owncloud /
security
@@ -1,6 +1,5 @@ |
||
| 1 | 1 | <?php |
| 2 | 2 | /** |
| 3 | - |
|
| 4 | 3 | * |
| 5 | 4 | * @author Semih Serhat Karakaya |
| 6 | 5 | * @copyright Copyright (c) 2016, ITU IT HEAD OFFICE. |
@@ -55,7 +55,7 @@ |
||
| 55 | 55 | * @param PasswordValidator $passValidator |
| 56 | 56 | * @param EventDispatcherInterface $dispatcher |
| 57 | 57 | */ |
| 58 | - public function __construct($userManager, $throttle, $request, $passValidator, $dispatcher){ |
|
| 58 | + public function __construct($userManager, $throttle, $request, $passValidator, $dispatcher) { |
|
| 59 | 59 | $this->userManager = $userManager; |
| 60 | 60 | $this->throttle = $throttle; |
| 61 | 61 | $this->request = $request; |
@@ -46,17 +46,26 @@ |
||
| 46 | 46 | </div> |
| 47 | 47 | <div> |
| 48 | 48 | <input type="checkbox" class="checkbox" id="security-enforce-upper-lower-case" |
| 49 | - <?php if ($_['isUpperLowerCaseEnforced']) p("checked");?> >
|
|
| 49 | + <?php if ($_['isUpperLowerCaseEnforced']) { |
|
| 50 | + p("checked"); |
|
| 51 | +} |
|
| 52 | +?> > |
|
| 50 | 53 | <label for="security-enforce-upper-lower-case"><?php p($l->t('Enforce at least one upper and one lower case character on passwords')) ?></label>
|
| 51 | 54 | </div> |
| 52 | 55 | <div> |
| 53 | 56 | <input type="checkbox" class="checkbox" id="security-enforce-numerical-characters" |
| 54 | - <?php if ($_['isNumericalCharsEnforced']) p("checked");?> >
|
|
| 57 | + <?php if ($_['isNumericalCharsEnforced']) { |
|
| 58 | + p("checked"); |
|
| 59 | +} |
|
| 60 | +?> > |
|
| 55 | 61 | <label for="security-enforce-numerical-characters"><?php p($l->t('Enforce at least one numerical characters on passwords')) ?></label>
|
| 56 | 62 | </div> |
| 57 | 63 | <div> |
| 58 | 64 | <input type="checkbox" class="checkbox" id="security-enforce-special-characters" |
| 59 | - <?php if ($_['isSpecialCharsEnforced']) p("checked");?> >
|
|
| 65 | + <?php if ($_['isSpecialCharsEnforced']) { |
|
| 66 | + p("checked"); |
|
| 67 | +} |
|
| 68 | +?> > |
|
| 60 | 69 | <label for="security-enforce-special-characters"><?php p($l->t('Enforce at least one special characters on passwords')) ?></label>
|
| 61 | 70 | </div> |
| 62 | 71 | </div> |
| 63 | 72 | \ No newline at end of file |
@@ -32,7 +32,7 @@ discard block |
||
| 32 | 32 | <input type="number" id="security-bfp-fail-tolerance" value="<?php p($_['bruteForceProtectionFailTolerance']) ?>"><br> |
| 33 | 33 | <label for="security-bfp-ban-period"><?php p($l->t('Ban for how many seconds?')) ?></label><br>
|
| 34 | 34 | <input type="number" id="security-bfp-ban-period" value="<?php p($_['bruteForceProtectionBanPeriod']) ?>"><br> |
| 35 | - <button id="save-bfp-settings" class="save"><?php p($l->t('Save settings'));?></button>
|
|
| 35 | + <button id="save-bfp-settings" class="save"><?php p($l->t('Save settings')); ?></button>
|
|
| 36 | 36 | </div> |
| 37 | 37 | </div> |
| 38 | 38 | <div id="security-password-policy" class="section"> |
@@ -40,22 +40,22 @@ discard block |
||
| 40 | 40 | <div> |
| 41 | 41 | <label for="security-min-password-length"><?php p($l->t('Determine minimum password length')) ?></label>
|
| 42 | 42 | <input type="number" id="security-min-password-length" min="6" value="<?php p($_['minPasswordLength']) ?>"> |
