Refs #3080, added trusted host admin UI, display warning in login, normal & admin screens if hostname is not trusted, and make sure password reset is not possible if hostname is not trusted.

git-svn-id: http://dev.piwik.org/svn/trunk@7279 59fd770c-687e-43c8-a1e3-f5a4ff64c105

3 files changed, 26 insertions, 5 deletions

diff --git a/plugins/UsersManager/Controller.php b/plugins/UsersManager/Controller.php
index 577a626371..0ec2b7cf6f 100644
--- a/plugins/UsersManager/Controller.php
+++ b/plugins/UsersManager/Controller.php
@@ -292,6 +292,13 @@ class Piwik_UsersManager_Controller extends Piwik_Controller_Admin
 				$newPassword = $password;
 			}
 			
+			// UI disables password change on invalid host, but check here anyway
+			if (!Piwik_Url::isValidHost()
+				&& $newPassword !== false)
+			{
+				throw new Exception("Cannot change password with untrusted hostname!");
+			}
+			
 			$userLogin = Piwik::getCurrentUserLogin();
 			if(Piwik::isUserIsSuperUser())
 			{
diff --git a/plugins/UsersManager/templates/userSettings.js b/plugins/UsersManager/templates/userSettings.js
index 9d91c0a6c7..ff67961942 100644
--- a/plugins/UsersManager/templates/userSettings.js
+++ b/plugins/UsersManager/templates/userSettings.js
@@ -21,8 +21,8 @@ function getUserSettingsAJAX()
 	var ajaxRequest = piwikHelper.getStandardAjaxConf('ajaxLoadingUserSettings', 'ajaxErrorUserSettings', params);
 	var alias = encodeURIComponent( $('#alias').val() );
 	var email = encodeURIComponent( $('#email').val() );
-	var password = encodeURIComponent( $('#password').val() );
-	var passwordBis = encodeURIComponent( $('#passwordBis').val() );
+	var password = $('#password').val();
+	var passwordBis = $('#passwordBis').val();
 	var defaultReport = $('input[name=defaultReport]:checked').val();
 	if(defaultReport == 1) {
 		defaultReport = $('#sitesSelectionSearch .custom_select_main_link').attr('siteid');
@@ -33,8 +33,14 @@ function getUserSettingsAJAX()
 	request += '&format=json';
 	request += '&alias='+alias;
 	request += '&email='+email;
-	request += '&password='+password;
-	request += '&passwordBis='+passwordBis;
+	if (password)
+	{
+		request += '&password='+encodeURIComponent(password);
+	}
+	if (passwordBis)
+	{
+		request += '&passwordBis='+encodeURIComponent(passwordBis);
+	}
 	request += '&defaultReport='+defaultReport;
 	request += '&defaultDate='+defaultDate;
  	request += '&token_auth=' + piwik.token_auth;
@@ -66,7 +72,7 @@ $(document).ready( function() {
 		var onValidate = function() {
 			$.ajax( getUserSettingsAJAX() );
 		}
-		if($('#password').val() != '') {
+		if($('#password').length > 0 && $('#password').val() != '') {
 			piwikHelper.modalConfirm( '#confirmPasswordChange', {yes: onValidate});
 		} else {
 			onValidate();
diff --git a/plugins/UsersManager/templates/userSettings.tpl b/plugins/UsersManager/templates/userSettings.tpl
index 2fe325a57e..bfb516ffff 100644
--- a/plugins/UsersManager/templates/userSettings.tpl
+++ b/plugins/UsersManager/templates/userSettings.tpl
@@ -58,6 +58,7 @@
 	</td>
 </tr>
 
+{if isset($isValidHost) && $isValidHost}
 <tr>
 	<td><label for="email">{'UsersManager_ChangePassword'|translate} </label></td>
 	<td><input size="25" value="" autocomplete="off" id="password" type="password" />
@@ -66,7 +67,14 @@
 	 <span class='form-description'> {'UsersManager_TypeYourPasswordAgain'|translate}</span>
 	 </td>
 </tr>
+{/if}
 </table>
+{if !isset($isValidHost) || !$isValidHost}
+<div class="ajaxSuccess">
+	{'UsersManager_InjectedHostCannotChangePwd'|translate:$invalidHost}&nbsp;{if !$isSuperUser}{'UsersManager_EmailYourAdministrator'|translate:$invalidHostMailLinkStart:'</a>'}{/if}
+</div>
+<br/>
+{/if}
 
 {ajaxErrorDiv id=ajaxErrorUserSettings}
 {ajaxLoadingDiv id=ajaxLoadingUserSettings}