diff --git a/ldapcherry/ppolicy/__init.py b/ldapcherry/ppolicy/__init__.py similarity index 54% rename from ldapcherry/ppolicy/__init.py rename to ldapcherry/ppolicy/__init__.py index 911cb8c..4e137b7 100644 --- a/ldapcherry/ppolicy/__init.py +++ b/ldapcherry/ppolicy/__init__.py @@ -5,7 +5,9 @@ # LdapCherry # Copyright (c) 2014 Carpentier Pierre-Francois -class Ppolicy: +from ldapcherry.exceptions import MissingParameter + +class PPolicy: def __init__(self, config, logger): pass @@ -15,3 +17,11 @@ class Ppolicy: def info(self): ret = "There is no password policy configured" + + def get_param(self, param, default=None): + if param in self.config: + return self.config[param] + elif not default is None: + return default + else: + raise MissingParameter('ppolicy', param) diff --git a/ldapcherry/ppolicy/simple.py b/ldapcherry/ppolicy/simple.py index baa706b..70df6b5 100644 --- a/ldapcherry/ppolicy/simple.py +++ b/ldapcherry/ppolicy/simple.py @@ -5,3 +5,32 @@ # LdapCherry # Copyright (c) 2014 Carpentier Pierre-Francois +import ldapcherry.ppolicy +import re + +class PPolicy(ldapcherry.ppolicy.PPolicy): + + def __init__(self, config, logger): + self.config = config + self.min_length = get_param('min_length') + self.min_upper = get_param('min_upper') + self.min_digit = get_param('min_digit') + + def check(self, password): + if len(password) < self.min_length: + return {'match': False, 'reason': 'password too short'} + if len(re.findall(r'[A-Z]', password)) < self.min_upper: + return {'match': False, 'reason': 'not enough upper case characters'} + if len(re.findall(r'[0-9]', password)) < self.min_digit: + return {'match': False, 'reason': 'not enough digits'} + return {'match': True, 'reason': 'password ok'} + + def info(self): + return \ +"* Minimum length: %(len)n\n\ +* Minimum number of uppercase characters: %(upper)n\n\ +* Minimum number of digits: %(digit)n" % { 'upper': self.min_upper, + 'len': self.min_length, + 'digit' self.min_digit, + } +