From a5ba32b8b6cbfbb0fb3900e6897ab72a74d1871f Mon Sep 17 00:00:00 2001 From: Ralf Becker Date: Tue, 27 Jul 2010 14:29:20 +0000 Subject: [PATCH] allow to change password without run rights for preferences via a new password app (part of preferences app, but separate to install) --- phpgwapi/inc/class.egw_framework.inc.php | 12 +- .../idots/class.idots_framework.inc.php | 2 +- preferences/inc/class.uipassword.inc.php | 229 +++++++++--------- preferences/password.php | 24 ++ preferences/setup/setup.inc.php | 15 ++ 5 files changed, 168 insertions(+), 114 deletions(-) create mode 100644 preferences/password.php diff --git a/phpgwapi/inc/class.egw_framework.inc.php b/phpgwapi/inc/class.egw_framework.inc.php index 50f23e5b66..ed6cac8dea 100644 --- a/phpgwapi/inc/class.egw_framework.inc.php +++ b/phpgwapi/inc/class.egw_framework.inc.php @@ -850,12 +850,20 @@ abstract class egw_framework { $this->_add_topmenu_item($apps['home']); } - if($GLOBALS['egw_info']['user']['apps']['preferences']) { $this->_add_topmenu_item($apps['preferences']); } - + elseif(($pw_app = $GLOBALS['egw_info']['user']['apps']['password']) && + !$GLOBALS['egw']->acl->check('nopasswordchange', 1)) + { + $this->_add_topmenu_item(array( + 'title' => $pw_app['title'], + 'url' => egw::link($pw_app['index']), + 'icon' => common::image($pw_app['icon'],$pw_app['icon_app']), + )); + } + if($GLOBALS['egw_info']['user']['apps']['manual'] && isset($apps['manual'])) { $this->_add_topmenu_item($apps['manual']); diff --git a/phpgwapi/templates/idots/class.idots_framework.inc.php b/phpgwapi/templates/idots/class.idots_framework.inc.php index 7e57b2fb17..f3a8e2b281 100644 --- a/phpgwapi/templates/idots/class.idots_framework.inc.php +++ b/phpgwapi/templates/idots/class.idots_framework.inc.php @@ -567,7 +567,7 @@ class idots_framework extends egw_framework $_item['url'] = $app_data['url']; $_item['urlextra'] = $app_data['target']; $_item['label'] = ($alt_label?$alt_label:$app_data['title']); - $this->tplsav2->menuitems[$app_data['name']] = $_item; + $this->tplsav2->menuitems[] = $_item; $this->tplsav2->icon_or_star = $GLOBALS['egw_info']['server']['webserver_url'] . '/phpgwapi/templates/'.$this->template.'/images'.'/orange-ball.png'; } diff --git a/preferences/inc/class.uipassword.inc.php b/preferences/inc/class.uipassword.inc.php index 22e89cc8ff..054f50c16e 100644 --- a/preferences/inc/class.uipassword.inc.php +++ b/preferences/inc/class.uipassword.inc.php @@ -1,124 +1,131 @@ * - * -------------------------------------------- * - * This program is free software; you can redistribute it and/or modify it * - * under the terms of the GNU General Public License as published by the * - * Free Software Foundation; either version 2 of the License, or (at your * - * option) any later version. * - \**************************************************************************/ +/** + * EGroupware preferences + * + * @package preferences + * @link http://www.egroupware.org + * @author Joseph Engo + * @license http://opensource.org/licenses/gpl-license.php GPL - GNU General Public License + * @version $Id$ + */ - /* $Id$ */ +class uipassword +{ + var $public_functions = array( + 'change' => True + ); - class uipassword + function uipassword() { - var $public_functions = array( - 'change' => True - ); + $this->bo =& CreateObject('preferences.bopassword'); - function uipassword() + } + + function change() + { + $n_passwd = $_POST['n_passwd']; + $n_passwd_2 = $_POST['n_passwd_2']; + $o_passwd_2 = $_POST['o_passwd_2']; + + if($GLOBALS['egw']->acl->check('nopasswordchange', 1) || $_POST['cancel']) { - $this->bo =& CreateObject('preferences.bopassword'); - - } - - function change() - { - $n_passwd = $_POST['n_passwd']; - $n_passwd_2 = $_POST['n_passwd_2']; - $o_passwd_2 = $_POST['o_passwd_2']; - - if($GLOBALS['egw']->acl->check('nopasswordchange', 1) || $_POST['cancel']) + if ($GLOBALS['egw_info']['user']['apps']['preferences']) { - $GLOBALS['egw']->redirect_link('/preferences/index.php'); - $GLOBALS['egw']->common->egw_exit(); - } - - $GLOBALS['egw']->template->set_file(array( - 