Redmine Account Policy - Githubissues

Hi,

"1- automatically lock a user account after a period of time(date,60 days)?"

You should run this the code every day, to check the user activities and if it is over 60 days, then the ruby code are able to lock the user account. The problem is, that the custom_workflow plugin codes cannot be scheduled, so the code will not run automatically every day.

All you need is a scheduler plug-in: Redmine Automation Plugin (Automate and optimize)

Note: I do not use this plugin, so before purchasing ask the customer service about your intended function.

According the Guide of Redmine Automation Plugin, this can solve your issue:

2- how i prevent user to change her own password??

Create a new custom_workflow and set the "Observable object" to USER

User this code in BEFORE SECTION:


unless self.password.nil? || new_record?
   if self.password != self.password.try(:value)
       errors.add(:base,"Changing the password is not allowed by the system administrator!") 
   end
end

its mean the session user end after 60 days and need activeted it agian No. The session IS NOT the time between user registration time and now.

The session = time between last login and now

Session expiration:

Session maximum lifetime: Lets the administrator set the maximum lifetime of the session
Session inactivity timeout: Lets the administrator specify after how many hours of inactivity the session times out.
Warning 1: Changing these settings may expire the current sessions (including your own).
Warning 2: Redmine uses the rails cookiestore for session management. We strongly advise you to set a maximum session lifetime. If you don't, it is theoretically possible that an attacker steals the session cookie and re-uses it.

Source: https://www.redmine.org/projects/redmine/wiki/RedmineSettings#Allow-OpenID-login-and-registration

anteo / redmine_custom_workflows

Redmine Account Policy #247

the aim of my question It is to give the validity of the using redmine conditional on a specific time