| 43 | - <button id="save-pass-length" class="save"><?php p($l->t('Save length'));?></button>
|
|
| 43 | + <button id="save-pass-length" class="save"><?php p($l->t('Save length')); ?></button>
|
|
| 44 | 44 | <span id="security-min-password-length-message" class="msg"></span> |
| 45 | 45 | </div> |
| 46 | 46 | <div> |
| 47 | 47 | <input type="checkbox" class="checkbox" id="security-enforce-upper-lower-case" |
| 48 | - <?php if ($_['isUpperLowerCaseEnforced']) p("checked");?> >
|
|
| 48 | + <?php if ($_['isUpperLowerCaseEnforced']) p("checked"); ?> >
|
|
| 49 | 49 | <label for="security-enforce-upper-lower-case"><?php p($l->t('Enforce at least one upper and one lower case character on passwords')) ?></label>
|
| 50 | 50 | </div> |
| 51 | 51 | <div> |
| 52 | 52 | <input type="checkbox" class="checkbox" id="security-enforce-numerical-characters" |
| 53 | - <?php if ($_['isNumericalCharsEnforced']) p("checked");?> >
|
|
| 53 | + <?php if ($_['isNumericalCharsEnforced']) p("checked"); ?> >
|
|
| 54 | 54 | <label for="security-enforce-numerical-characters"><?php p($l->t('Enforce at least one numerical characters on passwords')) ?></label>
|
| 55 | 55 | </div> |
| 56 | 56 | <div> |
| 57 | 57 | <input type="checkbox" class="checkbox" id="security-enforce-special-characters" |
| 58 | - <?php if ($_['isSpecialCharsEnforced']) p("checked");?> >
|
|
| 58 | + <?php if ($_['isSpecialCharsEnforced']) p("checked"); ?> >
|
|
| 59 | 59 | <label for="security-enforce-special-characters"><?php p($l->t('Enforce at least one special characters on passwords')) ?></label>
|
| 60 | 60 | </div> |
| 61 | 61 | </div> |
| 62 | 62 | \ No newline at end of file |
@@ -25,15 +25,15 @@ |
||
| 25 | 25 | ?> |
| 26 | 26 | <div id="password-policies" class="hidden"> |
| 27 | 27 | <?php print_unescaped( |
| 28 | - "<p>". $l->t('Passwords must:'). "</p>");?>
|
|
| 28 | + "<p>". $l->t('Passwords must:'). "</p>");?>
|
|
| 29 | 29 | <ul class="pass-info"> |
| 30 | 30 | <?php print_unescaped( |
| 31 | - "<li class='pass-info-element'>". $l->t('be at least %s characters long ', $_['minPasswordLength']). "</li>");?>
|
|
| 31 | + "<li class='pass-info-element'>". $l->t('be at least %s characters long ', $_['minPasswordLength']). "</li>");?>
|
|
| 32 | 32 | <?php if ($_['isUpperLowerCaseEnforced']) print_unescaped( |
| 33 | - "<li class='pass-info-element'>". $l->t('contain at least one uppercase letter and at least one lowercase letter '). "</li>");?>
|
|
| 33 | + "<li class='pass-info-element'>". $l->t('contain at least one uppercase letter and at least one lowercase letter '). "</li>");?>
|
|
| 34 | 34 | <?php if ($_['isNumericalCharsEnforced']) print_unescaped( |
| 35 | - "<li class='pass-info-element'>". $l->t('contain at least one numerical character'). "</li>");?>
|
|
| 35 | + "<li class='pass-info-element'>". $l->t('contain at least one numerical character'). "</li>");?>
|
|
| 36 | 36 | <?php if ($_['isSpecialCharsEnforced']) print_unescaped( |
| 37 | - "<li class='pass-info-element'>". $l->t('contain at least one special character'). "</li>");?>
|
|
| 37 | + "<li class='pass-info-element'>". $l->t('contain at least one special character'). "</li>");?>
