From 45b784b90688b87dd45fe593a54745971844c4af Mon Sep 17 00:00:00 2001 From: hickert Date: Thu, 11 Mar 2010 15:11:45 +0000 Subject: [PATCH] Force password change when password storage method was modified git-svn-id: https://oss.gonicus.de/repositories/gosa/trunk@16469 594d385d-05f5-0310-b6e9-bd551577e9d8 --- .../personal/myaccount/MyAccountTabs.inc | 3 + gosa-core/plugins/personal/myaccount/main.inc | 68 ++++++++++++++----- 2 files changed, 53 insertions(+), 18 deletions(-) diff --git a/gosa-core/plugins/personal/myaccount/MyAccountTabs.inc b/gosa-core/plugins/personal/myaccount/MyAccountTabs.inc index 8cdea72c8..a65d980b2 100644 --- a/gosa-core/plugins/personal/myaccount/MyAccountTabs.inc +++ b/gosa-core/plugins/personal/myaccount/MyAccountTabs.inc @@ -22,12 +22,15 @@ class MyAccountTabs extends tabs { + var $password_change_needed = FALSE; function remove_lock() { echo "Implement remove Lock !!!!!";; } + + # var $base; # # /* Template adaption variables diff --git a/gosa-core/plugins/personal/myaccount/main.inc b/gosa-core/plugins/personal/myaccount/main.inc index b3f89d4b0..ccd0cdc4a 100644 --- a/gosa-core/plugins/personal/myaccount/main.inc +++ b/gosa-core/plugins/personal/myaccount/main.inc @@ -24,7 +24,7 @@ /* Remove locks created by this plugin */ $lock_msg=""; -if ($remove_lock || isset($_POST['edit_cancel'])){ +if ($remove_lock || isset($_POST['edit_cancel']) || isset($_POST['password_cancel'])){ if(session::is_set('MyAccountTabs') && session::is_set('edit')){ session::un_set('MyAccountTabs'); del_lock($ui->dn); @@ -67,36 +67,68 @@ if (! $cleanup ){ } } - /* save changes to LDAP and disable edit mode */ $info= ""; if (isset($_POST['edit_finish'])){ - - /* Perform checks */ $message= $MyAccountTabs->check (); - - /* No errors, save object */ if (count ($message) == 0){ $MyAccountTabs->save (); - $MyAccountTabs->setReadOnly(TRUE); del_lock ($ui->dn); session::un_set ('edit'); - - /* Remove from session */ - session::un_set ('MyAccountTabs'); + if(isset($MyAccountTabs->by_object['user']) && $MyAccountTabs->by_object['user']->password_change_needed()){ + $MyAccountTabs->password_change_needed = TRUE; + }else{ + session::un_set ('MyAccountTabs'); + } } else { - /* Errors found, show message */ msg_dialog::displayChecks($message); } } - /* Execute formular */ - pathNavigator::registerPlugin(_("My account")); - if($lock_msg){ - $display = $lock_msg; - }else{ - $display.= $MyAccountTabs->execute (); + + if (isset($_POST['password_finish']) && $MyAccountTabs->password_change_needed){ + $user = $MyAccountTabs->by_object['user']; + + if ($user->acl_is_writeable("userPassword") || $user->acl_is_createable()){ + $message= array(); + if ($_POST['new_password'] != $_POST['repeated_password']){ + $message[]= _("The passwords you've entered as 'New password' and 'Repeated new password' do not match."); + } else { + if ($_POST['new_password'] == ""){ + $message[]= msgPool::required(_("New password")); + } + } + + if (count($message) != 0){ + msg_dialog::displayChecks($message); + $display.= $smarty->fetch(get_template_path('password.tpl', TRUE)); + return ($display); + } + change_password ($user->dn, $_POST['new_password'], 0, $user->pw_storage); + $MyAccountTabs= new MyAccountTabs($config,$config->data['TABS']['MYACCOUNTTABS'], $ui->dn, "users", true, true); + $MyAccountTabs->setReadOnly(TRUE); + session::set('MyAccountTabs',$MyAccountTabs); + new log("modify","users/password","",array(),"Password has been changed"); + } else { + msg_dialog::display(_("Error"), _("You have no permission to set your password!"), ERROR_DIALOG); + } + + del_lock ($ui->dn); + session::un_set ('user'); + } + + if($MyAccountTabs->password_change_needed){ + $display.= $smarty->fetch(get_template_path('password.tpl', TRUE)); } + /* Execute formular */ + if(!$MyAccountTabs->password_change_needed){ + pathNavigator::registerPlugin(_("My account")); + if($lock_msg){ + $display = $lock_msg; + }else{ + $display.= $MyAccountTabs->execute (); + } + } /* Store changes in session */ if (session::is_set('edit')){ @@ -104,7 +136,7 @@ if (! $cleanup ){ } /* Show page footer depending on the mode */ - if (!$MyAccountTabs->is_modal_dialog() && empty($lock_msg)){ + if (!$MyAccountTabs->is_modal_dialog() && empty($lock_msg) && !$MyAccountTabs->password_change_needed){ $display.= "
"; -- 2.30.2