'form' => 'changepassword.tpl' - )); - $GLOBALS['egw']->template->set_var('lang_enter_password',lang('Enter your new password')); - $GLOBALS['egw']->template->set_var('lang_reenter_password',lang('Re-enter your password')); - $GLOBALS['egw']->template->set_var('lang_enter_old_password',lang('Enter your old password')); - $GLOBALS['egw']->template->set_var('lang_change',lang('Change')); - $GLOBALS['egw']->template->set_var('lang_cancel',lang('Cancel')); - $GLOBALS['egw']->template->set_var('form_action',$GLOBALS['egw']->link('/index.php','menuaction=preferences.uipassword.change')); - - if($GLOBALS['egw_info']['server']['auth_type'] != 'ldap') - { - $GLOBALS['egw']->template->set_var('sql_message',lang('note: This feature does *not* change your email password. This will ' - . 'need to be done manually.')); - } - - if($_POST['change']) - { - $o_passwd = $GLOBALS['egw_info']['user']['passwd']; - - if($o_passwd != $o_passwd_2) - { - $errors[] = lang('The old password is not correct'); - } - - if($n_passwd != $n_passwd_2) - { - $errors[] = lang('The two passwords are not the same'); - } - - if(!$n_passwd) - { - $errors[] = lang('You must enter a password'); - } - if($GLOBALS['egw_info']['server']['check_save_passwd'] && $error_msg = $GLOBALS['egw']->auth->crackcheck($n_passwd)) - { - $errors[] = $error_msg; - } - - if(is_array($errors)) - { - $GLOBALS['egw']->common->egw_header(); - echo parse_navbar(); - $GLOBALS['egw']->template->set_var('messages',$GLOBALS['egw']->common->error_list($errors)); - $GLOBALS['egw']->template->pfp('out','form'); - $GLOBALS['egw']->common->egw_exit(True); - } - - $passwd_changed = $this->bo->changepass($o_passwd, $n_passwd); - if(!$passwd_changed) - { - $errors[] = lang('Failed to change password. Please contact your administrator.'); - $GLOBALS['egw']->common->egw_header(); - echo parse_navbar(); - $GLOBALS['egw']->template->set_var('messages',$GLOBALS['egw']->common->error_list($errors)); - $GLOBALS['egw']->template->pfp('out','form'); - $GLOBALS['egw']->common->egw_exit(True); - } - else - { - $GLOBALS['egw']->session->appsession('password','phpgwapi',base64_encode($n_passwd)); - $GLOBALS['egw_info']['user']['passwd'] = $n_passwd; - $GLOBALS['hook_values']['account_id'] = $GLOBALS['egw_info']['user']['account_id']; - $GLOBALS['hook_values']['old_passwd'] = $o_passwd; - $GLOBALS['hook_values']['new_passwd'] = $n_passwd; - - // called for every app now, not only for the ones enabled for the user - $GLOBALS['egw']->hooks->process($GLOBALS['hook_values']+array( - 'location' => 'changepassword', - ),False,True); - $GLOBALS['egw']->redirect_link('/preferences/index.php','cd=18'); - } + egw::redirect_link('/preferences/index.php'); } else { - $GLOBALS['egw_info']['flags']['app_header'] = lang('Change your password'); - $GLOBALS['egw']->common->egw_header(); - echo parse_navbar(); - - $GLOBALS['egw']->template->set_var('messages',$_GET['message']); - $GLOBALS['egw']->template->pfp('out','form'); - $GLOBALS['egw']->common->egw_footer(); + egw::redirect_link('/index.php'); // redirect to start page } } + + $GLOBALS['egw']->template->set_file(array( + 'form' => 'changepassword.tpl' + )); + $GLOBALS['egw']->template->set_var('lang_enter_password',lang('Enter your new password')); + $GLOBALS['egw']->template->set_var('lang_reenter_password',lang('Re-enter your password')); + $GLOBALS['egw']->template->set_var('lang_enter_old_password',lang('Enter your old password')); + $GLOBALS['egw']->template->set_var('lang_change',lang('Change')); + $GLOBALS['egw']->template->set_var('lang_cancel',lang('Cancel')); + $GLOBALS['egw']->template->set_var('form_action', + $GLOBALS['egw_info']['user']['apps']['preferences'] ? + egw::link('/index.php','menuaction=preferences.uipassword.change') : + egw::link('/preferences/password.php')); + + if($GLOBALS['egw_info']['server']['auth_type'] != 'ldap') + { + $GLOBALS['egw']->template->set_var('sql_message',lang('note: This feature does *not* change your email password. This will ' + . 