* Admin/Preferences: changepassword hook was called twice

fixed by calling in now from API and not on every location in application code changing a password
This commit is contained in:
Ralf Becker 2013-10-25 19:29:16 +00:00
parent 76362d59b8
commit 852a836730
5 changed files with 29 additions and 138 deletions

View File

@ -7,13 +7,13 @@
* @package admin
* @copyright (c) 2007 by Ralf Becker <RalfBecker-AT-outdoor-training.de>
* @license http://opensource.org/licenses/gpl-license.php GPL - GNU General Public License
* @version $Id$
* @version $Id$
*/
/**
* admin command: change the password of a given user
*/
class admin_cmd_change_pw extends admin_cmd
class admin_cmd_change_pw extends admin_cmd
{
/**
* Constructor
@ -35,7 +35,7 @@ class admin_cmd_change_pw extends admin_cmd
/**
* change the password of a given user
*
*
* @param boolean $check_only=false only run the checks (and throw the exceptions), but not the command itself
* @return string success message
* @throws egw_exception_no_admin
@ -47,29 +47,16 @@ class admin_cmd_change_pw extends admin_cmd
$account_id = admin_cmd::parse_account($this->account,true); // true = user, no group
// check creator is still admin and not explicitly forbidden to edit accounts
if ($this->creator) $this->_check_admin('account_access',16);
if ($check_only) return true;
$auth = new auth;
if (!$auth->change_password(null, $this->password, $account_id))
{
// as long as the auth class is not throwing itself ...
throw new Exception(lang('Error changing the password for % !!!',$this->account),99);
}
$GLOBALS['hook_values']['account_id'] = $account_id;
$GLOBALS['hook_values']['account_lid'] = $this->account;
if (is_numeric($this->account))
{
admin_cmd::_instanciate_accounts();
$GLOBALS['hook_values']['account_lid'] = admin_cmd::$accounts->id2name($this->account);
}
$GLOBALS['hook_values']['old_passwd'] = null;
$GLOBALS['hook_values']['new_passwd'] = $this->password;
$GLOBALS['egw']->hooks->process($GLOBALS['hook_values']+array(
'location' => 'changepassword'
),False,True); // called for every app now, not only enabled ones)
return lang('Password updated');
}

View File

@ -398,14 +398,6 @@
$auth = new auth();
if ($auth->change_password('', $passwd, $_userData['account_id']))
{
$GLOBALS['hook_values']['account_id'] = $_userData['account_id'];
$GLOBALS['hook_values']['old_passwd'] = '';
$GLOBALS['hook_values']['new_passwd'] = $passwd;
$GLOBALS['egw']->hooks->process($GLOBALS['hook_values']+array(
'location' => 'changepassword'
),False,True); // called for every app now, not only enabled ones)
if ($_userData['account_lastpwd_change']==0 || // AD requires to activate account AFTER setting pw
$new_account && $_userData['account_status'] == 'A' && $GLOBALS['egw']->accounts->require_password_for_enable())
{

View File

@ -230,13 +230,28 @@ class auth
{
throw new egw_exception_wrong_userinput($err);
}
if (($ret = $this->backend->change_password($old_passwd, $new_passwd, $account_id)) &&
($account_id == $GLOBALS['egw_info']['user']['account_id']))
if (($ret = $this->backend->change_password($old_passwd, $new_passwd, $account_id)))
{
// need to change current users password in session
egw_cache::setSession('phpgwapi', 'password', base64_encode($new_passwd));
// invalidate EGroupware session, as password is stored in egw_info in session
egw::invalidate_session_cache();
if ($account_id == $GLOBALS['egw_info']['user']['account_id'])
{
// need to change current users password in session
egw_cache::setSession('phpgwapi', 'password', base64_encode($new_passwd));
$GLOBALS['egw_info']['user']['passwd'] = $new_passwd;
$GLOBALS['egw_info']['user']['account_lastpwd_change'] = egw_time::to('now','ts');
// invalidate EGroupware session, as password is stored in egw_info in session
egw::invalidate_session_cache();
}
accounts::cache_invalidate($account_id);
// run changepwasswd hook
$GLOBALS['hook_values'] = array(
'account_id' => $account_id,
'account_lid' => accounts::id2name($account_id),
'old_passwd' => $old_passwd,
'new_passwd' => $new_passwd,
);
$GLOBALS['egw']->hooks->process($GLOBALS['hook_values']+array(
'location' => 'changepassword'
),False,True); // called for every app now, not only enabled ones)
}
return $ret;
}

