Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.
Any logged in user is constantly forwarded to the user edit for and is requested to change their password. Even after a password change the forwarding still persists and the system is treading the password as expired.
We tested with '0' as valid password time in the password policy rule and we set the 'last updated date' manually to a date from the future. Both did not helped.
Comments
Comment #2
Ashutosh Tiwari CreditAttribution: Ashutosh Tiwari as a volunteer and commentedHello All,
I have made few changes in .module file of the Password Policy. Now it seems it is working fine.
changes are as follows:-
on line number 297 changed
as it was not able to get current user id.
On line number 304 and 319 changed date format to date('Y-m-d H:i:s');
Please review the patch, it is fine or not.
Thanks
Comment #3
Ashutosh Tiwari CreditAttribution: Ashutosh Tiwari as a volunteer and commentedComment #4
Ashutosh Tiwari CreditAttribution: Ashutosh Tiwari as a volunteer and commentedHello All,
I am sorry but previous patch will not work. I am uploading a new patch , Please try to review that. It is working fine for me. I just made changes in form submit action.
Thanks
Comment #5
Ashutosh Tiwari CreditAttribution: Ashutosh Tiwari as a volunteer and commentedComment #8
imen ch CreditAttribution: imen ch commentedI have the same problem with Password Policy module on version 8.x-3.0-alpha4.
Did you resolved this problem ?
Comment #9
gargsuchi CreditAttribution: gargsuchi at Salsa Digital for Department of Premier and Cabinet - Victoria, Australia commentedI was able to reproduce this error on 8.x-3.x branch. attaching a patch for the same.
Comment #10
gargsuchi CreditAttribution: gargsuchi at Salsa Digital for Department of Premier and Cabinet - Victoria, Australia commentedComment #11
gargsuchi CreditAttribution: gargsuchi at Salsa Digital for Department of Premier and Cabinet - Victoria, Australia commentedAbove patch was failing tests (though none of my changes affected it). Fixed in the new patch hopefully.
Comment #12
nerdsteinRequeue'd the tests
Comment #13
nerdsteinThe patch in #11 needs re-rolled, but I'm not comfortable merging it in at the moment. The patch posted in #1 is a much smaller change and would seem to be in line with my understanding of the bug.
I'm not really keen on the patch posted in #11.
First, it looks like it proposes a switch from a date format to a time stamp, which would cause existing data to be broken. There is no update hook in place to convert. I may be wrong on this -- if I am, please let me know. The patch in #1 shows a potential fix that doesn't drastically change the data in the field. We still may need an update hook that converts the old values.
Second, the automated tests are now posting a "drupalGet" to make the tests pass. The point of the tests is to ensure the user is redirected. This actually bypasses the check for the test.
I'm moving this back to "needs work"
Comment #14
volegerrerolled patch
Comment #16
daggerhart CreditAttribution: daggerhart commentedI did a bit of testing and found that this was fixed in #2852312: Password expiration not set to false on update, and has already been committed.
#4 in this issue mentioned this same solution of changing order of the submit callbacks on the form. In my tests I changed the callback order to the way they were previous to this issue being created (using
array_unshift()
) and that cause the redirects to continually happen. With the password policy submit callback appended to the end of the array, everything works as expected.