mirror of
https://github.com/EGroupware/egroupware.git
synced 2024-12-29 01:59:19 +01:00
automatic open "Security & password" dialog for SSO logins, if password is required in filemanager
This commit is contained in:
parent
dacec3981b
commit
3eb84389c1
@ -664,15 +664,28 @@ class StreamWrapper extends Base implements StreamWrapperIface
|
||||
$this->opened_dir_writable = $this->check_access($this->opened_dir_url,Vfs::WRITABLE);
|
||||
// check our fstab if we need to add some of the mountpoints
|
||||
$basepath = Vfs::parse_url($path,PHP_URL_PATH);
|
||||
foreach(array_keys(self::$fstab) as $mounted)
|
||||
foreach(self::$fstab as $mounted => $url)
|
||||
{
|
||||
$access = null;
|
||||
if (((Vfs::dirname($mounted) == $basepath || Vfs::dirname($mounted).'/' == $basepath) && $mounted != '/') &&
|
||||
// only return children readable by the user, if dir is not writable
|
||||
(!self::HIDE_UNREADABLES || $this->opened_dir_writable ||
|
||||
$this->check_access($mounted,Vfs::READABLE)))
|
||||
($access=$this->check_access($mounted,Vfs::READABLE))))
|
||||
{
|
||||
$this->extra_dirs[] = Vfs::basename($mounted);
|
||||
}
|
||||
// if there is no password in the session, but it's required for that mount-point, and
|
||||
// admin enabled storing passwords for SSO --> open "Security & password" popup so user can enter it
|
||||
elseif ($access === false && !empty($GLOBALS['egw_info']['server']['store_password_for_sso']) &&
|
||||
strpos($url, '$user:$pass') !== false && empty($GLOBALS['egw']->session->passwd) &&
|
||||
Api\Json\Request::isJSONRequest())
|
||||
{
|
||||
Api\Cache::getSession(__CLASS__, 'no-session-password', static function()
|
||||
{
|
||||
Api\Json\Response::get()->apply('egw.open_link', ['preferences.preferences_password.change', '_blank', '850x580', null, true]);
|
||||
return true;
|
||||
});
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
|
@ -67,7 +67,7 @@ class preferences_password
|
||||
unset($content['2fa']['secret_key']);
|
||||
|
||||
// check user password for everything but password change, where it will be checked anyway
|
||||
$auth = new Api\Auth();
|
||||
$auth = new Api\Auth($GLOBALS['egw_info']['server']['auth_type'] ?? $GLOBALS['egw_info']['server']['account_repository'] ?? 'sql');
|
||||
if ($content['tabs'] !== 'change_password' &&
|
||||
!$auth->authenticate($GLOBALS['egw_info']['user']['account_lid'], $content['password']))
|
||||
{
|
||||
|
Loading…
Reference in New Issue
Block a user