summaryrefslogtreecommitdiffstats
path: root/settings
diff options
context:
space:
mode:
Diffstat (limited to 'settings')
-rw-r--r--settings/Controller/UsersController.php68
-rw-r--r--settings/package-lock.json77
-rw-r--r--settings/package.json2
3 files changed, 88 insertions, 59 deletions
diff --git a/settings/Controller/UsersController.php b/settings/Controller/UsersController.php
index 12c3e47dfea..55ef267d8b7 100644
--- a/settings/Controller/UsersController.php
+++ b/settings/Controller/UsersController.php
@@ -41,6 +41,7 @@ namespace OC\Settings\Controller;
use OC\Accounts\AccountManager;
use OC\AppFramework\Http;
+use OC\Encryption\Exceptions\ModuleDoesNotExistsException;
use OC\ForbiddenException;
use OC\Security\IdentityProof\Manager;
use OCA\User_LDAP\User_Proxy;
@@ -128,9 +129,9 @@ class UsersController extends Controller {
/**
* @NoCSRFRequired
* @NoAdminRequired
- *
+ *
* Display users list template
- *
+ *
* @return TemplateResponse
*/
public function usersListByGroup() {
@@ -140,9 +141,9 @@ class UsersController extends Controller {
/**
* @NoCSRFRequired
* @NoAdminRequired
- *
+ *
* Display users list template
- *
+ *
* @return TemplateResponse
*/
public function usersList() {
@@ -150,7 +151,7 @@ class UsersController extends Controller {
$uid = $user->getUID();
\OC::$server->getNavigationManager()->setActiveEntry('core_users');
-
+
/* SORT OPTION: SORT_USERCOUNT or SORT_GROUPNAME */
$sortGroupsBy = \OC\Group\MetaData::SORT_USERCOUNT;
$isLDAPUsed = false;
@@ -166,22 +167,17 @@ class UsersController extends Controller {
}
}
}
-
- /* ENCRYPTION CONFIG */
- $isEncryptionEnabled = $this->encryptionManager->isEnabled();
- $useMasterKey = $this->config->getAppValue('encryption', 'useMasterKey', true);
- // If masterKey enabled, then you can change password. This is to avoid data loss!
- $canChangePassword = ($isEncryptionEnabled && $useMasterKey) || $useMasterKey;
-
-
- /* GROUPS */
+
+ $canChangePassword = $this->canAdminChangeUserPasswords();
+
+ /* GROUPS */
$groupsInfo = new \OC\Group\MetaData(
$uid,
$this->isAdmin,
$this->groupManager,
$this->userSession
);
-
+
$groupsInfo->setSorting($sortGroupsBy);
list($adminGroup, $groups) = $groupsInfo->get();
@@ -190,7 +186,7 @@ class UsersController extends Controller {
return $ldapFound || $backend instanceof User_Proxy;
});
}
-
+
if ($this->isAdmin) {
$disabledUsers = $isLDAPUsed ? -1 : $this->userManager->countDisabledUsers();
$userCount = $isLDAPUsed ? 0 : array_reduce($this->userManager->countUsers(), function($v, $w) {
@@ -221,7 +217,7 @@ class UsersController extends Controller {
'name' => 'Disabled users',
'usercount' => $disabledUsers
];
-
+
/* QUOTAS PRESETS */
$quotaPreset = $this->config->getAppValue('files', 'quota_preset', '1 GB, 5 GB, 10 GB');
$quotaPreset = explode(',', $quotaPreset);
@@ -230,12 +226,12 @@ class UsersController extends Controller {
}
$quotaPreset = array_diff($quotaPreset, array('default', 'none'));
$defaultQuota = $this->config->getAppValue('files', 'default_quota', 'none');
-
+
\OC::$server->getEventDispatcher()->dispatch('OC\Settings\Users::loadAdditionalScripts');
-
+
/* LANGUAGES */
$languages = $this->l10nFactory->getLanguages();
-
+
/* FINAL DATA */
$serverData = array();
// groups
@@ -255,6 +251,38 @@ class UsersController extends Controller {
}
/**
+ * check if the admin can change the users password
