mirror of
https://github.com/EGroupware/egroupware.git
synced 2024-11-22 07:53:39 +01:00
* Api: Store recoverable password (encrypted) for shares so you don't have to change it when you forget
This commit is contained in:
parent
4ffaaea76e
commit
2c5170f15b
@ -66,9 +66,16 @@ export class Et2Password extends Et2InvokerMixin(Et2Textbox)
|
||||
}
|
||||
attrs.type = 'password';
|
||||
|
||||
if(attrs.viewable)
|
||||
if(typeof attrs.viewable !== "undefined")
|
||||
{
|
||||
attrs['passwordToggle'] = true;
|
||||
attrs['passwordToggle'] = attrs.viewable;
|
||||
delete attrs.viewable;
|
||||
}
|
||||
if(typeof attrs.passwordToggle !== "undefined" && !attrs.passwordToggle
|
||||
|| typeof attrs.passwordToggle == "string" && !this.getArrayMgr("content").parseBoolExpression(attrs.passwordToggle))
|
||||
{
|
||||
// Unset passwordToggle if its false. It's from parent, and it doesn't handle string "false" = false
|
||||
delete attrs.passwordToggle;
|
||||
}
|
||||
|
||||
super.transformAttributes(attrs);
|
||||
@ -149,7 +156,7 @@ export class Et2Password extends Et2InvokerMixin(Et2Textbox)
|
||||
|
||||
this.visible = !this.visible; // can't access private isPasswordVisible
|
||||
|
||||
if (!this.visible || !this.encrypted)
|
||||
if(!this.visible || !this.encrypted || !this.value)
|
||||
{
|
||||
this.type = this.visible ? 'text' : 'password';
|
||||
return;
|
||||
|
@ -11,7 +11,7 @@
|
||||
/* Basic information about this app */
|
||||
$setup_info['api']['name'] = 'api';
|
||||
$setup_info['api']['title'] = 'EGroupware API';
|
||||
$setup_info['api']['version'] = '23.1.002';
|
||||
$setup_info['api']['version'] = '23.1.003';
|
||||
$setup_info['api']['versions']['current_header'] = '1.29';
|
||||
// maintenance release in sync with changelog in doc/rpm-build/debian.changes
|
||||
$setup_info['api']['versions']['maintenance_release'] = '23.1.20230728';
|
||||
|
@ -397,6 +397,8 @@ $phpgw_baseline = array(
|
||||
'share_writable' => array('type' => 'int','precision' => '1','nullable' => False,'default' => '0','comment' => '0=readable, 1=writable'),
|
||||
'share_with' => array('type' => 'varchar','precision' => '4096','comment' => 'email addresses, comma seperated'),
|
||||
'share_passwd' => array('type' => 'varchar','precision' => '128','comment' => 'optional password-hash'),
|
||||
'share_password' => array('type' => 'varchar', 'precision' => '128',
|
||||
'comment' => 'optional reversible password'),
|
||||
'share_created' => array('type' => 'timestamp','nullable' => False,'comment' => 'creation date'),
|
||||
'share_last_accessed' => array('type' => 'timestamp','comment' => 'last access of share')
|
||||
),
|
||||
|
@ -903,3 +903,14 @@ function api_upgrade23_1_001()
|
||||
|
||||
return $GLOBALS['setup_info']['api']['currentver'] = '23.1.002';
|
||||
}
|
||||
|
||||
function api_upgrade23_1_002()
|
||||
{
|
||||
$GLOBALS['egw_setup']->oProc->AddColumn('egw_sharing', 'share_password', array(
|
||||
'type' => 'varchar',
|
||||
'precision' => '128',
|
||||
'comment' => 'optional reversible password'
|
||||
));
|
||||
|
||||
return $GLOBALS['setup_info']['api']['currentver'] = '23.1.003';
|
||||
}
|
@ -59,7 +59,10 @@ class Password extends Etemplate\Widget\Textbox
|
||||
$preserv = (string)$value;
|
||||
|
||||
// only send password (or hash) to client-side, if explicitly requested
|
||||
if (!empty($value) && (!array_key_exists('viewable', $this->attrs) || !in_array($this->attrs['viewable'], ['1', 'true', true], true)))
|
||||
if(!empty($value) && (!array_key_exists('viewable', $this->attrs) ||
|
||||
!in_array($this->attrs['viewable'], ['1', 'true', true], true))
|
||||
&& (!array_key_exists('passwordToggle', $this->attrs) ||
|
||||
!in_array($this->attrs['passwordToggle'], ['1', 'true', true], true)))
|
||||
{
|
||||
$value = str_repeat('*', strlen($preserv));
|
||||
}
|
||||
@ -144,6 +147,18 @@ class Password extends Etemplate\Widget\Textbox
|
||||
if($GLOBALS['egw']->auth->authenticate($GLOBALS['egw_info']['user']['account_lid'],$user_password))
|
||||
{
|
||||
$decrypted = Credentials::decrypt(array('cred_password' => $password,'cred_pw_enc' => Credentials::SYSTEM_AES));
|
||||
|
||||
// Try user
|
||||
if(!$decrypted || $decrypted == Credentials::UNAVAILABLE)
|
||||
{
|
||||
$decrypted = Credentials::decrypt(
|
||||
[
|
||||
'cred_password' => $password,
|
||||
'cred_pw_enc' => Credentials::USER_AES,
|
||||
'account_id' => $GLOBALS['egw_info']['user']['account_id']
|
||||
]
|
||||
);
|
||||
}
|
||||
}
|
||||
$response->data($decrypted);
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user