Split personal and user-mgmt password change logic
This commit is contained in:
parent
ea6e74ca95
commit
a21376480d
5 changed files with 57 additions and 28 deletions
|
@ -1,34 +1,34 @@
|
|||
<?php
|
||||
|
||||
// Check if we are a user
|
||||
OCP\JSON::callCheck();
|
||||
// Check if we are an user
|
||||
OC_JSON::callCheck();
|
||||
OC_JSON::checkLoggedIn();
|
||||
|
||||
// Manually load apps to ensure hooks work correctly (workaround for issue 1503)
|
||||
OC_APP::loadApps();
|
||||
OC_App::loadApps();
|
||||
|
||||
$username = isset($_POST['username']) ? $_POST['username'] : OC_User::getUser();
|
||||
$password = isset($_POST['personal-password']) ? $_POST['personal-password'] : null;
|
||||
$oldPassword = isset($_POST['oldpassword']) ? $_POST['oldpassword'] : '';
|
||||
$recoveryPassword = isset($_POST['recoveryPassword']) ? $_POST['recoveryPassword'] : null;
|
||||
|
||||
$userstatus = null;
|
||||
if (OC_User::isAdminUser(OC_User::getUser())) {
|
||||
$userstatus = 'admin';
|
||||
}
|
||||
if (OC_SubAdmin::isUserAccessible(OC_User::getUser(), $username)) {
|
||||
$userstatus = 'subadmin';
|
||||
}
|
||||
if (OC_User::getUser() === $username && OC_User::checkPassword($username, $oldPassword)) {
|
||||
$userstatus = 'user';
|
||||
}
|
||||
|
||||
if (is_null($userstatus)) {
|
||||
OC_JSON::error(array('data' => array('message' => 'Authentication error')));
|
||||
if (isset($_POST['username'])) {
|
||||
$username = $_POST['username'];
|
||||
} else {
|
||||
$l = new \OC_L10n('settings');
|
||||
OC_JSON::error(array('data' => array('message' => $l->t('No user supplied')) ));
|
||||
exit();
|
||||
}
|
||||
|
||||
if (\OCP\App::isEnabled('files_encryption') && $userstatus !== 'user') {
|
||||
$password = isset($_POST['password']) ? $_POST['password'] : null;
|
||||
$recoveryPassword = isset($_POST['recoveryPassword']) ? $_POST['recoveryPassword'] : null;
|
||||
|
||||
if (OC_User::isAdminUser(OC_User::getUser())) {
|
||||
$userstatus = 'admin';
|
||||
} elseif (OC_SubAdmin::isUserAccessible(OC_User::getUser(), $username)) {
|
||||
$userstatus = 'subadmin';
|
||||
} else {
|
||||
$l = new \OC_L10n('settings');
|
||||
OC_JSON::error(array('data' => array('message' => $l->t('Authentication error')) ));
|
||||
exit();
|
||||
}
|
||||
|
||||
if (\OC_App::isEnabled('files_encryption')) {
|
||||
//handle the recovery case
|
||||
$util = new \OCA\Encryption\Util(new \OC_FilesystemView('/'), $username);
|
||||
$recoveryAdminEnabled = OC_Appconfig::getValue('files_encryption', 'recoveryAdminEnabled');
|
||||
|
@ -55,7 +55,7 @@ if (\OCP\App::isEnabled('files_encryption') && $userstatus !== 'user') {
|
|||
}
|
||||
|
||||
}
|
||||
} else { // if user changes his own password or if encryption is disabled, proceed
|
||||
} else { // if encryption is disabled, proceed
|
||||
if (!is_null($password) && OC_User::setPassword($username, $password)) {
|
||||
OC_JSON::success(array('data' => array('username' => $username)));
|
||||
} else {
|
||||
|
|
24
settings/ajax/changepersonalpassword.php
Normal file
24
settings/ajax/changepersonalpassword.php
Normal file
|
@ -0,0 +1,24 @@
|
|||
<?php
|
||||
|
||||
// Check if we are an user
|
||||
OC_JSON::callCheck();
|
||||
OC_JSON::checkLoggedIn();
|
||||
|
||||
// Manually load apps to ensure hooks work correctly (workaround for issue 1503)
|
||||
OC_App::loadApps();
|
||||
|
||||
$username = OC_User::getUser();
|
||||
$password = isset($_POST['personal-password']) ? $_POST['personal-password'] : null;
|
||||
$oldPassword = isset($_POST['oldpassword']) ? $_POST['oldpassword'] : '';
|
||||
$recoveryPassword = isset($_POST['recoveryPassword']) ? $_POST['recoveryPassword'] : null;
|
||||
|
||||
if (!OC_User::checkPassword($username, $oldPassword)) {
|
||||
$l = new \OC_L10n('settings');
|
||||
OC_JSON::error(array("data" => array("message" => $l->t("Wrong password")) ));
|
||||
exit();
|
||||
}
|
||||
if (!is_null($password) && OC_User::setPassword($username, $password)) {
|
||||
OC_JSON::success();
|
||||
} else {
|
||||
OC_JSON::error();
|
||||
}
|
|
@ -52,14 +52,17 @@ $(document).ready(function(){
|
|||
$('#passwordchanged').hide();
|
||||
$('#passworderror').hide();
|
||||
// Ajax foo
|
||||
$.post( 'ajax/changepassword.php', post, function(data){
|
||||
$.post(OC.Router.generate('settings_ajax_changepersonalpassword'), post, function(data){
|
||||
if( data.status === "success" ){
|
||||
$('#pass1').val('');
|
||||
$('#pass2').val('');
|
||||
$('#passwordchanged').show();
|
||||
}
|
||||
else{
|
||||
$('#passworderror').html( data.data.message );
|
||||
} else{
|
||||
if (typeof(data.data) !== "undefined") {
|
||||
$('#passworderror').html(data.data.message);
|
||||
} else {
|
||||
$('#passworderror').html(t('Unable to change password'));
|
||||
}
|
||||
$('#passworderror').show();
|
||||
}
|
||||
});
|
||||
|
|
|
@ -361,7 +361,7 @@ $(document).ready(function () {
|
|||
if ($(this).val().length > 0) {
|
||||
var recoveryPasswordVal = $('input:password[id="recoveryPassword"]').val();
|
||||
$.post(
|
||||
OC.filePath('settings', 'ajax', 'changepassword.php'),
|
||||
OC.Router.generate('settings_ajax_changepassword'),
|
||||
{username: uid, password: $(this).val(), recoveryPassword: recoveryPasswordVal},
|
||||
function (result) {
|
||||
if (result.status != 'success') {
|
||||
|
|
|
@ -39,6 +39,8 @@ $this->create('settings_ajax_removegroup', '/settings/ajax/removegroup.php')
|
|||
->actionInclude('settings/ajax/removegroup.php');
|
||||
$this->create('settings_ajax_changepassword', '/settings/ajax/changepassword.php')
|
||||
->actionInclude('settings/ajax/changepassword.php');
|
||||
$this->create('settings_ajax_changepersonalpassword', '/settings/ajax/changepersonalpassword.php')
|
||||
->actionInclude('settings/ajax/changepersonalpassword.php');
|
||||
$this->create('settings_ajax_changedisplayname', '/settings/ajax/changedisplayname.php')
|
||||
->actionInclude('settings/ajax/changedisplayname.php');
|
||||
// personel
|
||||
|
|
Loading…
Reference in a new issue