From e964c5151e77d9e3902b39843754f349aa14c458 Mon Sep 17 00:00:00 2001
From: kakwa <carpentier.pf@gmail.com>
Date: Wed, 1 Jul 2015 23:00:42 +0200
Subject: [PATCH] implementing a simple ppolicy module

---
 ldapcherry/ppolicy/{__init.py => __init__.py} | 12 +++++++-
 ldapcherry/ppolicy/simple.py                  | 29 +++++++++++++++++++
 2 files changed, 40 insertions(+), 1 deletion(-)
 rename ldapcherry/ppolicy/{__init.py => __init__.py} (54%)

diff --git a/ldapcherry/ppolicy/__init.py b/ldapcherry/ppolicy/__init__.py
similarity index 54%
rename from ldapcherry/ppolicy/__init.py
rename to ldapcherry/ppolicy/__init__.py
index 911cb8c..4e137b7 100644
--- a/ldapcherry/ppolicy/__init.py
+++ b/ldapcherry/ppolicy/__init__.py
@@ -5,7 +5,9 @@
 # LdapCherry
 # Copyright (c) 2014 Carpentier Pierre-Francois
 
-class Ppolicy:
+from ldapcherry.exceptions import MissingParameter
+
+class PPolicy:
 
     def __init__(self, config, logger):
         pass
@@ -15,3 +17,11 @@ class Ppolicy:
 
     def info(self):
         ret = "There is no password policy configured"
+
+    def get_param(self, param, default=None):
+        if param in self.config:
+            return self.config[param]
+        elif not default is None:
+            return default
+        else:
+           raise MissingParameter('ppolicy', param)
diff --git a/ldapcherry/ppolicy/simple.py b/ldapcherry/ppolicy/simple.py
index baa706b..70df6b5 100644
--- a/ldapcherry/ppolicy/simple.py
+++ b/ldapcherry/ppolicy/simple.py
@@ -5,3 +5,32 @@
 # LdapCherry
 # Copyright (c) 2014 Carpentier Pierre-Francois
 
+import ldapcherry.ppolicy
+import re
+
+class PPolicy(ldapcherry.ppolicy.PPolicy):
+
+    def __init__(self, config, logger):
+        self.config = config
+        self.min_length = get_param('min_length')
+        self.min_upper = get_param('min_upper')
+        self.min_digit = get_param('min_digit')
+
+    def check(self, password):
+        if len(password) < self.min_length:
+            return {'match': False, 'reason': 'password too short'}
+        if len(re.findall(r'[A-Z]', password)) < self.min_upper:
+            return {'match': False, 'reason': 'not enough upper case characters'}
+        if len(re.findall(r'[0-9]', password)) < self.min_digit:
+            return {'match': False, 'reason': 'not enough digits'}
+        return {'match': True, 'reason': 'password ok'}
+
+    def info(self):
+        return \
+"* Minimum length: %(len)n\n\
+* Minimum number of uppercase characters: %(upper)n\n\
+* Minimum number of digits: %(digit)n" % { 'upper': self.min_upper,
+        'len': self.min_length,
+        'digit' self.min_digit,
+    }
+