2 files changed, 49 insertions, 4 deletions

diff --git a/settings/Controller/ChangePasswordController.php b/settings/Controller/ChangePasswordController.php
index df170b62f1a..f709a8dd431 100644
--- a/settings/Controller/ChangePasswordController.php
+++ b/settings/Controller/ChangePasswordController.php
@@ -91,6 +91,7 @@ class ChangePasswordController extends Controller {
 	 * @return JSONResponse
 	 */
 	public function changePersonalPassword($oldpassword = '', $newpassword = null) {
+		/** @var IUser $user */
 		$user = $this->userManager->checkPassword($this->userId, $oldpassword);
 		if ($user === false) {
 			return new JSONResponse([
@@ -101,10 +102,19 @@ class ChangePasswordController extends Controller {
 			]);
 		}
 
-		/** @var IUser $user */
-		if ($newpassword === null || $user->setPassword($newpassword) === false) {
+		try {
+			if ($newpassword === null || $user->setPassword($newpassword) === false) {
+				return new JSONResponse([
+					'status' => 'error'
+				]);
+			}
+		// password policy app throws exception
+		} catch(HintException $e) {
 			return new JSONResponse([
-				'status' => 'error'
+				'status' => 'error',
+				'data' => [
+					'message' => $e->getHint(),
+				],
 			]);
 		}
 
@@ -216,7 +226,17 @@ class ChangePasswordController extends Controller {
 					]
 				]);
 			} else { // now we know that everything is fine regarding the recovery password, let's try to change the password
-				$result = $targetUser->setPassword($password, $recoveryPassword);
+				try {
+					$result = $targetUser->setPassword($password, $recoveryPassword);
+				// password policy app throws exception
+				} catch(HintException $e) {
+					return new JSONResponse([
+						'status' => 'error',
+						'data' => [
+							'message' => $e->getHint(),
+						],
+					]);
+				}
 				if (!$result && $recoveryEnabledForUser) {
 					return new JSONResponse([
 						'status' => 'error',
diff --git a/tests/Core/Controller/ChangePasswordControllerTest.php b/tests/Core/Controller/ChangePasswordControllerTest.php
index 8dd4ca8db95..869ef98b514 100644
--- a/tests/Core/Controller/ChangePasswordControllerTest.php
+++ b/tests/Core/Controller/ChangePasswordControllerTest.php
@@ -21,6 +21,7 @@
  */
 namespace Tests\Core\Controller;
 
+use OC\HintException;
 use OC\Settings\Controller\ChangePasswordController;
 use OC\User\Session;
 use OCP\App\IAppManager;
@@ -94,6 +95,30 @@ class ChangePasswordControllerTest extends \Test\TestCase {
 		$this->assertEquals($expects, $res->getData());
 	}
 
+	public function testChangePersonalPasswordCommonPassword() {
+		$user = $this->getMockBuilder('OCP\IUser')->getMock();
+		$this->userManager->expects($this->once())
+			->method('checkPassword')
+			->with($this->userId, 'old')
+			->willReturn($user);
+
+		$user->expects($this->once())
+			->method('setPassword')
+			->with('new')
+			->will($this->throwException(new HintException('Common password')));
+
+		$expects = [
+			'status' => 'error',
+			'data' => [
+				'message' => 'Common password',
+			],
+		];
+
+		$res = $this->controller->changePersonalPassword('old', 'new');
+
+		$this->assertEquals($expects, $res->getData());
+	}
+
 	public function testChangePersonalPasswordNoNewPassword() {
 		$user = $this->getMockBuilder('OCP\IUser')->getMock();
 		$this->userManager->expects($this->once())