From 7ce06cad9fab4b0db287b9b7457fb64675f258dc Mon Sep 17 00:00:00 2001 From: Jeroen Pinoy Date: Tue, 29 Aug 2023 10:45:20 +0200 Subject: [PATCH] new: [Users] add last password change timestamp for users --- app/Controller/UsersController.php | 9 +++++++-- app/Model/AppModel.php | 6 +++++- app/Model/User.php | 1 + app/View/Users/view.ctp | 4 ++++ db_schema.json | 13 ++++++++++++- 5 files changed, 29 insertions(+), 4 deletions(-) diff --git a/app/Controller/UsersController.php b/app/Controller/UsersController.php index 3aed0deae..597110166 100644 --- a/app/Controller/UsersController.php +++ b/app/Controller/UsersController.php @@ -301,6 +301,7 @@ class UsersController extends AppController // What fields should be saved (allowed to be saved) $user['User']['change_pw'] = 0; $user['User']['password'] = $this->request->data['User']['password']; + $user['User']['last_pw_change'] = time(); if ($this->_isRest()) { $user['User']['confirm_password'] = $this->request->data['User']['password']; } else { @@ -475,7 +476,8 @@ class UsersController extends AppController 'last_api_access', 'force_logout', 'date_created', - 'date_modified' + 'date_modified', + 'last_pw_change' ), 'contain' => array( 'Organisation' => array('id', 'name'), @@ -687,6 +689,7 @@ class UsersController extends AppController } } $this->request->data['User']['date_created'] = time(); + $this->request->data['User']['last_pw_change'] = $this->request->data['User']['date_created']; if (!array_key_exists($this->request->data['User']['role_id'], $syncRoles)) { $this->request->data['User']['server_id'] = 0; } @@ -758,7 +761,7 @@ class UsersController extends AppController $this->Flash->error(__('The user could not be saved. Invalid organisation.')); } } else { - $fieldList = array('password', 'email', 'external_auth_required', 'external_auth_key', 'enable_password', 'confirm_password', 'org_id', 'role_id', 'authkey', 'nids_sid', 'server_id', 'gpgkey', 'certif_public', 'autoalert', 'contactalert', 'disabled', 'invited_by', 'change_pw', 'termsaccepted', 'newsread', 'date_created', 'date_modified'); + $fieldList = array('password', 'email', 'external_auth_required', 'external_auth_key', 'enable_password', 'confirm_password', 'org_id', 'role_id', 'authkey', 'nids_sid', 'server_id', 'gpgkey', 'certif_public', 'autoalert', 'contactalert', 'disabled', 'invited_by', 'change_pw', 'termsaccepted', 'newsread', 'date_created', 'date_modified', 'last_pw_change'); if ($this->User->save($this->request->data, true, $fieldList)) { $notification_message = ''; if (!empty($this->request->data['User']['notify'])) { @@ -953,6 +956,8 @@ class UsersController extends AppController $this->__canChangePassword() ) { $fields[] = 'password'; + $fields[] = 'last_pw_change'; + $this->request->data['User']['last_pw_change'] = time(); if ($this->_isRest() && !isset($this->request->data['User']['confirm_password'])) { $this->request->data['User']['confirm_password'] = $this->request->data['User']['password']; $fields[] = 'confirm_password'; diff --git a/app/Model/AppModel.php b/app/Model/AppModel.php index b62cadca0..0f0e9922f 100644 --- a/app/Model/AppModel.php +++ b/app/Model/AppModel.php @@ -85,7 +85,7 @@ class AppModel extends Model 93 => false, 94 => false, 95 => true, 96 => false, 97 => true, 98 => false, 99 => false, 100 => false, 101 => false, 102 => false, 103 => false, 104 => false, 105 => false, 106 => false, 107 => false, 108 => false, 109 => false, 110 => false, - 111 => false, 112 => false, 113 => true, 114 => false + 111 => false, 112 => false, 113 => true, 114 => false, 115 => false ); const ADVANCED_UPDATES_DESCRIPTION = array( @@ -1973,6 +1973,10 @@ class AppModel extends Model case 114: $indexArray[] = ['object_references', 'uuid']; break; + case 115: + $sqlArray[] = "ALTER TABLE `users` ADD COLUMN `last_pw_change` BIGINT(20) NULL DEFAULT NULL;"; + $sqlArray[] = "UPDATE `users` SET last_pw_change=date_modified WHERE last_pw_change IS NULL"; + break; case 'fixNonEmptySharingGroupID': $sqlArray[] = 'UPDATE `events` SET `sharing_group_id` = 0 WHERE `distribution` != 4;'; $sqlArray[] = 'UPDATE `attributes` SET `sharing_group_id` = 0 WHERE `distribution` != 4;'; diff --git a/app/Model/User.php b/app/Model/User.php index f2a5403fb..afbec075e 100644 --- a/app/Model/User.php +++ b/app/Model/User.php @@ -984,6 +984,7 @@ class User extends AppModel if ($result) { $this->id = $user['User']['id']; $this->saveField('password', $password); + $this->saveField('last_pw_change', time()); $this->updateField($user['User'], 'change_pw', 1); if ($simpleReturn) { return true; diff --git a/app/View/Users/view.ctp b/app/View/Users/view.ctp index cf3b2f546..51da8ac34 100755 --- a/app/View/Users/view.ctp +++ b/app/View/Users/view.ctp @@ -157,6 +157,10 @@ if ($admin_view && $isSiteAdmin && $isTotp) { 'key' => __('Created'), 'html' => $user['User']['date_created'] ? $this->Time->time($user['User']['date_created']) : __('N/A') ); + $table_data[] = array( + 'key' => __('Last password change'), + 'html' => $user['User']['last_pw_change'] ? $this->Time->time($user['User']['last_pw_change']) : __('N/A') + ); if ($admin_view) { $table_data[] = array( 'key' => __('News read at'), diff --git a/db_schema.json b/db_schema.json index 1fca6ae7c..139503142 100644 --- a/db_schema.json +++ b/db_schema.json @@ -8612,6 +8612,17 @@ "column_type": "int(11)", "column_default": "NULL", "extra": "" + }, + { + "column_name": "last_pw_change", + "is_nullable": "YES", + "data_type": "bigint", + "character_maximum_length": null, + "numeric_precision": "19", + "collation_name": null, + "column_type": "bigint(20)", + "column_default": "NULL", + "extra": "" } ], "user_settings": [ @@ -9549,5 +9560,5 @@ "uuid": false } }, - "db_version": "114" + "db_version": "115" } \ No newline at end of file