empty password only allowed if password link is sent

Signed-off-by: Morris Jobke <hey@morrisjobke.de>

diff --git a/lib/private/User/Manager.php b/lib/private/User/Manager.php
index cb726b55eac636d68ee1100bbf5f518cca3b3524..39845fba88d168ab515645a29bcbac1943557b89 100644 (file)
--- a/lib/private/User/Manager.php
+++ b/lib/private/User/Manager.php
@@ -281,10 +281,10 @@ class Manager extends PublicEmitter implements IUserManager {
                if (strlen(trim($uid, "\t\n\r\0\x0B\xe2\x80\x8b")) !== strlen(trim($uid))) {
                        throw new \Exception($l->t('Username contains whitespace at the beginning or at the end'));
                }
-               // No empty password
-//             if (trim($password) == '') {
-//                     throw new \Exception($l->t('A valid password must be provided'));
-//             }
+               // empty password only allowed if password link is sent
+               if (trim($password) == '' && $this->config->getAppValue('core', 'umgmt_send_passwordlink', 'false') === 'false') {
+                       throw new \Exception($l->t('A valid password must be provided'));
+               }
 
                // Check if user already exists
                if ($this->userExists($uid)) {