'need to be done manually.')); + } + + if($_POST['change']) + { + $o_passwd = $GLOBALS['egw_info']['user']['passwd']; + + if($o_passwd != $o_passwd_2) + { + $errors[] = lang('The old password is not correct'); + } + + if($n_passwd != $n_passwd_2) + { + $errors[] = lang('The two passwords are not the same'); + } + + if(!$n_passwd) + { + $errors[] = lang('You must enter a password'); + } + if($GLOBALS['egw_info']['server']['check_save_passwd'] && $error_msg = $GLOBALS['egw']->auth->crackcheck($n_passwd)) + { + $errors[] = $error_msg; + } + + if(is_array($errors)) + { + common::egw_header(); + echo parse_navbar(); + $GLOBALS['egw']->template->set_var('messages',common::error_list($errors)); + $GLOBALS['egw']->template->pfp('out','form'); + common::egw_exit(True); + } + + $passwd_changed = $this->bo->changepass($o_passwd, $n_passwd); + if(!$passwd_changed) + { + $errors[] = lang('Failed to change password. Please contact your administrator.'); + common::egw_header(); + echo parse_navbar(); + $GLOBALS['egw']->template->set_var('messages',common::error_list($errors)); + $GLOBALS['egw']->template->pfp('out','form'); + common::egw_exit(True); + } + else + { + $GLOBALS['egw']->session->appsession('password','phpgwapi',base64_encode($n_passwd)); + $GLOBALS['egw_info']['user']['passwd'] = $n_passwd; + egw::invalidate_session_cache(); + $GLOBALS['hook_values']['account_id'] = $GLOBALS['egw_info']['user']['account_id']; + $GLOBALS['hook_values']['old_passwd'] = $o_passwd; + $GLOBALS['hook_values']['new_passwd'] = $n_passwd; + + // called for every app now, not only for the ones enabled for the user + $GLOBALS['egw']->hooks->process($GLOBALS['hook_values']+array( + 'location' => 'changepassword', + ),False,True); + if ($GLOBALS['egw_info']['user']['apps']['preferences']) + { + egw::redirect_link('/preferences/index.php','cd=18'); + } + $_GET['message'] = lang('Password changed'); + } + } + $GLOBALS['egw_info']['flags']['app_header'] = lang('Change your password'); + common::egw_header(); + echo parse_navbar(); + + $GLOBALS['egw']->template->set_var('messages',''.htmlspecialchars($_GET['message']).''); + $GLOBALS['egw']->template->pfp('out','form'); + common::egw_footer(); } -?> +} diff --git a/preferences/password.php b/preferences/password.php new file mode 100644 index 0000000000..cbd8a3ecfc --- /dev/null +++ b/preferences/password.php @@ -0,0 +1,24 @@ + + * @license http://opensource.org/licenses/gpl-license.php GPL - GNU General Public License + * @version $Id$ + */ + +$GLOBALS['egw_info'] = array( + 'flags' => array( + 'noheader' => True, + 'nonavbar' => True, + 'currentapp' => 'password', + ) +); +include('../header.inc.php'); + +$GLOBALS['egw']->template = new Template(common::get_tpl_dir('preferences')); + +ExecMethod('preferences.uipassword.change'); +common::egw_footer(); diff --git a/preferences/setup/setup.inc.php b/preferences/setup/setup.inc.php index dba7bd339e..1e96da59a6 100755 --- a/preferences/setup/setup.inc.php +++ b/preferences/setup/setup.inc.php @@ -29,3 +29,18 @@ $setup_info['preferences']['depends'][] = array( 'appname' => 'phpgwapi', 'versions' => Array('1.2','1.3','1.4','1.5','1.6','1.7') ); + +/** + * Password change without preferences rights + */ +$setup_info['password']['name'] = 'password'; +$setup_info['password']['title'] = 'Password'; +$setup_info['password']['version'] = $setup_info['preferences']['version']; +$setup_info['password']['app_order'] = 1; +$setup_info['password']['tables'] = array(); +$setup_info['password']['enable'] = 2; +$setup_info['password']['index'] = '/preferences/password.php'; +$setup_info['password']['author'] = $setup_info['preferences']['author']; +$setup_info['password']['maintainer']= $setup_info['preferences']['maintainer']; +$setup_info['password']['license'] = $setup_info['preferences']['license']; +$setup_info['password']['depends'] = $setup_info['preferences']['depends'];