+ *
+ * The admin can change the passwords if:
+ *
+ * - no encryption module is loaded and encryption is disabled
+ * - encryption module is loaded but it doesn't require per user keys
+ *
+ * The admin can not change the passwords if:
+ *
+ * - an encryption module is loaded and it uses per-user keys
+ * - encryption is enabled but no encryption modules are loaded
+ *
+ * @return bool
+ */
+ protected function canAdminChangeUserPasswords() {
+ $isEncryptionEnabled = $this->encryptionManager->isEnabled();
+ try {
+ $noUserSpecificEncryptionKeys =!$this->encryptionManager->getEncryptionModule()->needDetailedAccessList();
+ $isEncryptionModuleLoaded = true;
+ } catch (ModuleDoesNotExistsException $e) {
+ $noUserSpecificEncryptionKeys = true;
+ $isEncryptionModuleLoaded = false;
+ }
+
+ $canChangePassword = ($isEncryptionEnabled && $isEncryptionModuleLoaded && $noUserSpecificEncryptionKeys)
+ || (!$isEncryptionEnabled && !$isEncryptionModuleLoaded)
+ || (!$isEncryptionEnabled && $isEncryptionModuleLoaded && $noUserSpecificEncryptionKeys);
+
+ return $canChangePassword;
+ }
+
+ /**
* @NoAdminRequired
* @NoSubadminRequired
* @PasswordConfirmationRequired
diff --git a/settings/package-lock.json b/settings/package-lock.json
index ba074d47360..0753dd3ccd6 100644
--- a/settings/package-lock.json
+++ b/settings/package-lock.json
@@ -1528,12 +1528,12 @@
}
},
"babel-loader": {
- "version": "8.0.4",
- "resolved": "https://registry.npmjs.org/babel-loader/-/babel-loader-8.0.4.tgz",
- "integrity": "sha512-fhBhNkUToJcW9nV46v8w87AJOwAJDz84c1CL57n3Stj73FANM/b9TbCUK4YhdOwEyZ+OxhYpdeZDNzSI29Firw==",
+ "version": "8.0.5",
+ "resolved": "https://registry.npmjs.org/babel-loader/-/babel-loader-8.0.5.tgz",
+ "integrity": "sha512-NTnHnVRd2JnRqPC0vW+iOQWU5pchDbYXsG2E6DMXEpMfUcQKclF9gmf3G3ZMhzG7IG9ji4coL0cm+FxeWxDpnw==",
"dev": true,
"requires": {
- "find-cache-dir": "^1.0.0",
+ "find-cache-dir": "^2.0.0",
"loader-utils": "^1.0.2",
"mkdirp": "^0.5.1",
"util.promisify": "^1.0.0"
@@ -2708,16 +2708,17 @@
}
},
"es-abstract": {
- "version": "1.12.0",
- "resolved": "https://registry.npmjs.org/es-abstract/-/es-abstract-1.12.0.tgz",
- "integrity": "sha512-C8Fx/0jFmV5IPoMOFPA9P9G5NtqW+4cOPit3MIuvR2t7Ag2K15EJTpxnHAYTzL+aYQJIESYeXZmDBfOBE1HcpA==",
+ "version": "1.13.0",
+ "resolved": "https://registry.npmjs.org/es-abstract/-/es-abstract-1.13.0.tgz",
+ "integrity": "sha512-vDZfg/ykNxQVwup/8E1BZhVzFfBxs9NqMzGcvIJrqg5k2/5Za2bWo40dK2J1pgLngZ7c+Shh8lwYtLGyrwPutg==",
"dev": true,
"requires": {
- "es-to-primitive": "^1.1.1",
+ "es-to-primitive": "^1.2.0",
"function-bind": "^1.1.1",
- "has": "^1.0.1",
- "is-callable": "^1.1.3",
- "is-regex": "^1.0.4"
+ "has": "^1.0.3",
+ "is-callable": "^1.1.4",
+ "is-regex": "^1.0.4",
+ "object-keys": "^1.0.12"
}
},
"es-to-primitive": {
@@ -3046,23 +3047,23 @@
}
},
"find-cache-dir": {
- "version": "1.0.0",
- "resolved": "https://registry.npmjs.org/find-cache-dir/-/find-cache-dir-1.0.0.tgz",
- "integrity": "sha1-kojj6ePMN0hxfTnq3hfPcfww7m8=",
+ "version": "2.0.0",
+ "resolved": "https://registry.npmjs.org/find-cache-dir/-/find-cache-dir-2.0.0.tgz",
+ "integrity": "sha512-LDUY6V1Xs5eFskUVYtIwatojt6+9xC9Chnlk/jYOOvn3FAFfSaWddxahDGyNHh0b2dMXa6YW2m0tk8TdVaXHlA==",
"dev": true,
"requires": {
"commondir": "^1.0.1",
"make-dir": "^1.0.0",
- "pkg-dir": "^2.0.0"