|
|
| 38 | 38 | </ul> |
| 39 | 39 | </div> |
@@ -25,15 +25,15 @@ |
||
| 25 | 25 | ?> |
| 26 | 26 | <div id="password-policies" class="hidden"> |
| 27 | 27 | <?php print_unescaped( |
| 28 | - "<p>". $l->t('Passwords must:'). "</p>");?>
|
|
| 28 | + "<p>".$l->t('Passwords must:')."</p>"); ?>
|
|
| 29 | 29 | <ul class="pass-info"> |
| 30 | 30 | <?php print_unescaped( |
| 31 | - "<li class='pass-info-element'>". $l->t('be at least %s characters long ', $_['minPasswordLength']). "</li>");?>
|
|
| 31 | + "<li class='pass-info-element'>".$l->t('be at least %s characters long ', $_['minPasswordLength'])."</li>"); ?>
|
|
| 32 | 32 | <?php if ($_['isUpperLowerCaseEnforced']) print_unescaped( |
| 33 | - "<li class='pass-info-element'>". $l->t('contain at least one uppercase letter and at least one lowercase letter '). "</li>");?>
|
|
| 33 | + "<li class='pass-info-element'>".$l->t('contain at least one uppercase letter and at least one lowercase letter ')."</li>"); ?>
|
|
| 34 | 34 | <?php if ($_['isNumericalCharsEnforced']) print_unescaped( |
| 35 | - "<li class='pass-info-element'>". $l->t('contain at least one numerical character'). "</li>");?>
|
|
| 35 | + "<li class='pass-info-element'>".$l->t('contain at least one numerical character')."</li>"); ?>
|
|
| 36 | 36 | <?php if ($_['isSpecialCharsEnforced']) print_unescaped( |
| 37 | - "<li class='pass-info-element'>". $l->t('contain at least one special character'). "</li>");?>
|
|
| 37 | + "<li class='pass-info-element'>".$l->t('contain at least one special character')."</li>"); ?>
|
|
| 38 | 38 | </ul> |
| 39 | 39 | </div> |
@@ -29,11 +29,20 @@ |
||
| 29 | 29 | <ul class="pass-info"> |
| 30 | 30 | <?php print_unescaped( |
| 31 | 31 | "<li class='pass-info-element'>". $l->t('be at least %s characters long ', $_['minPasswordLength']). "</li>");?>
|
| 32 | - <?php if ($_['isUpperLowerCaseEnforced']) print_unescaped( |
|
| 33 | - "<li class='pass-info-element'>". $l->t('contain at least one uppercase letter and at least one lowercase letter '). "</li>");?>
|
|
| 34 | - <?php if ($_['isNumericalCharsEnforced']) print_unescaped( |
|
| 35 | - "<li class='pass-info-element'>". $l->t('contain at least one numerical character'). "</li>");?>
|
|
| 36 | - <?php if ($_['isSpecialCharsEnforced']) print_unescaped( |
|
| 37 | - "<li class='pass-info-element'>". $l->t('contain at least one special character'). "</li>");?>
|
|
| 32 | + <?php if ($_['isUpperLowerCaseEnforced']) { |
|
| 33 | + print_unescaped( |
|
| 34 | + "<li class='pass-info-element'>". $l->t('contain at least one uppercase letter and at least one lowercase letter '). "</li>"); |
|
| 35 | +} |
|
| 36 | +?> |
|
| 37 | + <?php if ($_['isNumericalCharsEnforced']) { |
|
| 38 | + print_unescaped( |
|
| 39 | + "<li class='pass-info-element'>". $l->t('contain at least one numerical character'). "</li>"); |
|
| 40 | +} |
|
| 41 | +?> |
|
| 42 | + <?php if ($_['isSpecialCharsEnforced']) { |
|
| 43 | + print_unescaped( |
|
| 44 | + "<li class='pass-info-element'>". $l->t('contain at least one special character'). "</li>"); |
|
| 45 | +} |
|
| 46 | +?> |
|
| 38 | 47 | </ul> |
| 39 | 48 | </div> |
@@ -79,14 +79,14 @@ |
||
