From 9d1e60325c6f478484ff8f70ff3cd13d9d7d4913 Mon Sep 17 00:00:00 2001
From: Björn Schießle <schiessle@owncloud.com>
Date: Thu, 16 May 2013 14:53:04 +0200
Subject: allow admin to recover users files in case of password lost

---
 settings/ajax/changepassword.php | 5 +++--
 settings/css/settings.css        | 2 ++
 settings/js/users.js             | 4 +++-
 settings/templates/personal.php  | 2 +-
 settings/templates/users.php     | 5 +++++
 settings/users.php               | 3 +++
 6 files changed, 17 insertions(+), 4 deletions(-)

(limited to 'settings')

diff --git a/settings/ajax/changepassword.php b/settings/ajax/changepassword.php
index 4f16bff63d5..fe63f27a6e2 100644
--- a/settings/ajax/changepassword.php
+++ b/settings/ajax/changepassword.php
@@ -8,8 +8,9 @@ OC_JSON::checkLoggedIn();
 OC_APP::loadApps();
 
 $username = isset($_POST["username"]) ? $_POST["username"] : OC_User::getUser();
-$password = isset($_POST["newpassword"]) ? $_POST["newpassword"] : null;
+$password = isset($_POST["password"]) ? $_POST["password"] : null;
 $oldPassword=isset($_POST["oldpassword"])?$_POST["oldpassword"]:'';
+$recoveryPassword=isset($_POST["recoveryPassword"])?$_POST["recoveryPassword"]:null;
 
 $userstatus = null;
 if(OC_User::isAdminUser(OC_User::getUser())) {
@@ -28,7 +29,7 @@ if(is_null($userstatus)) {
 }
 
 // Return Success story
-if(!is_null($password) && OC_User::setPassword( $username, $password )) {
+if(!is_null($password) && OC_User::setPassword( $username, $password, $recoveryPassword )) {
 	OC_JSON::success(array("data" => array( "username" => $username )));
 }
 else{
diff --git a/settings/css/settings.css b/settings/css/settings.css
index 46a0bbe7c32..950e8929012 100644
--- a/settings/css/settings.css
+++ b/settings/css/settings.css
@@ -45,6 +45,8 @@ table:not(.nostyle) { width:100%; }
 #rightcontent { padding-left: 1em; }
 div.quota { float:right; display:block; position:absolute; right:25em; top:-1px; }
 div.quota-select-wrapper { position: relative; }
+div.recoveryPassword { left:50em; display:block; position:absolute; top:-1px; }
+input#recoveryPassword {width:15em;}
 select.quota { position:absolute; left:0; top:0; width:10em; }
 select.quota-user { position:relative; left:0; top:0; width:10em; }
 div.quota>span { position:absolute; right:0; white-space:nowrap; top:.7em; color:#888; text-shadow:0 1px 0 #fff; }
diff --git a/settings/js/users.js b/settings/js/users.js
index 690c9ad0464..9bd7f31f0b2 100644
--- a/settings/js/users.js
+++ b/settings/js/users.js
@@ -351,9 +351,11 @@ $(document).ready(function () {
 		input.keypress(function (event) {
 			if (event.keyCode == 13) {
 				if ($(this).val().length > 0) {
+		var recoveryPasswordVal = $('input:password[id="recoveryPassword"]').val();
+		console.log("RECOVERY PASSWD: " + recoveryPasswordVal);
 					$.post(
 						OC.filePath('settings', 'ajax', 'changepassword.php'),
-						{username: uid, password: $(this).val()},
+						{username: uid, password: $(this).val(), recoveryPassword: recoveryPasswordVal},
 						function (result) {
 						}
 					);
diff --git a/settings/templates/personal.php b/settings/templates/personal.php
index cfb45e99c4d..da812e8ed9a 100644
--- a/settings/templates/personal.php
+++ b/settings/templates/personal.php
@@ -38,7 +38,7 @@ if($_['passwordChangeSupported']) {
 		<div id="passwordchanged"><?php echo $l->t('Your password was changed');?></div>
 		<div id="passworderror"><?php echo $l->t('Unable to change your password');?></div>
 		<input type="password" id="pass1" name="oldpassword" placeholder="<?php echo $l->t('Current password');?>" />
-		<input type="password" id="pass2" name="newpassword"
+		<input type="password" id="pass2" name="password"
 			placeholder="<?php echo $l->t('New password');?>" data-typetoggle="#personal-show" />
 		<input type="checkbox" id="personal-show" name="show" /><label for="personal-show"></label>
 		<input id="passwordbutton" type="submit" value="<?php echo $l->t('Change password');?>" />
diff --git a/settings/templates/users.php b/settings/templates/users.php
index e86dd46efbe..a6df85983dd 100644
--- a/settings/templates/users.php
+++ b/settings/templates/users.php
@@ -29,6 +29,11 @@ $_['subadmingroups'] = array_flip($items);
 			<?php endforeach;?>
 		</select> <input type="submit" value="<?php p($l->t('Create'))?>" />
 	</form>
+	<?php if((bool)$_['recoveryAdminEnabled']): ?>
+	<div class="recoveryPassword">
+	<input id="recoveryPassword" type="password" placeholder="<?php p($l->t('Admin Recovery Password'))?>" />
+	</div>
+	<?php endif; ?>
 	<div class="quota">
 		<span><?php p($l->t('Default Storage'));?></span>
 			<?php if((bool) $_['isadmin']): ?>
diff --git a/settings/users.php b/settings/users.php
index 94e6d0a9a10..e5c8a7aaa8d 100644
--- a/settings/users.php
+++ b/settings/users.php
@@ -20,6 +20,8 @@ $users = array();
 $groups = array();
 
 $isadmin = OC_User::isAdminUser(OC_User::getUser());
+$recoveryAdminEnabled = OC_App::isEnabled('files_encryption') &&
+					    OC_Appconfig::getValue( 'files_encryption', 'recoveryAdminEnabled' );
 
 if($isadmin) {
 	$accessiblegroups = OC_Group::getGroups();
@@ -77,4 +79,5 @@ $tmpl->assign( 'numofgroups', count($accessiblegroups));
 $tmpl->assign( 'quota_preset', $quotaPreset);
 $tmpl->assign( 'default_quota', $defaultQuota);
 $tmpl->assign( 'defaultQuotaIsUserDefined', $defaultQuotaIsUserDefined);
+$tmpl->assign( 'recoveryAdminEnabled', $recoveryAdminEnabled);
 $tmpl->printPage();
-- 
cgit v1.2.3