+ "pkg-dir": "^3.0.0"
}
},
"find-up": {
- "version": "2.1.0",
- "resolved": "https://registry.npmjs.org/find-up/-/find-up-2.1.0.tgz",
- "integrity": "sha1-RdG35QbHF93UgndaK3eSCjwMV6c=",
+ "version": "3.0.0",
+ "resolved": "https://registry.npmjs.org/find-up/-/find-up-3.0.0.tgz",
+ "integrity": "sha512-1yD6RmLI1XBfxugvORwlck6f75tYL+iR0jqwsOrOxMZyGYqUuDhJ0l4AXdO1iX/FTs9cBAMEk1gWSEx1kSbylg==",
"dev": true,
"requires": {
- "locate-path": "^2.0.0"
+ "locate-path": "^3.0.0"
}
},
"findup-sync": {
@@ -4720,12 +4721,12 @@
}
},
"locate-path": {
- "version": "2.0.0",
- "resolved": "https://registry.npmjs.org/locate-path/-/locate-path-2.0.0.tgz",
- "integrity": "sha1-K1aLJl7slExtnA3pw9u7ygNUzY4=",
+ "version": "3.0.0",
+ "resolved": "https://registry.npmjs.org/locate-path/-/locate-path-3.0.0.tgz",
+ "integrity": "sha512-7AO748wWnIhNqAuaty2ZWHkQHRSNfPVIsPIfwEOWO22AmaoVrWavlOcMR5nzTLNYvp36X220/maaRsrec1G65A==",
"dev": true,
"requires": {
- "p-locate": "^2.0.0",
+ "p-locate": "^3.0.0",
"path-exists": "^3.0.0"
}
},
@@ -5530,27 +5531,27 @@
"dev": true
},
"p-limit": {
- "version": "1.2.0",
- "resolved": "https://registry.npmjs.org/p-limit/-/p-limit-1.2.0.tgz",
- "integrity": "sha512-Y/OtIaXtUPr4/YpMv1pCL5L5ed0rumAaAeBSj12F+bSlMdys7i8oQF/GUJmfpTS/QoaRrS/k6pma29haJpsMng==",
+ "version": "2.1.0",
+ "resolved": "https://registry.npmjs.org/p-limit/-/p-limit-2.1.0.tgz",
+ "integrity": "sha512-NhURkNcrVB+8hNfLuysU8enY5xn2KXphsHBaC2YmRNTZRc7RWusw6apSpdEj3jo4CMb6W9nrF6tTnsJsJeyu6g==",
"dev": true,
"requires": {
- "p-try": "^1.0.0"
+ "p-try": "^2.0.0"
}
},
"p-locate": {
- "version": "2.0.0",
- "resolved": "https://registry.npmjs.org/p-locate/-/p-locate-2.0.0.tgz",
- "integrity": "sha1-IKAQOyIqcMj9OcwuWAaA893l7EM=",
+ "version": "3.0.0",
+ "resolved": "https://registry.npmjs.org/p-locate/-/p-locate-3.0.0.tgz",
+ "integrity": "sha512-x+12w/To+4GFfgJhBEpiDcLozRJGegY+Ei7/z0tSLkMmxGZNybVMSfWj9aJn8Z5Fc7dBUNJOOVgPv2H7IwulSQ==",
"dev": true,
"requires": {
- "p-limit": "^1.1.0"
+ "p-limit": "^2.0.0"
}
},
"p-try": {
- "version": "1.0.0",
- "resolved": "https://registry.npmjs.org/p-try/-/p-try-1.0.0.tgz",
- "integrity": "sha1-y8ec26+P1CKOE/Yh8rGiN8GyB7M=",
+ "version": "2.0.0",
+ "resolved": "https://registry.npmjs.org/p-try/-/p-try-2.0.0.tgz",
+ "integrity": "sha512-hMp0onDKIajHfIkdRk3P4CdCmErkYAxxDtP3Wx/4nZ3aGlau2VKh3mZpcuFkH27WQkL/3WBCPOktzA9ZOAnMQQ==",
"dev": true
},
"pako": {
@@ -5700,12 +5701,12 @@
}
},
"pkg-dir": {
- "version": "2.0.0",
- "resolved": "https://registry.npmjs.org/pkg-dir/-/pkg-dir-2.0.0.tgz",
- "integrity": "sha1-9tXREJ4Z1j7fQo4L1X4Sd3YVM0s=",
+ "version": "3.0.0",
+ "resolved": "https://registry.npmjs.org/pkg-dir/-/pkg-dir-3.0.0.tgz",
+ "integrity": "sha512-/E57AYkoeQ25qkxMj5PBOVgF8Kiu/h7cYS30Z5+R7WaiCCBfLq58ZI/dSeaEKb9WVJV5n/03QwrN3IeWIFllvw==",
"dev": true,
"requires": {
- "find-up": "^2.1.0"
+ "find-up": "^3.0.0"
}
},
"popper.js": {
diff --git a/settings/package.json b/settings/package.json
index 924f7d2a2ba..609fe660370 100644
--- a/settings/package.json
+++ b/settings/package.json
@@ -34,7 +34,7 @@
"@babel/core": "^7.2.2",
"@babel/plugin-syntax-dynamic-import": "^7.2.0",
"@babel/preset-env": "^7.2.3",
- "babel-loader": "^8.0.4",
+ "babel-loader": "^8.0.5",
"css-loader": "^2.1.0",
"file-loader": "^3.0.1",
"node-sass": "^4.11.0",
generated by cgit v1.2.3 (git 2.39.1) at 2025-01-14 19:36:59 +0000