From f17869436661c139a96e1249badb6f13e9093891 Mon Sep 17 00:00:00 2001
From: keylor2906 <josemanuel@vauxoo.com>
Date: Wed, 18 Sep 2024 13:11:35 -0600
Subject: [PATCH 1/4] [IMP] password_security: Set password update date for
 already existing users that don't have it. This fixes the password expiration
 date and other validations that require an existing value for password update
 date.

[IMP] password_security: Simplify validation on password reset.
---
 password_security/__init__.py                    |  1 +
 password_security/__manifest__.py                |  3 ++-
 password_security/hooks.py                       | 16 ++++++++++++++++
 .../migrations/16.0.1.0.2/post-migration.py      | 12 ++++++++++++
 password_security/models/res_users.py            |  5 +----
 5 files changed, 32 insertions(+), 5 deletions(-)
 create mode 100644 password_security/hooks.py
 create mode 100644 password_security/migrations/16.0.1.0.2/post-migration.py

diff --git a/password_security/__init__.py b/password_security/__init__.py
index df8f34c6c9..72e0d80358 100644
--- a/password_security/__init__.py
+++ b/password_security/__init__.py
@@ -2,3 +2,4 @@
 # License LGPL-3.0 or later (http://www.gnu.org/licenses/lgpl.html).
 
 from . import controllers, models
+from .hooks import post_init_hook
diff --git a/password_security/__manifest__.py b/password_security/__manifest__.py
index c83ca630f8..7880266b6c 100644
--- a/password_security/__manifest__.py
+++ b/password_security/__manifest__.py
@@ -5,7 +5,7 @@
 {
     "name": "Password Security",
     "summary": "Allow admin to set password security requirements.",
-    "version": "16.0.1.0.1",
+    "version": "16.0.1.0.2",
     "author": "LasLabs, "
     "Onestein, "
     "Kaushal Prajapati, "
@@ -29,4 +29,5 @@
         "demo/res_users.xml",
     ],
     "installable": True,
+    "post_init_hook": "post_init_hook",
 }
diff --git a/password_security/hooks.py b/password_security/hooks.py
new file mode 100644
index 0000000000..b24083bb31
--- /dev/null
+++ b/password_security/hooks.py
@@ -0,0 +1,16 @@
+# Copyright 2024 Vauxoo
+# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl.html).
+
+
+def post_init_hook(cr, registry):
+    # Set password date for already existing users
+    cr.execute(
+        """
+        UPDATE
+            res_users
+        SET
+            password_write_date = NOW() at time zone 'UTC'
+        WHERE
+            password_write_date IS NULL;
+    """
+    )
diff --git a/password_security/migrations/16.0.1.0.2/post-migration.py b/password_security/migrations/16.0.1.0.2/post-migration.py
new file mode 100644
index 0000000000..6f5776854a
--- /dev/null
+++ b/password_security/migrations/16.0.1.0.2/post-migration.py
@@ -0,0 +1,12 @@
+def migrate(cr, version):
+    # Set password date for already existing users
+    cr.execute(
+        """
+        UPDATE
+            res_users
+        SET
+            password_write_date = NOW() at time zone 'UTC'
+        WHERE
+            password_write_date IS NULL;
+    """
+    )
diff --git a/password_security/models/res_users.py b/password_security/models/res_users.py
index cc78c1a9d9..79c74418f2 100644
--- a/password_security/models/res_users.py
+++ b/password_security/models/res_users.py
@@ -144,10 +144,7 @@ def _validate_pass_reset(self):
             if pass_min <= 0:
                 continue
             write_date = user.password_write_date
-            if not write_date:
-                continue
-            delta = timedelta(hours=pass_min)
-            if write_date + delta > datetime.now():
+            if write_date and write_date + timedelta(hours=pass_min) > datetime.now():
                 raise UserError(
                     _(
                         "Passwords can only be reset every %d hour(s). "

From dfeb26a6908d0fddad87561b3e651716983a8705 Mon Sep 17 00:00:00 2001
From: keylor2906 <josemanuel@vauxoo.com>
Date: Wed, 18 Sep 2024 13:11:35 -0600
Subject: [PATCH 2/4] [IMP] password_security: Set password update date for
 already existing users that don't have it. This fixes the password expiration
 date and other validations that require an existing value for password update
 date.

