Browse Source
Properly catch password policy hint for personal page password changes
Signed-off-by: Morris Jobke <hey@morrisjobke.de>tags/v11.0RC2
Morris Jobke
7 years ago
2 changed files with 49 additions and 4 deletions
+ 24
- 4
settings/Controller/ChangePasswordController.php
View File
| @@ -91,6 +91,7 @@ class ChangePasswordController extends Controller { | |||
| * @return JSONResponse | |||
| */ | |||
| public function changePersonalPassword($oldpassword = '', $newpassword = null) { | |||
| /** @var IUser $user */ | |||
| $user = $this->userManager->checkPassword($this->userId, $oldpassword); | |||
| if ($user === false) { | |||
| return new JSONResponse([ | |||
| @@ -101,10 +102,19 @@ class ChangePasswordController extends Controller { | |||
| ]); | |||
| } | |||
| /** @var IUser $user */ | |||
| if ($newpassword === null || $user->setPassword($newpassword) === false) { | |||
| try { | |||
| if ($newpassword === null || $user->setPassword($newpassword) === false) { | |||
| return new JSONResponse([ | |||
| 'status' => 'error' | |||
| ]); | |||
| } | |||
| // password policy app throws exception | |||
| } catch(HintException $e) { | |||
| return new JSONResponse([ | |||
| 'status' => 'error' | |||
| 'status' => 'error', | |||
| 'data' => [ | |||
| 'message' => $e->getHint(), | |||
| ], | |||
| ]); | |||
| } | |||
| @@ -216,7 +226,17 @@ class ChangePasswordController extends Controller { | |||
| ] | |||
| ]); | |||
| } else { // now we know that everything is fine regarding the recovery password, let's try to change the password | |||
| $result = $targetUser->setPassword($password, $recoveryPassword); | |||
| try { | |||
| $result = $targetUser->setPassword($password, $recoveryPassword); | |||
| // password policy app throws exception | |||
| } catch(HintException $e) { | |||
| return new JSONResponse([ | |||
| 'status' => 'error', | |||
| 'data' => [ | |||
| 'message' => $e->getHint(), | |||
| ], | |||
| ]); | |||
| } | |||
| if (!$result && $recoveryEnabledForUser) { | |||
| return new JSONResponse([ | |||
| 'status' => 'error', | |||
+ 25
- 0
tests/Core/Controller/ChangePasswordControllerTest.php
View File
| @@ -21,6 +21,7 @@ | |||
| */ | |||
| namespace Tests\Core\Controller; | |||
| use OC\HintException; | |||
| use OC\Settings\Controller\ChangePasswordController; | |||
| use OC\User\Session; | |||
| use OCP\App\IAppManager; | |||
| @@ -94,6 +95,30 @@ class ChangePasswordControllerTest extends \Test\TestCase { | |||
| $this->assertEquals($expects, $res->getData()); | |||
| } | |||
| public function testChangePersonalPasswordCommonPassword() { | |||
| $user = $this->getMockBuilder('OCP\IUser')->getMock(); | |||
| $this->userManager->expects($this->once()) | |||
| ->method('checkPassword') | |||
| ->with($this->userId, 'old') | |||
| ->willReturn($user); | |||
| $user->expects($this->once()) | |||
| ->method('setPassword') | |||
| ->with('new') | |||
| ->will($this->throwException(new HintException('Common password'))); | |||
| $expects = [ | |||
| 'status' => 'error', | |||
| 'data' => [ | |||
| 'message' => 'Common password', | |||
| ], | |||
| ]; | |||
| $res = $this->controller->changePersonalPassword('old', 'new'); | |||
| $this->assertEquals($expects, $res->getData()); | |||
| } | |||
| public function testChangePersonalPasswordNoNewPassword() { | |||
| $user = $this->getMockBuilder('OCP\IUser')->getMock(); | |||
| $this->userManager->expects($this->once()) | |||
Loading…