mirror of
https://github.com/EGroupware/egroupware.git
synced 2024-11-23 08:23:12 +01:00
* Admin/Preferences: changepassword hook was called twice
fixed by calling in now from API and not on every location in application code changing a password
This commit is contained in:
parent
76362d59b8
commit
852a836730
@ -7,13 +7,13 @@
|
||||
* @package admin
|
||||
* @copyright (c) 2007 by Ralf Becker <RalfBecker-AT-outdoor-training.de>
|
||||
* @license http://opensource.org/licenses/gpl-license.php GPL - GNU General Public License
|
||||
* @version $Id$
|
||||
* @version $Id$
|
||||
*/
|
||||
|
||||
/**
|
||||
* admin command: change the password of a given user
|
||||
*/
|
||||
class admin_cmd_change_pw extends admin_cmd
|
||||
class admin_cmd_change_pw extends admin_cmd
|
||||
{
|
||||
/**
|
||||
* Constructor
|
||||
@ -35,7 +35,7 @@ class admin_cmd_change_pw extends admin_cmd
|
||||
|
||||
/**
|
||||
* change the password of a given user
|
||||
*
|
||||
*
|
||||
* @param boolean $check_only=false only run the checks (and throw the exceptions), but not the command itself
|
||||
* @return string success message
|
||||
* @throws egw_exception_no_admin
|
||||
@ -47,29 +47,16 @@ class admin_cmd_change_pw extends admin_cmd
|
||||
$account_id = admin_cmd::parse_account($this->account,true); // true = user, no group
|
||||
// check creator is still admin and not explicitly forbidden to edit accounts
|
||||
if ($this->creator) $this->_check_admin('account_access',16);
|
||||
|
||||
|
||||
if ($check_only) return true;
|
||||
|
||||
|
||||
$auth = new auth;
|
||||
|
||||
|
||||
if (!$auth->change_password(null, $this->password, $account_id))
|
||||
{
|
||||
// as long as the auth class is not throwing itself ...
|
||||
throw new Exception(lang('Error changing the password for % !!!',$this->account),99);
|
||||
}
|
||||
$GLOBALS['hook_values']['account_id'] = $account_id;
|
||||
$GLOBALS['hook_values']['account_lid'] = $this->account;
|
||||
if (is_numeric($this->account))
|
||||
{
|
||||
admin_cmd::_instanciate_accounts();
|
||||
$GLOBALS['hook_values']['account_lid'] = admin_cmd::$accounts->id2name($this->account);
|
||||
}
|
||||
$GLOBALS['hook_values']['old_passwd'] = null;
|
||||
$GLOBALS['hook_values']['new_passwd'] = $this->password;
|
||||
$GLOBALS['egw']->hooks->process($GLOBALS['hook_values']+array(
|
||||
'location' => 'changepassword'
|
||||
),False,True); // called for every app now, not only enabled ones)
|
||||
|
||||
return lang('Password updated');
|
||||
}
|
||||
|
||||
|
@ -398,14 +398,6 @@
|
||||
$auth = new auth();
|
||||
if ($auth->change_password('', $passwd, $_userData['account_id']))
|
||||
{
|
||||
$GLOBALS['hook_values']['account_id'] = $_userData['account_id'];
|
||||
$GLOBALS['hook_values']['old_passwd'] = '';
|
||||
$GLOBALS['hook_values']['new_passwd'] = $passwd;
|
||||
|
||||
$GLOBALS['egw']->hooks->process($GLOBALS['hook_values']+array(
|
||||
'location' => 'changepassword'
|
||||
),False,True); // called for every app now, not only enabled ones)
|
||||
|
||||
if ($_userData['account_lastpwd_change']==0 || // AD requires to activate account AFTER setting pw
|
||||
$new_account && $_userData['account_status'] == 'A' && $GLOBALS['egw']->accounts->require_password_for_enable())
|
||||
{
|
||||
|
@ -230,13 +230,28 @@ class auth
|
||||
{
|
||||
throw new egw_exception_wrong_userinput($err);
|
||||
}
|
||||
if (($ret = $this->backend->change_password($old_passwd, $new_passwd, $account_id)) &&
|
||||
($account_id == $GLOBALS['egw_info']['user']['account_id']))
