diff options
| author | Björn Schießle <schiessle@owncloud.com> | 2013-06-06 13:32:02 +0200 |
|---|---|---|
| committer | Björn Schießle <schiessle@owncloud.com> | 2013-06-06 13:32:02 +0200 |
| commit | d7a9852f7b1ea7999f730fde8bd9816da68dad8b (patch) | |
| tree | 6bbddd3187666e93fbb6e4e3ef9aadb9da46d51e /settings/ajax | |
| parent | fdaab7372ede9f09905a94e574a6b91beb2314ea (diff) | |
| download | nextcloud-server-d7a9852f7b1ea7999f730fde8bd9816da68dad8b.tar.gz nextcloud-server-d7a9852f7b1ea7999f730fde8bd9816da68dad8b.zip | |
use pre_setPassword hook to update the encryption keys if the back-end doesn't support password change; improved output to let the admin know what happened
Diffstat (limited to 'settings/ajax')
| -rw-r--r-- | settings/ajax/changepassword.php | 30 |
1 files changed, 21 insertions, 9 deletions
diff --git a/settings/ajax/changepassword.php b/settings/ajax/changepassword.php index cb66c57c743..30877810550 100644 --- a/settings/ajax/changepassword.php +++ b/settings/ajax/changepassword.php @@ -28,17 +28,29 @@ if(is_null($userstatus)) { exit(); } -$util = new \OCA\Encryption\Util(new \OC_FilesystemView('/'), $username); $recoveryAdminEnabled = OC_Appconfig::getValue( 'files_encryption', 'recoveryAdminEnabled' ); -$recoveryEnabledForUser = $util->recoveryEnabledForUser(); -if ($recoveryAdminEnabled && $recoveryEnabledForUser && $recoveryPassword == '') { + +$validRecoveryPassword = false; +$recoveryPasswordSupported = false; + +if ($recoveryAdminEnabled) { + $util = new \OCA\Encryption\Util(new \OC_FilesystemView('/'), $username); + $validRecoveryPassword = $util->checkRecoveryPassword($recoveryPassword); + $recoveryPasswordSupported = $util->recoveryEnabledForUser(); +} + +if ($recoveryPasswordSupported && $recoveryPassword == '') { OC_JSON::error(array("data" => array( "message" => "Please provide a admin recovery password, otherwise all user data will be lost" ))); -}elseif ( $recoveryPassword && ! $util->checkRecoveryPassword($recoveryPassword) ) { +} elseif ( $recoveryPasswordSupported && ! $validRecoveryPassword) { OC_JSON::error(array("data" => array( "message" => "Wrong admin recovery password. Please check the password and try again." ))); -}elseif(!is_null($password) && OC_User::setPassword( $username, $password, $recoveryPassword )) { - OC_JSON::success(array("data" => array( "username" => $username ))); -} -else{ - OC_JSON::error(array("data" => array( "message" => "Unable to change password" ))); +} else { // now we know that everything is file regarding the recovery password, let's try to change the password + $result = OC_User::setPassword($username, $password, $recoveryPassword); + if (!$result && $recoveryPasswordSupported) { + OC_JSON::error(array("data" => array( "message" => "Back-end doesn't support password change, but the users encryption key was successfully updated." ))); + } elseif (!$result && !$recoveryPasswordSupported) { + OC_JSON::error(array("data" => array( "message" => "Unable to change password" ))); + } else { + OC_JSON::success(array("data" => array( "username" => $username ))); + } } |