[IMP] password_security: Simplify validation on password reset.
---
 password_security/__init__.py                    |  1 +
 password_security/__manifest__.py                |  3 ++-
 password_security/hooks.py                       | 16 ++++++++++++++++
 .../migrations/16.0.1.0.2/post-migration.py      | 12 ++++++++++++
 password_security/models/res_users.py            |  5 +----
 5 files changed, 32 insertions(+), 5 deletions(-)
 create mode 100644 password_security/hooks.py
 create mode 100644 password_security/migrations/16.0.1.0.2/post-migration.py

diff --git a/password_security/__init__.py b/password_security/__init__.py
index df8f34c6c9..72e0d80358 100644
--- a/password_security/__init__.py
+++ b/password_security/__init__.py
@@ -2,3 +2,4 @@
 # License LGPL-3.0 or later (http://www.gnu.org/licenses/lgpl.html).
 
 from . import controllers, models
+from .hooks import post_init_hook
diff --git a/password_security/__manifest__.py b/password_security/__manifest__.py
index c83ca630f8..7880266b6c 100644
--- a/password_security/__manifest__.py
+++ b/password_security/__manifest__.py
@@ -5,7 +5,7 @@
 {
     "name": "Password Security",
     "summary": "Allow admin to set password security requirements.",
-    "version": "16.0.1.0.1",
+    "version": "16.0.1.0.2",
     "author": "LasLabs, "
     "Onestein, "
     "Kaushal Prajapati, "
@@ -29,4 +29,5 @@
         "demo/res_users.xml",
     ],
     "installable": True,
+    "post_init_hook": "post_init_hook",
 }
diff --git a/password_security/hooks.py b/password_security/hooks.py
new file mode 100644
index 0000000000..b24083bb31
--- /dev/null
+++ b/password_security/hooks.py
@@ -0,0 +1,16 @@
+# Copyright 2024 Vauxoo
+# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl.html).
+
+
+def post_init_hook(cr, registry):
+    # Set password date for already existing users
+    cr.execute(
+        """
+        UPDATE
+            res_users
+        SET
+            password_write_date = NOW() at time zone 'UTC'
+        WHERE
+            password_write_date IS NULL;
+    """
+    )
diff --git a/password_security/migrations/16.0.1.0.2/post-migration.py b/password_security/migrations/16.0.1.0.2/post-migration.py
new file mode 100644
index 0000000000..6f5776854a
--- /dev/null
+++ b/password_security/migrations/16.0.1.0.2/post-migration.py
@@ -0,0 +1,12 @@
+def migrate(cr, version):
+    # Set password date for already existing users
+    cr.execute(
+        """
+        UPDATE
+            res_users
+        SET
+            password_write_date = NOW() at time zone 'UTC'
+        WHERE
+            password_write_date IS NULL;
+    """
+    )
diff --git a/password_security/models/res_users.py b/password_security/models/res_users.py
index cc78c1a9d9..79c74418f2 100644
--- a/password_security/models/res_users.py
+++ b/password_security/models/res_users.py
@@ -144,10 +144,7 @@ def _validate_pass_reset(self):
             if pass_min <= 0:
                 continue
             write_date = user.password_write_date
-            if not write_date:
-                continue
-            delta = timedelta(hours=pass_min)
-            if write_date + delta > datetime.now():
+            if write_date and write_date + timedelta(hours=pass_min) > datetime.now():
                 raise UserError(
                     _(
                         "Passwords can only be reset every %d hour(s). "

From f9ac439efa8a157e7c513ebcd756f669037a66c4 Mon Sep 17 00:00:00 2001
From: OCA-git-bot <oca-git-bot@odoo-community.org>
Date: Fri, 20 Sep 2024 04:19:25 +0000
Subject: [PATCH 3/4] [UPD] addons table in README.md

