mirror of
https://github.com/drakkan/sftpgo.git
synced 2024-11-25 17:10:28 +00:00
eventmanager: skip password expiration check for expired users
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
This commit is contained in:
parent
df9d47900a
commit
e0cbb966f0
2 changed files with 20 additions and 2 deletions
|
@ -2137,10 +2137,17 @@ func executeMetadataCheckRuleAction(conditions dataprovider.ConditionOptions, pa
|
|||
|
||||
func executePwdExpirationCheckForUser(user *dataprovider.User, config dataprovider.EventActionPasswordExpiration) error {
|
||||
if err := user.LoadAndApplyGroupSettings(); err != nil {
|
||||
eventManagerLog(logger.LevelError, "skipping password expiration check for user %s, cannot apply group settings: %v",
|
||||
eventManagerLog(logger.LevelError, "skipping password expiration check for user %q, cannot apply group settings: %v",
|
||||
user.Username, err)
|
||||
return err
|
||||
}
|
||||
if user.ExpirationDate > 0 {
|
||||
if expDate := util.GetTimeFromMsecSinceEpoch(user.ExpirationDate); expDate.Before(time.Now()) {
|
||||
eventManagerLog(logger.LevelDebug, "skipping password expiration check for expired user %q, expiration date: %s",
|
||||
user.Username, expDate)
|
||||
return nil
|
||||
}
|
||||
}
|
||||
if user.Filters.PasswordExpiration == 0 {
|
||||
eventManagerLog(logger.LevelDebug, "password expiration not set for user %q skipping check", user.Username)
|
||||
return nil
|
||||
|
|
|
@ -1207,13 +1207,24 @@ func TestUserExpirationCheck(t *testing.T) {
|
|||
ExpirationDate: util.GetTimeAsMsSinceEpoch(time.Now().Add(-24 * time.Hour)),
|
||||
},
|
||||
}
|
||||
user.Filters.PasswordExpiration = 5
|
||||
err := dataprovider.AddUser(&user, "", "", "")
|
||||
assert.NoError(t, err)
|
||||
|
||||
err = executeUserExpirationCheckRuleAction(dataprovider.ConditionOptions{}, &EventParams{})
|
||||
conditions := dataprovider.ConditionOptions{
|
||||
Names: []dataprovider.ConditionPattern{
|
||||
{
|
||||
Pattern: username,
|
||||
},
|
||||
},
|
||||
}
|
||||
err = executeUserExpirationCheckRuleAction(conditions, &EventParams{})
|
||||
if assert.Error(t, err) {
|
||||
assert.Contains(t, err.Error(), "expired users")
|
||||
}
|
||||
// the check will be skipped, the user is expired
|
||||
err = executePwdExpirationCheckRuleAction(dataprovider.EventActionPasswordExpiration{Threshold: 10}, conditions, &EventParams{})
|
||||
assert.NoError(t, err)
|
||||
|
||||
err = dataprovider.DeleteUser(username, "", "", "")
|
||||
assert.NoError(t, err)
|
||||
|
|
Loading…
Reference in a new issue