fix(workflows): Finish password confirmation

Signed-off-by: Joas Schilling <coding@schilljs.com>

diff --git a/apps/workflowengine/lib/Controller/AWorkflowController.php b/apps/workflowengine/lib/Controller/AWorkflowController.php
index 77e50526092e1bf3dcbf8c521ea93c4c3ab81f53..2c3655743ffd44a9d9590ca9bb14e0809bcdf2f0 100644 (file)
--- a/apps/workflowengine/lib/Controller/AWorkflowController.php
+++ b/apps/workflowengine/lib/Controller/AWorkflowController.php
@@ -30,6 +30,7 @@ namespace OCA\WorkflowEngine\Controller;
 use Doctrine\DBAL\Exception;
 use OCA\WorkflowEngine\Helper\ScopeContext;
 use OCA\WorkflowEngine\Manager;
+use OCP\AppFramework\Http\Attribute\PasswordConfirmationRequired;
 use OCP\AppFramework\Http\DataResponse;
 use OCP\AppFramework\OCS\OCSBadRequestException;
 use OCP\AppFramework\OCS\OCSException;
@@ -103,6 +104,7 @@ abstract class AWorkflowController extends OCSController {
         * @throws OCSForbiddenException
         * @throws OCSException
         */
+       #[PasswordConfirmationRequired]
        public function create(
                string $class,
                string $name,
@@ -131,6 +133,7 @@ abstract class AWorkflowController extends OCSController {
         * @throws OCSForbiddenException
         * @throws OCSException
         */
+       #[PasswordConfirmationRequired]
        public function update(
                int $id,
                string $name,
@@ -159,6 +162,7 @@ abstract class AWorkflowController extends OCSController {
         * @throws OCSForbiddenException
         * @throws OCSException
         */
+       #[PasswordConfirmationRequired]
        public function destroy(int $id): DataResponse {
                try {
                        $deleted = $this->manager->deleteOperation($id, $this->getScopeContext());

diff --git a/apps/workflowengine/lib/Controller/UserWorkflowsController.php b/apps/workflowengine/lib/Controller/UserWorkflowsController.php
index dd2457dd9e863385b2417639544520767271503a..02c52deb9c7c38ec7ec56b4c64e0579971a15116 100644 (file)
--- a/apps/workflowengine/lib/Controller/UserWorkflowsController.php
+++ b/apps/workflowengine/lib/Controller/UserWorkflowsController.php
@@ -29,6 +29,7 @@ namespace OCA\WorkflowEngine\Controller;
 
 use OCA\WorkflowEngine\Helper\ScopeContext;
 use OCA\WorkflowEngine\Manager;
+use OCP\AppFramework\Http\Attribute\PasswordConfirmationRequired;
 use OCP\AppFramework\Http\DataResponse;
 use OCP\AppFramework\OCS\OCSBadRequestException;
 use OCP\AppFramework\OCS\OCSForbiddenException;
@@ -84,6 +85,7 @@ class UserWorkflowsController extends AWorkflowController {
         * @throws OCSBadRequestException
         * @throws OCSForbiddenException
         */
+       #[PasswordConfirmationRequired]
        public function create(string $class, string $name, array $checks, string $operation, string $entity, array $events): DataResponse {
                return parent::create($class, $name, $checks, $operation, $entity, $events);
        }
@@ -93,6 +95,7 @@ class UserWorkflowsController extends AWorkflowController {
         * @throws OCSBadRequestException
         * @throws OCSForbiddenException
         */
+       #[PasswordConfirmationRequired]
        public function update(int $id, string $name, array $checks, string $operation, string $entity, array $events): DataResponse {
                return parent::update($id, $name, $checks, $operation, $entity, $events);
        }
@@ -101,6 +104,7 @@ class UserWorkflowsController extends AWorkflowController {
         * @NoAdminRequired
         * @throws OCSForbiddenException
         */
+       #[PasswordConfirmationRequired]
        public function destroy(int $id): DataResponse {
                return parent::destroy($id);
        }

diff --git a/apps/workflowengine/src/store.js b/apps/workflowengine/src/store.js
index 49c881e67b6a0527742c2609421b7a5767cf9c21..6f8905687cf9a57ec86303046261c86b2b791a0f 100644 (file)
--- a/apps/workflowengine/src/store.js
+++ b/apps/workflowengine/src/store.js
@@ -89,7 +89,8 @@ const store = new Store({
                                context.commit('addRule', rule)
                        })
                },
-               createNewRule(context, rule) {
+               async createNewRule(context, rule) {
+                       await confirmPassword()
                        let entity = null
                        let events = []
                        if (rule.isComplex === false && rule.fixedEntity === '') {
@@ -120,9 +121,7 @@ const store = new Store({
                        context.commit('removeRule', rule)
                },
                async pushUpdateRule(context, rule) {
-                       if (context.state.scope === 0) {
-                               await confirmPassword()
-                       }
+                       await confirmPassword()
                        let result
                        if (rule.id < 0) {
                                result = await axios.post(getApiUrl(''), rule)