diff options
| author | Pytal <24800714+Pytal@users.noreply.github.com> | 2021-09-14 18:29:10 -0700 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2021-09-14 18:29:10 -0700 |
| commit | 3a94d7c2eae160662f134530bfc791cb6e7c35e4 (patch) | |
| tree | defe70b6b078a1e9e270e911b95696b6e5270bbe /core/Controller | |
| parent | db00014e6e7abcb7710468011186cd3a45c9c3e8 (diff) | |
| parent | a843d3c5db44e1c5646980f7f7d6442f4c7dcce9 (diff) | |
| download | nextcloud-server-3a94d7c2eae160662f134530bfc791cb6e7c35e4.tar.gz nextcloud-server-3a94d7c2eae160662f134530bfc791cb6e7c35e4.zip | |
Merge pull request #28794 from nextcloud/fix/noid/guest-activation-pwd-reset-disabled
allow using of disabled password reset mechanism for special cases
Diffstat (limited to 'core/Controller')
| -rw-r--r-- | core/Controller/LostController.php | 32 |
1 files changed, 15 insertions, 17 deletions
diff --git a/core/Controller/LostController.php b/core/Controller/LostController.php index a8c459a32e1..87a629b9ee8 100644 --- a/core/Controller/LostController.php +++ b/core/Controller/LostController.php @@ -134,22 +134,24 @@ class LostController extends Controller { * @return TemplateResponse */ public function resetform($token, $userId) { - if ($this->config->getSystemValue('lost_password_link', '') !== '') { - return new TemplateResponse('core', 'error', [ - 'errors' => [['error' => $this->l10n->t('Password reset is disabled')]] - ], - 'guest' - ); - } - try { $this->checkPasswordResetToken($token, $userId); } catch (\Exception $e) { - return new TemplateResponse( - 'core', 'error', [ - "errors" => [["error" => $e->getMessage()]] - ], - 'guest' + if ($this->config->getSystemValue('lost_password_link', '') !== 'disabled' + || ($e instanceof InvalidTokenException + && !in_array($e->getCode(), [InvalidTokenException::TOKEN_NOT_FOUND, InvalidTokenException::USER_UNKNOWN])) + ) { + return new TemplateResponse( + 'core', 'error', [ + "errors" => [["error" => $e->getMessage()]] + ], + TemplateResponse::RENDER_AS_GUEST + ); + } + return new TemplateResponse('core', 'error', [ + 'errors' => [['error' => $this->l10n->t('Password reset is disabled')]] + ], + TemplateResponse::RENDER_AS_GUEST ); } $this->initialStateService->provideInitialState('core', 'resetPasswordUser', $userId); @@ -242,10 +244,6 @@ class LostController extends Controller { * @return array */ public function setPassword($token, $userId, $password, $proceed) { - if ($this->config->getSystemValue('lost_password_link', '') !== '') { - return $this->error($this->l10n->t('Password reset is disabled')); - } - if ($this->encryptionManager->isEnabled() && !$proceed) { $encryptionModules = $this->encryptionManager->getEncryptionModules(); foreach ($encryptionModules as $module) { |