View File

@ -1,84 +0,0 @@
<?php
/**************************************************************************\
* eGroupWare - preferences *
* http://www.egroupware.org *
* Written by Joseph Engo <jengo@phpgroupware.org> *
* -------------------------------------------- *
* This program is free software; you can redistribute it and/or modify it *
* under the terms of the GNU General Public License as published by the *
* Free Software Foundation; either version 2 of the License, or (at your *
* option) any later version. *
\**************************************************************************/
/* $Id$ */
class bopassword
{
var $public_functions = array(
'changepass' => True
);
var $xml_functions = array();
var $xmlrpc_methods = array();
var $soap_functions = array(
'changepass' => array(
'in' => array('string','string'),
'out' => array('boolean')
)
);
var $debug = False;
function changepass($old,$new)
{
if (($ret = $GLOBALS['egw']->auth->change_password($old, $new, $GLOBALS['egw_info']['user']['account_id'])))
{
$GLOBALS['hook_values']['account_id'] = $GLOBALS['egw_info']['user']['account_id'];
$GLOBALS['hook_values']['old_passwd'] = $old;
$GLOBALS['hook_values']['new_passwd'] = $new;
$GLOBALS['egw']->hooks->process($GLOBALS['hook_values']+array(
'location' => 'changepassword'
),False,True); // called for every app now, not only enabled ones)
}
return $ret;
}
function list_methods($_type='xmlrpc')
{
/*
This handles introspection or discovery by the logged in client,
in which case the input might be an array. The server always calls
this function to fill the server dispatch map using a string.
*/
if(is_array($_type))
{
$_type = $_type['type'] ? $_type['type'] : $_type[0];
}
switch($_type)
{
case 'xmlrpc':
$xml_functions = array(
'changepass' => array(
'function' => 'changepass',
'signature' => array(array(xmlrpcBoolean,xmlrpcString,xmlrcpString)),
'docstring' => lang('Change a user password by passing the old and new passwords. Returns TRUE on success, FALSE on failure.')
),
'list_methods' => array(
'function' => 'list_methods',
'signature' => array(array(xmlrpcStruct,xmlrpcString)),
'docstring' => lang('Read this list of methods.')
)
);
return $xml_functions;
break;
case 'soap':
return $this->soap_functions;
break;
default:
return array();
break;
}
}
}
?>

View File

@ -15,12 +15,6 @@ class uipassword
'change' => True
);
function uipassword()
{
$this->bo =& CreateObject('preferences.bopassword');
}
function change()
{
//_debug_array($GLOBALS['egw_info']['user']);
@ -97,7 +91,8 @@ class uipassword
if (!$errors)
{
try {
$passwd_changed = $this->bo->changepass($o_passwd, $n_passwd);
$passwd_changed = $GLOBALS['egw']->auth->change_password($o_passwd, $n_passwd,
$GLOBALS['egw_info']['user']['account_id']);
}
catch (Exception $e) {
$errors[] = $e->getMessage();
@ -117,20 +112,6 @@ class uipassword
}
else
{
$GLOBALS['egw']->session->appsession('password','phpgwapi',base64_encode($n_passwd));
$GLOBALS['egw_info']['user']['passwd'] = $n_passwd;
$GLOBALS['egw_info']['user']['account_lastpwd_change'] = egw_time::to('now','ts');
accounts::cache_invalidate($GLOBALS['egw_info']['user']['account_id']);
egw::invalidate_session_cache();
//_debug_array( $GLOBALS['egw_info']['user']);
$GLOBALS['hook_values']['account_id'] = $GLOBALS['egw_info']['user']['account_id'];
$GLOBALS['hook_values']['old_passwd'] = $o_passwd;
$GLOBALS['hook_values']['new_passwd'] = $n_passwd;
// called for every app now, not only for the ones enabled for the user
$GLOBALS['egw']->hooks->process($GLOBALS['hook_values']+array(
'location' => 'changepassword',
),False,True);
if ($GLOBALS['egw_info']['user']['apps']['preferences'])
{
egw::redirect_link('/preferences/index.php','cd=18');