From: Roeland Jago Douma <roeland@famdouma.nl>
Date: Tue, 20 Nov 2018 12:28:40 +0000 (+0100)
Subject: Respect the disabled setting for lost_password_link
X-Git-Tag: v14.0.5RC1~90^2
X-Git-Url: https://source.dussan.org/?a=commitdiff_plain;h=b776c3b89f4d772c9ed478acd0d998c0cda52971;p=nextcloud-server.git

Respect the disabled setting for lost_password_link

Fixes #11146
As documented when it is set to disabled the user can't request a lost
password.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
---

diff --git a/core/Controller/LoginController.php b/core/Controller/LoginController.php
index 182d2bc106d..c30206ff3d5 100644
--- a/core/Controller/LoginController.php
+++ b/core/Controller/LoginController.php
@@ -224,7 +224,9 @@ class LoginController extends Controller {
 		$parameters['resetPasswordLink'] = $this->config
 			->getSystemValue('lost_password_link', '');
 
-		if (!$parameters['resetPasswordLink'] && $userObj !== null) {
+		if ($parameters['resetPasswordLink'] === 'disabled') {
+			$parameters['canResetPassword'] = false;
+		} else if (!$parameters['resetPasswordLink'] && $userObj !== null) {
 			$parameters['canResetPassword'] = $userObj->canChangePassword();
 		} else if ($userObj !== null && $userObj->isEnabled() === false) {
 			$parameters['canResetPassword'] = false;