diff options
| author | Björn Schießle <schiessle@owncloud.com> | 2013-06-06 15:32:02 +0400 |
|---|---|---|
| committer | Björn Schießle <schiessle@owncloud.com> | 2013-06-10 13:12:55 +0400 |
| commit | ec80dd5e3aeff6fdef7ab4ec42ad08da92ba8e96 (patch) | |
| tree | 562ece6aeff8fe68d6f8ef02124beecf190deebe /settings | |
| parent | d3a663469ae9a1d3f6154664a6f38758c8cca565 (diff) | |
use pre_setPassword hook to update the encryption keys if the back-end doesn't support password change; improved output to let the admin know what happened
Diffstat (limited to 'settings')
| -rw-r--r-- | settings/ajax/changepassword.php | 30 |
1 files changed, 21 insertions, 9 deletions
diff --git a/settings/ajax/changepassword.php b/settings/ajax/changepassword.php index cb66c57c743..30877810550 100644 --- a/settings/ajax/changepassword.php +++ b/settings/ajax/changepassword.php @@ -28,17 +28,29 @@ if(is_null($userstatus)) { exit(); } -$util = new \OCA\Encryption\Util(new \OC_FilesystemView('/'), $username); $recoveryAdminEnabled = OC_Appconfig::getValue( 'files_encryption', 'recoveryAdminEnabled' ); -$recoveryEnabledForUser = $util->recoveryEnabledForUser(); -if ($recoveryAdminEnabled && $recoveryEnabledForUser && $recoveryPassword == '') { + +$validRecoveryPassword = false; +$recoveryPasswordSupported = false; + +if ($recoveryAdminEnabled) { + $util = new \OCA\Encryption\Util(new \OC_FilesystemView('/'), $username); + $validRecoveryPassword = $util->checkRecoveryPassword($recoveryPassword); + $recoveryPasswordSupported = $util->recoveryEnabledForUser(); +} + +if ($recoveryPasswordSupported && $recoveryPassword == '') { OC_JSON::error(array("data" => array( "message" => "Please provide a admin recovery password, otherwise all user data will be lost" ))); -}elseif ( $recoveryPassword && ! $util->checkRecoveryPassword($recoveryPassword) ) { +} elseif ( $recoveryPasswordSupported && ! $validRecoveryPassword) { OC_JSON::error(array("data" => array( "message" => "Wrong admin recovery password. Please check the password and try again." ))); -}elseif(!is_null($password) && OC_User::setPassword( $username, $password, $recoveryPassword )) { - OC_JSON::success(array("data" => array( "username" => $username ))); -} -else{ - OC_JSON::error(array("data" => array( "message" => "Unable to change password" ))); +} else { // now we know that everything is file regarding the recovery password, let's try to change the password + $result = OC_User::setPassword($username, $password, $recoveryPassword); + if (!$result && $recoveryPasswordSupported) { + OC_JSON::error(array("data" => array( "message" => "Back-end doesn't support password change, but the users encryption key was successfully updated." ))); + } elseif (!$result && !$recoveryPasswordSupported) { + OC_JSON::error(array("data" => array( "message" => "Unable to change password" ))); + } else { + OC_JSON::success(array("data" => array( "username" => $username ))); + } } |