add more possibility for validation of password

Add possibility to check for a certain number of lower, punctuation
characters and a number of rule to check among min_lower, min_upper,
min_digit, min_punct.

conf/ldapcherry.ini

@@ -185,8 +185,12 @@ ppolicy.module = 'ldapcherry.ppolicy.simple'
 
 # parameters of the module
 min_length = 8
+min_lower = 1
 min_upper = 1
 min_digit = 1
+min_punct = 1
+# number of rules (among: min_lower, min_upper, min_digit, min_punct) to respect for a correct password
+min_point = 4
 
 # authentification parameters
 [auth]

goodies/gen-dev-conf.sh

@@ -16,3 +16,5 @@ sed -i "s|ldap.admin.groups.*|ldap.admin.groups = '$GROUPS'|" $ROOT/ldapcherry-d
 sed -i "s|^min_length.*|min_length = 3|" $ROOT/ldapcherry-dev.ini
 sed -i "s|^min_upper.*|min_upper = 0|" $ROOT/ldapcherry-dev.ini
 sed -i "s|^min_digit.*|min_digit = 0|" $ROOT/ldapcherry-dev.ini
+sed -i "s|^min_punct.*|min_punct = 0|" $ROOT/ldapcherry-dev.ini
+sed -i "s|^min_point.*|min_point = 0|" $ROOT/ldapcherry-dev.ini

ldapcherry/ppolicy/simple.py

@@ -7,6 +7,7 @@
 
 import ldapcherry.ppolicy
 import re
+import string
 
 
 class PPolicy(ldapcherry.ppolicy.PPolicy):
@@ -14,27 +15,57 @@ class PPolicy(ldapcherry.ppolicy.PPolicy):
     def __init__(self, config, logger):
         self.config = config
         self.min_length = self.get_param('min_length')
+        self.min_lower = self.get_param('min_lower')
         self.min_upper = self.get_param('min_upper')
         self.min_digit = self.get_param('min_digit')
+        self.min_punct = self.get_param('min_punct')
+        self.min_point = self.get_param('min_point')
 
     def check(self, password):
+        point = 0
+        reason = 'Not enough complexity'
+
         if len(password) < self.min_length:
             return {'match': False, 'reason': 'Password too short'}
+
+        if len(re.findall(r'[a-z]', password)) < self.min_lower:
+            reason = 'Not enough lower case characters'
+        else:
+            point += 1
         if len(re.findall(r'[A-Z]', password)) < self.min_upper:
-            return {
-                'match': False,
-                'reason': 'Not enough upper case characters'
-                }
+            reason = 'Not enough upper case characters'
+        else:
+            point += 1
+
         if len(re.findall(r'[0-9]', password)) < self.min_digit:
-            return {'match': False, 'reason': 'Not enough digits'}
+            reason = 'Not enough digits'
+        else:
+            point += 1
+
+        punctuation = 0
+        for char in password:
+            if char in string.punctuation:
+                punctuation += 1
+        if punctuation < self.min_punct:
+            reason = 'Not enough special caracter'
+        else:
+            point += 1
+
+        if point < self.min_point:
+            return {'match': False, 'reason': reason}
+
         return {'match': True, 'reason': 'password ok'}
 
     def info(self):
         return \
             "* Minimum length: %(len)d\n" \
+            "* Minimum number of lowercase characters: %(lower)d\n" \
             "* Minimum number of uppercase characters: %(upper)d\n" \
-            "* Minimum number of digits: %(digit)d" % {
-                'upper': self.min_upper,
+            "* Minimum number of digits: %(digit)d\n" \
+            "* Minimum number of punctuation characters: %(punct)d" % {
                 'len': self.min_length,
+                'lower': self.min_lower,
+                'upper': self.min_upper,
                 'digit': self.min_digit
+                'punct': self.min_punct,
                 }

tests/cfg/ldapcherry.ini

@@ -108,8 +108,12 @@ ppolicy.module = 'ldapcherry.ppolicy.simple'
 
 # parameters of the module
 min_length = 8
+min_lower = 1
 min_upper = 1
 min_digit = 1
+min_punct = 1
+# number of rules (among: min_lower, min_upper, min_digit, min_punct) to respect for a correct password
+min_point = 4
 
 # resources parameters
 [resources]

tests/cfg/ldapcherry_adldap.cfg

@@ -145,8 +145,12 @@ ppolicy.module = 'ldapcherry.ppolicy.simple'
 
 # parameters of the module
 min_length = 8
+min_lower = 1
 min_upper = 1
 min_digit = 1
+min_punct = 1
+# number of rules (among: min_lower, min_upper, min_digit, min_punct) to respect for a correct password
+min_point = 4
 
 # authentification parameters
 [auth]

tests/test_env/etc/ldapcherry/ldapcherry.ini

@@ -112,8 +112,12 @@ ppolicy.module = 'ldapcherry.ppolicy.simple'
 
 # parameters of the module
 min_length = 2
+min_lower = 0
 min_upper = 0
 min_digit = 0
+min_punct = 0
+# number of rules (among: min_lower, min_upper, min_digit, min_punct) to respect for a correct password
+min_point = 0
 
 # resources parameters
 [resources]