public function PasswordPolicyValidator::validatePassword in Password Policy 8.3
Validates the given password.
Parameters
string $password: The new password.
\Drupal\user\UserInterface $user: The current user object.
array $edited_user_roles: An optional array containing the edited user roles.
Return value
bool True when the password is valid, else false.
Overrides PasswordPolicyValidatorInterface::validatePassword
File
- src/
PasswordPolicyValidator.php, line 44
Class
Namespace
Drupal\password_policyCode
public function validatePassword(string $password, UserInterface $user, array $edited_user_roles = []) : bool {
// Stop before policy-based validation if password exceeds maximum length.
if (strlen($password) > PasswordInterface::PASSWORD_MAX_LENGTH) {
return TRUE;
}
if (empty($edited_user_roles)) {
$edited_user_roles = $user
->getRoles();
$edited_user_roles = array_combine($edited_user_roles, $edited_user_roles);
}
$valid = TRUE;
// Run validation.
$applicable_policies = $this
->getApplicablePolicies($edited_user_roles);
$original_roles = $user
->getRoles();
$original_roles = array_combine($original_roles, $original_roles);
$force_failure = FALSE;
if (!empty(array_diff($edited_user_roles, $original_roles)) && $password === '' && !empty($applicable_policies)) {
// New role has been added and applicable policies are available.
$force_failure = TRUE;
}
foreach ($applicable_policies as $policy) {
$policy_constraints = $policy
->getConstraints();
foreach ($policy_constraints as $constraint) {
/** @var \Drupal\password_policy\PasswordConstraintInterface $plugin_object */
$plugin_object = $this->passwordConstraintPluginManager
->createInstance($constraint['id'], $constraint);
// Execute validation.
$validation = $plugin_object
->validate($password, $user);
if ($valid && $password !== '' && !$validation
->isValid()) {
// Throw error to ensure form will not submit.
$valid = FALSE;
}
elseif ($force_failure) {
$valid = FALSE;
}
}
}
return $valid;
}