---
 README.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/README.md b/README.md
index 597947cc7a..45f5dee4c0 100644
--- a/README.md
+++ b/README.md
@@ -39,7 +39,7 @@ addon | version | maintainers | summary
 [auth_user_case_insensitive](auth_user_case_insensitive/) | 16.0.1.0.0 |  | Makes the user login field case insensitive
 [base_user_show_email](base_user_show_email/) | 16.0.1.0.0 |  | Untangle user login and email
 [impersonate_login](impersonate_login/) | 16.0.1.0.0 | [![Kev-Roche](https://github.com/Kev-Roche.png?size=30px)](https://github.com/Kev-Roche) | tools
-[password_security](password_security/) | 16.0.1.0.1 |  | Allow admin to set password security requirements.
+[password_security](password_security/) | 16.0.1.0.2 |  | Allow admin to set password security requirements.
 [user_log_view](user_log_view/) | 16.0.1.0.0 | [![trojikman](https://github.com/trojikman.png?size=30px)](https://github.com/trojikman) | Allow to see user's actions log
 [users_ldap_groups](users_ldap_groups/) | 16.0.1.0.0 |  | Adds user accounts to groups based on rules defined by the administrator.
 [users_ldap_mail](users_ldap_mail/) | 16.0.1.0.0 | [![joao-p-marques](https://github.com/joao-p-marques.png?size=30px)](https://github.com/joao-p-marques) | LDAP mapping for user name and e-mail

From c75fc7106853ac4e8fe4dff1a44f6ff461ca300a Mon Sep 17 00:00:00 2001
From: OCA-git-bot <oca-git-bot@odoo-community.org>
Date: Fri, 20 Sep 2024 04:19:25 +0000
Subject: [PATCH 4/4] [UPD] README.rst

---
 password_security/README.rst                    | 2 +-
 password_security/static/description/index.html | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/password_security/README.rst b/password_security/README.rst
index 522fe3490c..cd37bb93ca 100644
--- a/password_security/README.rst
+++ b/password_security/README.rst
@@ -7,7 +7,7 @@ Password Security
    !! This file is generated by oca-gen-addon-readme !!
    !! changes will be overwritten.                   !!
    !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
-   !! source digest: sha256:9568694ae7773332e8d20909a814c812a69b1ef5a9041a0259ef6cb85347e1ac
+   !! source digest: sha256:17ea471173d7da0eae34d429cb275fece9aa7379f01d834c95989150c5759f85
    !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
 
 .. |badge1| image:: https://img.shields.io/badge/maturity-Beta-yellow.png
diff --git a/password_security/static/description/index.html b/password_security/static/description/index.html
index 9e0ff3c37c..31aa3905ec 100644
--- a/password_security/static/description/index.html
+++ b/password_security/static/description/index.html
@@ -367,7 +367,7 @@ <h1 class="title">Password Security</h1>
 !! This file is generated by oca-gen-addon-readme !!
 !! changes will be overwritten.                   !!
 !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
-!! source digest: sha256:9568694ae7773332e8d20909a814c812a69b1ef5a9041a0259ef6cb85347e1ac
+!! source digest: sha256:17ea471173d7da0eae34d429cb275fece9aa7379f01d834c95989150c5759f85
 !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! -->
 <p><a class="reference external image-reference" href="https://odoo-community.org/page/development-status"><img alt="Beta" src="https://img.shields.io/badge/maturity-Beta-yellow.png" /></a> <a class="reference external image-reference" href="http://www.gnu.org/licenses/lgpl-3.0-standalone.html"><img alt="License: LGPL-3" src="https://img.shields.io/badge/licence-LGPL--3-blue.png" /></a> <a class="reference external image-reference" href="https://github.com/OCA/server-auth/tree/16.0/password_security"><img alt="OCA/server-auth" src="https://img.shields.io/badge/github-OCA%2Fserver--auth-lightgray.png?logo=github" /></a> <a class="reference external image-reference" href="https://translation.odoo-community.org/projects/server-auth-16-0/server-auth-16-0-password_security"><img alt="Translate me on Weblate" src="https://img.shields.io/badge/weblate-Translate%20me-F47D42.png" /></a> <a class="reference external image-reference" href="https://runboat.odoo-community.org/builds?repo=OCA/server-auth&amp;target_branch=16.0"><img alt="Try me on Runboat" src="https://img.shields.io/badge/runboat-Try%20me-875A7B.png" /></a></p>
 <p>This module allows admin to set company-level password security requirements