2574 - enable Password expiry

- Extensibility: The UserLocal now provide the fields needed for an extension to be able to properly handle the expiration of the password

datamodels/2.x/authent-local/model.authent-local.php

@@ -65,6 +65,10 @@ class UserLocalPasswordValidity
 
 class UserLocal extends UserInternal
 {
+	const EXPIRE_CAN   = 'can_expire';
+	const EXPIRE_NEVER = 'never_expire';
+	const EXPIRE_FORCE = 'force_expire';
+
 	/** @var UserLocalPasswordValidity|null */
 	protected $m_oPasswordValidity = null;
 
@@ -87,6 +91,10 @@ class UserLocal extends UserInternal
 
 		MetaModel::Init_AddAttribute(new AttributeOneWayPassword("password", array("allowed_values"=>null, "sql"=>"pwd", "default_value"=>null, "is_null_allowed"=>false, "depends_on"=>array())));
 
+		$sExpireEnum = implode(',', array(self::EXPIRE_CAN, self::EXPIRE_NEVER, self::EXPIRE_FORCE));
+		MetaModel::Init_AddAttribute(new AttributeEnum("expiration", array("allowed_values"=>new ValueSetEnum($sExpireEnum), "sql"=>"expiration", "default_value"=>'never_expire', "is_null_allowed"=>false, "depends_on"=>array())));
+		MetaModel::Init_AddAttribute(new AttributeDate("password_renewed_date", array("allowed_values"=>null, "sql"=>"password_renewed_date", "default_value"=>"", "is_null_allowed"=>true, "depends_on"=>array())));
+
 		// Display lists
 		MetaModel::Init_SetZListItems('details', array('contactid', 'org_id', 'email', 'login', 'password', 'language', 'status', 'profile_list', 'allowed_org_list')); // Attributes to be displayed for the complete details
 		MetaModel::Init_SetZListItems('list', array('first_name', 'last_name', 'login', 'org_id')); // Attributes to be displayed for a list
@@ -149,6 +157,8 @@ class UserLocal extends UserInternal
 
 		if ('password' == $sAttCode)
 		{
+			$sNow = date(\AttributeDate::GetInternalFormat());
+			$this->Set('password_renewed_date', $sNow);
 			$this->ValidatePassword($value);
 		}
 

test/coreExtensions/UserLocalTest.php

@@ -177,5 +177,52 @@ class UserLocalTest extends ItopTestCase
 		);
 	}
 
+
+	/**
+	 * @dataProvider ProviderPasswordRenewal
+	 *
+	 */
+	public function testPasswordRenewal($aUserLocalValues, $oExpectedBefore, $oExpectedAfter)
+	{
+		/** @var UserLocal $oUserLocal */
+		$oUserLocal = \MetaModel::NewObject('UserLocal', $aUserLocalValues);
+		/** @var \ormLinkSet $oProfileSet */
+		$oProfileSet = $oUserLocal->Get('profile_list');
+
+		$oProfileSet->AddItem(
+			\MetaModel::NewObject('URP_UserProfile', array('profileid' => 1))
+		);
+
+		$this->assertEquals($oExpectedBefore, $oUserLocal->Get('password_renewed_date'));
+
+		$oUserLocal->Set('password', 'foo');
+
+		$this->assertEquals($oExpectedAfter, $oUserLocal->Get('password_renewed_date'));
+	}
+
+	public function ProviderPasswordRenewal()
+	{
+		$sNow = date(\AttributeDate::GetInternalFormat());
+		$sYesterday = date(\AttributeDate::GetInternalFormat(), strtotime('-1 day'));
+		$sTomorrow = date(\AttributeDate::GetInternalFormat(), strtotime('+1 day'));
+
+		return array(
+			'nominal case' => array(
+				'aUserLocalValues' =>  array('login' => 'john'),
+				'oExpectedBefore' => null,
+				'oExpectedAfter' => $sNow,
+			),
+			'date initiated' => array(
+				'aUserLocalValues' =>  array('login' => 'john', 'password_renewed_date' => $sYesterday),
+				'oExpectedBefore' => $sYesterday,
+				'oExpectedAfter' => $sNow,
+			),
+			'date initiated in the future' => array(
+				'aUserLocalValues' =>  array('login' => 'john', 'password_renewed_date' => $sTomorrow),
+				'oExpectedBefore' => $sTomorrow,
+				'oExpectedAfter' => $sNow,
+			),
+		);
+	}
 }