diff options
| author | Joas Schilling <coding@schilljs.com> | 2016-10-06 13:26:16 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2016-10-06 13:26:16 +0200 |
| commit | 4873f0800beb13204648267744e1b6a02abea18c (patch) | |
| tree | da58ea75cfbd0c75ca77c3d7c89194a2c248ccf4 /settings | |
| parent | 8231b4a2255bed7e952442a433b996bea40f4586 (diff) | |
| parent | c84dc6aa1c523e8125ff6194ae944a465ebcd78b (diff) | |
| download | nextcloud-server-4873f0800beb13204648267744e1b6a02abea18c.tar.gz nextcloud-server-4873f0800beb13204648267744e1b6a02abea18c.zip | |
Merge pull request #1634 from nextcloud/fix-password-policy-hint
Properly catch password policy hint for personal page password changes
Diffstat (limited to 'settings')
| -rw-r--r-- | settings/Controller/ChangePasswordController.php | 28 |
1 files changed, 24 insertions, 4 deletions
diff --git a/settings/Controller/ChangePasswordController.php b/settings/Controller/ChangePasswordController.php index df170b62f1a..f709a8dd431 100644 --- a/settings/Controller/ChangePasswordController.php +++ b/settings/Controller/ChangePasswordController.php @@ -91,6 +91,7 @@ class ChangePasswordController extends Controller { * @return JSONResponse */ public function changePersonalPassword($oldpassword = '', $newpassword = null) { + /** @var IUser $user */ $user = $this->userManager->checkPassword($this->userId, $oldpassword); if ($user === false) { return new JSONResponse([ @@ -101,10 +102,19 @@ class ChangePasswordController extends Controller { ]); } - /** @var IUser $user */ - if ($newpassword === null || $user->setPassword($newpassword) === false) { + try { + if ($newpassword === null || $user->setPassword($newpassword) === false) { + return new JSONResponse([ + 'status' => 'error' + ]); + } + // password policy app throws exception + } catch(HintException $e) { return new JSONResponse([ - 'status' => 'error' + 'status' => 'error', + 'data' => [ + 'message' => $e->getHint(), + ], ]); } @@ -216,7 +226,17 @@ class ChangePasswordController extends Controller { ] ]); } else { // now we know that everything is fine regarding the recovery password, let's try to change the password - $result = $targetUser->setPassword($password, $recoveryPassword); + try { + $result = $targetUser->setPassword($password, $recoveryPassword); + // password policy app throws exception + } catch(HintException $e) { + return new JSONResponse([ + 'status' => 'error', + 'data' => [ + 'message' => $e->getHint(), + ], + ]); + } if (!$result && $recoveryEnabledForUser) { return new JSONResponse([ 'status' => 'error', |