I'm ready to commit, except these things are mixed up with some other changes I did.
I've made the changes on the oacs-4-6 branch, because that's where we're currently working. So that's where I'm going to commit them. Everybody's free to merge them over to HEAD, and if no-one else volunteers I will sometime later.
However, the above changes are currently tied up with a few other changes which I'd like to ask your advice on before I go ahead and commit:
- I've added a 'IndexRedirectUrl' parameter to acs-subsite, which will cause the index page to redirect to a given URL. This is useful if you have a subsite which essentially involves just one application, yet you still want to use acs-subsite's groups, etc. Very similar to what Don added to the top-level index page.
- I've added a password expiration feature. You can set the user's password to expire after a certain number of days. When the user logs on after that number of days, he'll be bumped to a page which asks him to change his password. He won't actually get his login cookie issued until he changes his password, and the new password cannot be identical to the old one.
- Similar, I've added an approval expiration feature, which causes users who haven't logged into the system in the last x number of days to have their membership approval state changed to 'needs_approval'. There are a few checks to make sure that if they're approved, but don't log in, they won't go unapproved again until after x number of days.
These are all client project stuff, so they're on 4.6.
Is it cool with you guys if I go ahead and commit those to 4.6 branch?