aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--settings/ajax/disableapp.php7
-rw-r--r--settings/ajax/enableapp.php7
-rw-r--r--settings/ajax/installapp.php7
-rw-r--r--settings/ajax/uninstallapp.php7
-rw-r--r--settings/js/apps.js10
5 files changed, 38 insertions, 0 deletions
diff --git a/settings/ajax/disableapp.php b/settings/ajax/disableapp.php
index 1a000672e6e..8edd1c1453e 100644
--- a/settings/ajax/disableapp.php
+++ b/settings/ajax/disableapp.php
@@ -24,6 +24,13 @@
OCP\JSON::checkAdminUser();
OCP\JSON::callCheck();
+$lastConfirm = (int) \OC::$server->getSession()->get('last-password-confirm');
+if ($lastConfirm < (time() - 30 * 60 + 15)) { // allow 15 seconds delay
+ $l = \OC::$server->getL10N('core');
+ OC_JSON::error(array( 'data' => array( 'message' => $l->t('Password confirmation is required'))));
+ exit();
+}
+
if (!array_key_exists('appid', $_POST)) {
OC_JSON::error();
exit;
diff --git a/settings/ajax/enableapp.php b/settings/ajax/enableapp.php
index cf1b7f29db5..b6d62671a63 100644
--- a/settings/ajax/enableapp.php
+++ b/settings/ajax/enableapp.php
@@ -28,6 +28,13 @@
OC_JSON::checkAdminUser();
OCP\JSON::callCheck();
+$lastConfirm = (int) \OC::$server->getSession()->get('last-password-confirm');
+if ($lastConfirm < (time() - 30 * 60 + 15)) { // allow 15 seconds delay
+ $l = \OC::$server->getL10N('core');
+ OC_JSON::error(array( 'data' => array( 'message' => $l->t('Password confirmation is required'))));
+ exit();
+}
+
$groups = isset($_POST['groups']) ? (array)$_POST['groups'] : null;
try {
diff --git a/settings/ajax/installapp.php b/settings/ajax/installapp.php
index 75f3fea83b7..17e5eadf50e 100644
--- a/settings/ajax/installapp.php
+++ b/settings/ajax/installapp.php
@@ -24,6 +24,13 @@
OCP\JSON::checkAdminUser();
OCP\JSON::callCheck();
+$lastConfirm = (int) \OC::$server->getSession()->get('last-password-confirm');
+if ($lastConfirm < (time() - 30 * 60 + 15)) { // allow 15 seconds delay
+ $l = \OC::$server->getL10N('core');
+ OC_JSON::error(array( 'data' => array( 'message' => $l->t('Password confirmation is required'))));
+ exit();
+}
+
if (!array_key_exists('appid', $_POST)) {
OC_JSON::error();
exit;
diff --git a/settings/ajax/uninstallapp.php b/settings/ajax/uninstallapp.php
index be8196f4b33..0e68a893ef4 100644
--- a/settings/ajax/uninstallapp.php
+++ b/settings/ajax/uninstallapp.php
@@ -24,6 +24,13 @@
OCP\JSON::checkAdminUser();
OCP\JSON::callCheck();
+$lastConfirm = (int) \OC::$server->getSession()->get('last-password-confirm');
+if ($lastConfirm < (time() - 30 * 60 + 15)) { // allow 15 seconds delay
+ $l = \OC::$server->getL10N('core');
+ OC_JSON::error(array( 'data' => array( 'message' => $l->t('Password confirmation is required'))));
+ exit();
+}
+
if (!array_key_exists('appid', $_POST)) {
OC_JSON::error();
exit;
diff --git a/settings/js/apps.js b/settings/js/apps.js
index b52fb3d11ab..de35cd53672 100644
--- a/settings/js/apps.js
+++ b/settings/js/apps.js
@@ -262,6 +262,11 @@ OC.Settings.Apps = OC.Settings.Apps || {
},
enableApp:function(appId, active, element, groups) {
+ if (OC.PasswordConfirmation.requiresPasswordConfirmation()) {
+ OC.PasswordConfirmation.requirePasswordConfirmation(_.bind(this.enableApp, this, appId, active, element, groups));
+ return;
+ }
+
var self = this;
OC.Settings.Apps.hideErrorMessage(appId);
groups = groups || [];
@@ -402,6 +407,11 @@ OC.Settings.Apps = OC.Settings.Apps || {
},
uninstallApp:function(appId, element) {
+ if (OC.PasswordConfirmation.requiresPasswordConfirmation()) {
+ OC.PasswordConfirmation.requirePasswordConfirmation(_.bind(this.uninstallApp, this, appId, element));
+ return;
+ }
+
OC.Settings.Apps.hideErrorMessage(appId);
element.val(t('settings','Uninstalling ....'));
$.post(OC.filePath('settings','ajax','uninstallapp.php'),{appid:appId},function(result) {
generated by cgit v1.2.3 (git 2.39.1) at 2025-01-02 16:32:12 +0000