| 79 | 79 | * @param string $ip |
| 80 | 80 | * @throws LoginException |
| 81 | 81 | */ |
| 82 | - public function applyBruteForcePolicy($uid ,$ip) {
|
|
| 82 | + public function applyBruteForcePolicy($uid, $ip) {
|
|
| 83 | 83 | $banPeriod = $this->config->getBruteForceProtectionBanPeriod(); |
| 84 | - $banUntil = $this->dbConnection->getLastFailedLoginAttemptTimeForIp($ip)+$banPeriod; |
|
| 85 | - if($this->dbConnection->getSuspiciousActivityCountForUidIpCombination($uid, $ip) >= |
|
| 84 | + $banUntil = $this->dbConnection->getLastFailedLoginAttemptTimeForIp($ip) + $banPeriod; |
|
| 85 | + if ($this->dbConnection->getSuspiciousActivityCountForUidIpCombination($uid, $ip) >= |
|
| 86 | 86 | $this->config->getBruteForceProtectionFailTolerance() && |
| 87 | 87 | $banUntil > $this->timeFactory->getTime()) {
|
| 88 | 88 | throw new LoginException($this->l->t("Too many failed login attempts. Try again in %s minutes.",
|
| 89 | - ceil($banPeriod/60)) |
|
| 89 | + ceil($banPeriod / 60)) |
|
| 90 | 90 | ); |
| 91 | 91 | } |
| 92 | 92 | } |
@@ -88,7 +88,7 @@ discard block |
||
| 88 | 88 | ->will($this->returnValue($lastAttempt)); |
| 89 | 89 | $this->dbServiceMock->expects($this->once()) |
| 90 | 90 | ->method('getSuspiciousActivityCountForUidIpCombination')
|
| 91 | - ->with('test','192.168.1.1')
|
|
| 91 | + ->with('test', '192.168.1.1')
|
|
| 92 | 92 | ->will($this->returnValue($attemptCount)); |
| 93 | 93 | $this->configMock->expects($this->once()) |
| 94 | 94 | ->method('getBruteForceProtectionBanPeriod')
|
@@ -100,7 +100,7 @@ discard block |
||
| 100 | 100 | ->method('getTime')
|
| 101 | 101 | ->will($this->returnValue($time)); |
| 102 | 102 | $this->expectException('OC\User\LoginException');
|
| 103 | - $this->throttle->applyBruteForcePolicy('test','192.168.1.1');
|
|
| 103 | + $this->throttle->applyBruteForcePolicy('test', '192.168.1.1');
|
|
| 104 | 104 | } |
| 105 | 105 | public function bruteForceTestData() {
|
| 106 | 106 | return [ |
@@ -106,7 +106,7 @@ discard block |
||
| 106 | 106 | $this->dbService->addFailedLoginAttempt("test1", "192.168.1.1");
|
| 107 | 107 | $this->dbService->addFailedLoginAttempt("test1", "192.168.1.1");
|
| 108 | 108 | $this->dbService->addFailedLoginAttempt("test2", "192.168.1.1");
|
| 109 | - $this->assertEquals(2, $this->dbService->getSuspiciousActivityCountForUidIpCombination('test1','192.168.1.1'));
|
|
| 109 | + $this->assertEquals(2, $this->dbService->getSuspiciousActivityCountForUidIpCombination('test1', '192.168.1.1'));
|
|
| 110 | 110 | } |
| 111 | 111 | |
| 112 | 112 | public function testGetLastFailedLoginAttemptTimeForIp() {
|
@@ -149,7 +149,7 @@ discard block |
||
| 149 | 149 | $result = $query->execute()->fetchAll(); |
| 150 | 150 | $this->assertSame(2, count($result)); |
| 151 | 151 | |
| 152 | - $this->dbService->deleteSuspiciousAttemptsForUidIpCombination('test1',"192.168.1.1");
|
|
| 152 | + $this->dbService->deleteSuspiciousAttemptsForUidIpCombination('test1', "192.168.1.1");
|
|
| 153 | 153 | $query = $builder->select('*')->from($this->dbTable)
|
| 154 | 154 | ->Where($builder->expr()->eq('ip', $builder->createNamedParameter("192.168.1.1")));
|
| 155 | 155 | $result = $query->execute()->fetchAll(); |
