automatic open "Security & password" dialog for SSO logins, if password is required in filemanager

This commit is contained in:
ralf 2024-09-03 12:52:33 +02:00
parent fd216b07f2
commit 432d36c80b
2 changed files with 16 additions and 3 deletions

View File

@ -664,15 +664,28 @@ class StreamWrapper extends Base implements StreamWrapperIface
$this->opened_dir_writable = $this->check_access($this->opened_dir_url,Vfs::WRITABLE); $this->opened_dir_writable = $this->check_access($this->opened_dir_url,Vfs::WRITABLE);
// check our fstab if we need to add some of the mountpoints // check our fstab if we need to add some of the mountpoints
$basepath = Vfs::parse_url($path,PHP_URL_PATH); $basepath = Vfs::parse_url($path,PHP_URL_PATH);
foreach(array_keys(self::$fstab) as $mounted) foreach(self::$fstab as $mounted => $url)
{ {
$access = null;
if (((Vfs::dirname($mounted) == $basepath || Vfs::dirname($mounted).'/' == $basepath) && $mounted != '/') && if (((Vfs::dirname($mounted) == $basepath || Vfs::dirname($mounted).'/' == $basepath) && $mounted != '/') &&
// only return children readable by the user, if dir is not writable // only return children readable by the user, if dir is not writable
(!self::HIDE_UNREADABLES || $this->opened_dir_writable || (!self::HIDE_UNREADABLES || $this->opened_dir_writable ||
$this->check_access($mounted,Vfs::READABLE))) ($access=$this->check_access($mounted,Vfs::READABLE))))
{ {
$this->extra_dirs[] = Vfs::basename($mounted); $this->extra_dirs[] = Vfs::basename($mounted);
} }
// if there is no password in the session, but it's required for that mount-point, and
// admin enabled storing passwords for SSO --> open "Security & password" popup so user can enter it
elseif ($access === false && !empty($GLOBALS['egw_info']['server']['store_password_for_sso']) &&
strpos($url, '$user:$pass') !== false && empty($GLOBALS['egw']->session->passwd) &&
Api\Json\Request::isJSONRequest())
{
Api\Cache::getSession(__CLASS__, 'no-session-password', static function()
{
Api\Json\Response::get()->apply('egw.open_link', ['preferences.preferences_password.change', '_blank', '850x580', null, true]);
return true;
});
}
} }

View File

@ -67,7 +67,7 @@ class preferences_password
unset($content['2fa']['secret_key']); unset($content['2fa']['secret_key']);
// check user password for everything but password change, where it will be checked anyway // check user password for everything but password change, where it will be checked anyway
$auth = new Api\Auth(); $auth = new Api\Auth($GLOBALS['egw_info']['server']['auth_type'] ?? $GLOBALS['egw_info']['server']['account_repository'] ?? 'sql');
if ($content['tabs'] !== 'change_password' && if ($content['tabs'] !== 'change_password' &&
!$auth->authenticate($GLOBALS['egw_info']['user']['account_lid'], $content['password'])) !$auth->authenticate($GLOBALS['egw_info']['user']['account_lid'], $content['password']))
{ {