diff options
| author | Joas Schilling <coding@schilljs.com> | 2022-10-10 12:33:58 +0200 |
|---|---|---|
| committer | Joas Schilling <coding@schilljs.com> | 2022-10-10 12:33:58 +0200 |
| commit | ab055418c613cfc0781fa6addab81aa2ce181bde (patch) | |
| tree | 01fc3a175e2f8fa4874a31aab8da7755c956a043 /apps/provisioning_api | |
| parent | a02c8fe01dd954e9ec9771bf10470d1545b54bf0 (diff) | |
| download | nextcloud-server-ab055418c613cfc0781fa6addab81aa2ce181bde.tar.gz nextcloud-server-ab055418c613cfc0781fa6addab81aa2ce181bde.zip | |
Fix password length limitation
Signed-off-by: Joas Schilling <coding@schilljs.com>
Diffstat (limited to 'apps/provisioning_api')
| -rw-r--r-- | apps/provisioning_api/lib/Controller/UsersController.php | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/apps/provisioning_api/lib/Controller/UsersController.php b/apps/provisioning_api/lib/Controller/UsersController.php index e8b6fd0e8d9..0f9ffcbadf4 100644 --- a/apps/provisioning_api/lib/Controller/UsersController.php +++ b/apps/provisioning_api/lib/Controller/UsersController.php @@ -389,6 +389,9 @@ class UsersController extends AUserData { } $generatePasswordResetToken = false; + if (strlen($password) > 469) { + throw new OCSException('Invalid password value', 101); + } if ($password === '') { if ($email === '') { throw new OCSException('To send a password link to the user an email address is required.', 108); @@ -882,6 +885,9 @@ class UsersController extends AUserData { break; case self::USER_FIELD_PASSWORD: try { + if (strlen($value) > 469) { + throw new OCSException('Invalid password value', 102); + } if (!$targetUser->canChangePassword()) { throw new OCSException('Setting the password is not supported by the users backend', 103); } |