extern/egroupware
1
0
Fork 1
mirror of https://github.com/EGroupware/egroupware.git synced 2024-11-07 08:34:42 +01:00
Code Issues Packages Projects Releases Wiki Activity

automatic open "Security & password" dialog for SSO logins, if password is required in filemanager

Browse Source
This commit is contained in:
ralf 2024-09-03 12:52:33 +02:00
parent fd216b07f2
commit 432d36c80b
2 changed files with 16 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
api/src/Vfs/StreamWrapper.php
View File

@ -664,15 +664,28 @@ class StreamWrapper extends Base implements StreamWrapperIface
$this->opened_dir_writable = $this->check_access($this->opened_dir_url,Vfs::WRITABLE);
// check our fstab if we need to add some of the mountpoints
$basepath = Vfs::parse_url($path,PHP_URL_PATH);
foreach(array_keys(self::$fstab) as $mounted)
foreach(self::$fstab as $mounted => $url)
{
$access = null;
if (((Vfs::dirname($mounted) == $basepath || Vfs::dirname($mounted).'/' == $basepath) && $mounted != '/') &&
// only return children readable by the user, if dir is not writable
(!self::HIDE_UNREADABLES || $this->opened_dir_writable ||
$this->check_access($mounted,Vfs::READABLE)))
($access=$this->check_access($mounted,Vfs::READABLE))))
{
$this->extra_dirs[] = Vfs::basename($mounted);
}
// if there is no password in the session, but it's required for that mount-point, and
// admin enabled storing passwords for SSO --> open "Security & password" popup so user can enter it
elseif ($access === false && !empty($GLOBALS['egw_info']['server']['store_password_for_sso']) &&
strpos($url, '$user:$pass') !== false && empty($GLOBALS['egw']->session->passwd) &&
Api\Json\Request::isJSONRequest())
{
Api\Cache::getSession(__CLASS__, 'no-session-password', static function()
{
Api\Json\Response::get()->apply('egw.open_link', ['preferences.preferences_password.change', '_blank', '850x580', null, true]);
return true;
});
}
}

2
preferences/inc/class.preferences_password.inc.php
View File

@ -67,7 +67,7 @@ class preferences_password
unset($content['2fa']['secret_key']);
// check user password for everything but password change, where it will be checked anyway
$auth = new Api\Auth();
$auth = new Api\Auth($GLOBALS['egw_info']['server']['auth_type'] ?? $GLOBALS['egw_info']['server']['account_repository'] ?? 'sql');
if ($content['tabs'] !== 'change_password' &&
!$auth->authenticate($GLOBALS['egw_info']['user']['account_lid'], $content['password']))
{