allow auth backends to throw exceptions to give verbose error why password changing failed, auth_ads does now password strength check (even if not configured), as this is most likely cause for not changed password

This commit is contained in:
Ralf Becker 2013-06-23 10:46:26 +00:00
parent c44be3ee6d
commit 293d395472
3 changed files with 30 additions and 12 deletions

View File

@ -679,6 +679,7 @@ interface auth_backend
* @param string $old_passwd must be cleartext
* @param string $new_passwd must be cleartext
* @param int $account_id account id of user whose passwd should be changed
* @throws Exception to give a verbose error, why changing password failed
* @return boolean true if password successful changed, false otherwise
*/
function change_password($old_passwd, $new_passwd, $account_id=0);

View File

@ -99,6 +99,7 @@ class auth_ads implements auth_backend
* @param string $new_passwd must be cleartext
* @param int $account_id account id of user whose passwd should be changed
* @return boolean true if password successful changed, false otherwise
* @throws egw_exception_wrong_userinput
*/
function change_password($old_passwd, $new_passwd, $_account_id=0)
{
@ -124,6 +125,20 @@ class auth_ads implements auth_backend
//error_log(__METHOD__."() old password '$old_passwd' for '$username' is wrong!");
return false;
}
try {
return $adldap->user()->password($username, $new_passwd);
}
catch (Exception $e) {
// as we cant (todo) detect what the problem is, we do a password strength check and throw it's message, if it fails
if (($error = auth::crackcheck($new_passwd)))
{
throw new egw_exception_wrong_userinput($error);
}
else
{
throw new egw_exception(lang('Failed to change password. Please contact your administrator.').' ('.$e->getMessage().')');
}
}
return false;
}
}

View File

@ -63,8 +63,9 @@ class uipassword
//_debug_array($bofelamimail->ogServer);
$smtpClassName = get_class($bofelamimail->ogServer);
}
$GLOBALS['egw']->template->set_var('sql_message',($smtpClassName!='emailadmin_smtp_sql'?lang('note: This feature does *not* change your email password. This will '
. 'need to be done manually.'):''));
$GLOBALS['egw']->template->set_var('sql_message',
$smtpClassName != 'defaultsmtp' ? '' :
lang('note: This feature does *not* change your email password. This will need to be done manually.'));
}
if($_POST['change'])
@ -102,19 +103,20 @@ class uipassword
$errors[] = $error_msg;
}
if(is_array($errors))
{
common::egw_header();
echo parse_navbar();
$GLOBALS['egw']->template->set_var('messages',common::error_list($errors));
$GLOBALS['egw']->template->pfp('out','form');
common::egw_exit(True);
// allow auth backends to throw exceptions and display there message
try {
$passwd_changed = $this->bo->changepass($o_passwd, $n_passwd);
}
catch (Exception $e) {
$errors[] = $e->getMessage();
}
$passwd_changed = $this->bo->changepass($o_passwd, $n_passwd);
if(!$passwd_changed)
{
if (!$errors) // if we have no specific error, add general message
{
$errors[] = lang('Failed to change password. Please contact your administrator.');
}
common::egw_header();
echo parse_navbar();
$GLOBALS['egw']->template->set_var('messages',common::error_list($errors));