Merge pull request #493 from zentavr/master

Adding an ability to update password_expiry field when user changes its own password from /users/ portal
5 years ago · 84ba24db8c
2 changed files with 35 additions and 1 deletions
--- a/DOCUMENTS/Password_Expiration.md
+++ b/DOCUMENTS/Password_Expiration.md
@ -85,7 +85,7 @@ do

    QUERY="SELECT username,password_expiry FROM mailbox WHERE password_expiry > now() + interval $LOWER DAY AND password_expiry < NOW() + interval $INTERVAL DAY"

-    mysql --defaults-extra-file="$MYSQL_CREDENTIALS_FILE" "$POSTFIX_DB" -B -e "$QUERY" | while read -a RESULT ; do
+    mysql --defaults-extra-file="$MYSQL_CREDENTIALS_FILE" "$POSTFIX_DB" -B -N -e "$QUERY" | while IFS=$'\t' read -a RESULT ; do
        echo -e "Dear User, \n Your password will expire on ${RESULT[1]}" | mail -s "Password 30 days before expiration notication" -r $REPLY_ADDRESS  ${RESULT[0]} 
    done
 done
--- a/model/Login.php
+++ b/model/Login.php
@ -91,6 +91,32 @@ class Login
        return false;
    }

+    /**
+     * returns user's domain name
+     * @param $username
+     * @return mixed|null
+     * @throws Exception
+     */
+    protected function getUserDomain($username)
+    {
+        $sql = "SELECT domain FROM {$this->table} WHERE username = :username AND active = :active";
+
+        $active = db_get_boolean(true);
+
+        $values = [
+            'username' => $username,
+            'active' => $active,
+        ];
+
+        // Fetch the domain
+        $result = db_query_one($sql, $values);
+
+        if (is_array($result) && isset($result['domain'])) {
+            return $result['domain'];
+        } else {
+            return NULL;
+        }
+    }

    /**
     * @param string $username
@ -115,6 +141,14 @@ class Login
            'password' => pacrypt($new_password),
        );

+        if (Config::bool('password_expiration')) {
+            $domain = $this->getUserDomain($username);
+            if (!is_null($domain)) {
+                $password_expiration_value = (int)get_password_expiration_value($domain);
+                $set['password_expiry'] = date('Y-m-d H:i', strtotime("+$password_expiration_value day"));
+            }
+        }
+
        $result = db_update($this->table, 'username', $username, $set);

        if ($result != 1) {