs/iredbase.py

Let me show you related code in above two files:

# Part of file: templates/default/macros/general.html

{%- macro display_random_password(length) -%}
    <div class="mark_blue bt-space10">
        {% if true in password_restrictions.values() %}
            <h4>{{ _('Password must contain') }}</h4>
            <ul class="standard clean-padding bt-space10">
                {% if password_restrictions['has_letter'] %}
                    <li class="bt-space5">{{ _('at least one letter') }}</li>
                {% endif %}

                {% if password_restrictions['has_uppercase'] %}
                    <li class="bt-space5">{{ _('at least one uppercase letter') }}</li>
                {% endif %}

                {% if password_restrictions['has_number'] %}
                    <li class="bt-space5">{{ _('at least one digit number') }}</li>
                {% endif %}

                {% if password_restrictions['has_special_char'] %}
                    <li class="bt-space5">{{ _('at least one special character:') }} <em>{{ password_restrictions['special_characters'] |e }}</em></li>
                {% endif %}
            </ul>
        {% endif %}
# Part of file: libs/iredbase.py

def render_template(template_name, **context):
    ...
    jinja_env.globals.update({
        ...
        'password_restrictions': {'has_letter': settings.PASSWORD_HAS_LETTER,
                                  'has_uppercase': settings.PASSWORD_HAS_UPPERCASE,
                                  'has_number': settings.PASSWORD_HAS_NUMBER,
                                  'has_special_char': settings.PASSWORD_HAS_SPECIAL_CHAR,
                                  'special_characters': settings.PASSWORD_SPECIAL_CHARACTERS},
    })

7 Reply by pbf343 (edited by pbf343 2015-07-15 08:01:46)

  • pbf343
  • Member
  • Offline
  • Registered: 2013-05-30
  • Posts: 243

Re: Feature -removed add back with additional functionality

ZhangHuangbin wrote:

Did you modify below files in iRedAdmin-Pro?

Hello,
Nothing has been modified in any templates or code base other than following the standard documentation instructions on installing iRedMail and iRedAdmin-Pro. 

If recall, I mentioned in the other thread that the install options were the same but the configuration/install was different.  For example: the deamonize line of code for iredapd. 

I'm assuming these are Jinja templates...   I'll look at those to compare to our system.  That said, have not changed any of ours. 

One item to note, have not looked at source html stream from browser view to see if the verbiage is present and just not displaying.   Do jinja templates every have flushing issues like php files used to do?  What about CSS or possibly div truncating the content?  Visually does not look like such.   




ZhangHuangbin wrote:

- templates/default/macros/general.html
- libs/iredbase.py

Let me show you related code in above two files:

# Part of file: templates/default/macros/general.html

{%- macro display_random_password(length) -%}
    <div class="mark_blue bt-space10">
        {% if true in password_restrictions.values() %}
            <h4>{{ _('Password must contain') }}</h4>
            <ul class="standard clean-padding bt-space10">
                {% if password_restrictions['has_letter'] %}
                    <li class="bt-space5">{{ _('at least one letter') }}</li>
                {% endif %}

                {% if password_restrictions['has_uppercase'] %}
                    <li class="bt-space5">{{ _('at least one uppercase letter') }}</li>
                {% endif %}

                {% if password_restrictions['has_number'] %}
                    <li class="bt-space5">{{ _('at least one digit number') }}</li>
                {% endif %}

                {% if password_restrictions['has_special_char'] %}
                    <li class="bt-space5">{{ _('at least one special character:') }} <em>{{ password_restrictions['special_characters'] |e }}</em></li>
                {% endif %}
            </ul>
        {% endif %}
# Part of file: libs/iredbase.py

def render_template(template_name, **context):
    ...
    jinja_env.globals.update({
        ...
        'password_restrictions': {'has_letter': settings.PASSWORD_HAS_LETTER,
                                  'has_uppercase': settings.PASSWORD_HAS_UPPERCASE,
                                  'has_number': settings.PASSWORD_HAS_NUMBER,
                                  'has_special_char': settings.PASSWORD_HAS_SPECIAL_CHAR,
                                  'special_characters': settings.PASSWORD_SPECIAL_CHARACTERS},
    })

8 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 30,789

Re: Feature -removed add back with additional functionality

pbf343 wrote:

For example: the deamonize line of code for iredapd. 

you mean in /etc/uwsgi.ini? This file is used by uwsgi + iRedAdmin, not for iRedAPD.

9 Reply by pbf343

  • pbf343
  • Member
  • Offline
  • Registered: 2013-05-30
  • Posts: 243

Re: Feature -removed add back with additional functionality

ZhangHuangbin wrote:
pbf343 wrote:

For example: the deamonize line of code for iredapd. 

you mean in /etc/uwsgi.ini? This file is used by uwsgi + iRedAdmin, not for iRedAPD.

Yes, correct my mistake.  The line was in the file on original install.  Install again days later, it was not present in code.

10 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 30,789

Re: Feature -removed add back with additional functionality

pbf343 wrote:

Yes, correct my mistake.  The line was in the file on original install.  Install again days later, it was not present in code.

Because I uploaded modified iRedMail installer.

11 Reply by pbf343 (edited by pbf343 2015-08-14 08:09:26)

  • pbf343
  • Member
  • Offline
  • Registered: 2013-05-30
  • Posts: 243

Re: Feature -removed add back with additional functionality

Attached is an image of what the display shows.   Should it have something to the effect that the password must be __ characters in length?  I thought that was present previously.

Post's attachments

Screen Shot 2015-08-13 at 8.06.10 PM.png
Screen Shot 2015-08-13 at 8.06.10 PM.png 56.07 kb, file has never been downloaded. 

You don't have the permssions to download the attachments of this post.

12 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 30,789

Re: Feature -removed add back with additional functionality

When you enter the password field, it will pop up a small tooltip to remind you the password length.

13 Reply by pbf343

  • pbf343
  • Member
  • Offline
  • Registered: 2013-05-30
  • Posts: 243

Re: Feature -removed add back with additional functionality

ZhangHuangbin wrote:

When you enter the password field, it will pop up a small tooltip to remind you the password length.

Ah, gotcha.  I would like to see back in the same box pulling the variable applied to the domain.   Users tend to "miss" items like such.  Would it be better to leave in tooltip and put there for reading? 

I do not recall the previous version if iRedAdmin-Pro having the options to adjust time zones, password, length, etc in design.   Good idea and I like it.  One question though, is there a method to set default values for password length, time zone, etc. so as NOT to have to populate them by hand with each domain?

14 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 30,789

Re: Feature -removed add back with additional functionality

pbf343 wrote:

One question though, is there a method to set default values for password length, time zone, etc. so as NOT to have to populate them by hand with each domain?

you can find default time zone setting in 'libs/default_settings.py' under iRedAdmin-Pro directory, if you need to change them, please copy them to iRedAdmin-Pro config file 'settings.py' and change them, do not touch 'libs/default_settings.py'.

Global password length control is defined in settings.py.