mirror of https://github.com/MISP/MISP
new: [Users] add last password change timestamp for users
parent
2927f7d30d
commit
7ce06cad9f
|
@ -301,6 +301,7 @@ class UsersController extends AppController
|
|||
// What fields should be saved (allowed to be saved)
|
||||
$user['User']['change_pw'] = 0;
|
||||
$user['User']['password'] = $this->request->data['User']['password'];
|
||||
$user['User']['last_pw_change'] = time();
|
||||
if ($this->_isRest()) {
|
||||
$user['User']['confirm_password'] = $this->request->data['User']['password'];
|
||||
} else {
|
||||
|
@ -475,7 +476,8 @@ class UsersController extends AppController
|
|||
'last_api_access',
|
||||
'force_logout',
|
||||
'date_created',
|
||||
'date_modified'
|
||||
'date_modified',
|
||||
'last_pw_change'
|
||||
),
|
||||
'contain' => array(
|
||||
'Organisation' => array('id', 'name'),
|
||||
|
@ -687,6 +689,7 @@ class UsersController extends AppController
|
|||
}
|
||||
}
|
||||
$this->request->data['User']['date_created'] = time();
|
||||
$this->request->data['User']['last_pw_change'] = $this->request->data['User']['date_created'];
|
||||
if (!array_key_exists($this->request->data['User']['role_id'], $syncRoles)) {
|
||||
$this->request->data['User']['server_id'] = 0;
|
||||
}
|
||||
|
@ -758,7 +761,7 @@ class UsersController extends AppController
|
|||
$this->Flash->error(__('The user could not be saved. Invalid organisation.'));
|
||||
}
|
||||
} else {
|
||||
$fieldList = array('password', 'email', 'external_auth_required', 'external_auth_key', 'enable_password', 'confirm_password', 'org_id', 'role_id', 'authkey', 'nids_sid', 'server_id', 'gpgkey', 'certif_public', 'autoalert', 'contactalert', 'disabled', 'invited_by', 'change_pw', 'termsaccepted', 'newsread', 'date_created', 'date_modified');
|
||||
$fieldList = array('password', 'email', 'external_auth_required', 'external_auth_key', 'enable_password', 'confirm_password', 'org_id', 'role_id', 'authkey', 'nids_sid', 'server_id', 'gpgkey', 'certif_public', 'autoalert', 'contactalert', 'disabled', 'invited_by', 'change_pw', 'termsaccepted', 'newsread', 'date_created', 'date_modified', 'last_pw_change');
|
||||
if ($this->User->save($this->request->data, true, $fieldList)) {
|
||||
$notification_message = '';
|
||||
if (!empty($this->request->data['User']['notify'])) {
|
||||
|
@ -953,6 +956,8 @@ class UsersController extends AppController
|
|||
$this->__canChangePassword()
|
||||
) {
|
||||
$fields[] = 'password';
|
||||
$fields[] = 'last_pw_change';
|
||||
$this->request->data['User']['last_pw_change'] = time();
|
||||
if ($this->_isRest() && !isset($this->request->data['User']['confirm_password'])) {
|
||||
$this->request->data['User']['confirm_password'] = $this->request->data['User']['password'];
|
||||
$fields[] = 'confirm_password';
|
||||
|
|
|
@ -85,7 +85,7 @@ class AppModel extends Model
|
|||
93 => false, 94 => false, 95 => true, 96 => false, 97 => true, 98 => false,
|
||||
99 => false, 100 => false, 101 => false, 102 => false, 103 => false, 104 => false,
|
||||
105 => false, 106 => false, 107 => false, 108 => false, 109 => false, 110 => false,
|
||||
111 => false, 112 => false, 113 => true, 114 => false
|
||||
111 => false, 112 => false, 113 => true, 114 => false, 115 => false
|
||||
);
|
||||
|
||||
const ADVANCED_UPDATES_DESCRIPTION = array(
|
||||
|
@ -1973,6 +1973,10 @@ class AppModel extends Model
|
|||
case 114:
|
||||
$indexArray[] = ['object_references', 'uuid'];
|
||||
break;
|
||||
case 115:
|
||||
$sqlArray[] = "ALTER TABLE `users` ADD COLUMN `last_pw_change` BIGINT(20) NULL DEFAULT NULL;";
|
||||
$sqlArray[] = "UPDATE `users` SET last_pw_change=date_modified WHERE last_pw_change IS NULL";
|
||||
break;
|
||||
case 'fixNonEmptySharingGroupID':
|
||||
$sqlArray[] = 'UPDATE `events` SET `sharing_group_id` = 0 WHERE `distribution` != 4;';
|
||||
$sqlArray[] = 'UPDATE `attributes` SET `sharing_group_id` = 0 WHERE `distribution` != 4;';
|
||||
|
|
|
@ -984,6 +984,7 @@ class User extends AppModel
|
|||
if ($result) {
|
||||
$this->id = $user['User']['id'];
|
||||
$this->saveField('password', $password);
|
||||
$this->saveField('last_pw_change', time());
|
||||
$this->updateField($user['User'], 'change_pw', 1);
|
||||
if ($simpleReturn) {
|
||||
return true;
|
||||
|
|
|
@ -157,6 +157,10 @@ if ($admin_view && $isSiteAdmin && $isTotp) {
|
|||
'key' => __('Created'),
|
||||
'html' => $user['User']['date_created'] ? $this->Time->time($user['User']['date_created']) : __('N/A')
|
||||
);
|
||||
$table_data[] = array(
|
||||
'key' => __('Last password change'),
|
||||
'html' => $user['User']['last_pw_change'] ? $this->Time->time($user['User']['last_pw_change']) : __('N/A')
|
||||
);
|
||||
if ($admin_view) {
|
||||
$table_data[] = array(
|
||||
'key' => __('News read at'),
|
||||
|
|
|
@ -8612,6 +8612,17 @@
|
|||
"column_type": "int(11)",
|
||||
"column_default": "NULL",
|
||||
"extra": ""
|
||||
},
|
||||
{
|
||||
"column_name": "last_pw_change",
|
||||
"is_nullable": "YES",
|
||||
"data_type": "bigint",
|
||||
"character_maximum_length": null,
|
||||
"numeric_precision": "19",
|
||||
"collation_name": null,
|
||||
"column_type": "bigint(20)",
|
||||
"column_default": "NULL",
|
||||
"extra": ""
|
||||
}
|
||||
],
|
||||
"user_settings": [
|
||||
|
@ -9549,5 +9560,5 @@
|
|||
"uuid": false
|
||||
}
|
||||
},
|
||||
"db_version": "114"
|
||||
"db_version": "115"
|
||||
}
|
Loading…
Reference in New Issue