|
||||
if (($ret = $this->backend->change_password($old_passwd, $new_passwd, $account_id)))
|
||||
{
|
||||
// need to change current users password in session
|
||||
egw_cache::setSession('phpgwapi', 'password', base64_encode($new_passwd));
|
||||
// invalidate EGroupware session, as password is stored in egw_info in session
|
||||
egw::invalidate_session_cache();
|
||||
if ($account_id == $GLOBALS['egw_info']['user']['account_id'])
|
||||
{
|
||||
// need to change current users password in session
|
||||
egw_cache::setSession('phpgwapi', 'password', base64_encode($new_passwd));
|
||||
$GLOBALS['egw_info']['user']['passwd'] = $new_passwd;
|
||||
$GLOBALS['egw_info']['user']['account_lastpwd_change'] = egw_time::to('now','ts');
|
||||
// invalidate EGroupware session, as password is stored in egw_info in session
|
||||
egw::invalidate_session_cache();
|
||||
}
|
||||
accounts::cache_invalidate($account_id);
|
||||
// run changepwasswd hook
|
||||
$GLOBALS['hook_values'] = array(
|
||||
'account_id' => $account_id,
|
||||
'account_lid' => accounts::id2name($account_id),
|
||||
'old_passwd' => $old_passwd,
|
||||
'new_passwd' => $new_passwd,
|
||||
);
|
||||
$GLOBALS['egw']->hooks->process($GLOBALS['hook_values']+array(
|
||||
'location' => 'changepassword'
|
||||
),False,True); // called for every app now, not only enabled ones)
|
||||
}
|
||||
return $ret;
|
||||
}
|
||||
|
@ -1,84 +0,0 @@
|
||||
<?php
|
||||
/**************************************************************************\
|
||||
* eGroupWare - preferences *
|
||||
* http://www.egroupware.org *
|
||||
* Written by Joseph Engo <jengo@phpgroupware.org> *
|
||||
* -------------------------------------------- *
|
||||
* This program is free software; you can redistribute it and/or modify it *
|
||||
* under the terms of the GNU General Public License as published by the *
|
||||
* Free Software Foundation; either version 2 of the License, or (at your *
|
||||
* option) any later version. *
|
||||
\**************************************************************************/
|
||||
|
||||
/* $Id$ */
|
||||
|
||||
class bopassword
|
||||
{
|
||||
var $public_functions = array(
|
||||
'changepass' => True
|
||||
);
|
||||
|
||||
var $xml_functions = array();
|
||||
var $xmlrpc_methods = array();
|
||||
var $soap_functions = array(
|
||||
'changepass' => array(
|
||||
'in' => array('string','string'),
|
||||
'out' => array('boolean')
|
||||
)
|
||||
);
|
||||
|
||||
var $debug = False;
|
||||
|
||||
function changepass($old,$new)
|
||||
{
|
||||
if (($ret = $GLOBALS['egw']->auth->change_password($old, $new, $GLOBALS['egw_info']['user']['account_id'])))
|
||||
{
|
||||
$GLOBALS['hook_values']['account_id'] = $GLOBALS['egw_info']['user']['account_id'];
|
||||
$GLOBALS['hook_values']['old_passwd'] = $old;
|
||||
$GLOBALS['hook_values']['new_passwd'] = $new;
|
||||
|
||||
$GLOBALS['egw']->hooks->process($GLOBALS['hook_values']+array(
|
||||
'location' => 'changepassword'
|
||||
),False,True); // called for every app now, not only enabled ones)
|
||||
}
|
||||
return $ret;
|
||||
}
|
||||
|
||||
function list_methods($_type='xmlrpc')
|
||||
{
|
||||
/*
|
||||
This handles introspection or discovery by the logged in client,
|
||||
in which case the input might be an array. The server always calls
|
||||
this function to fill the server dispatch map using a string.
|
||||
*/
|
||||
if(is_array($_type))
|
||||
{
|
||||
$_type = $_type['type'] ? $_type['type'] : $_type[0];
|
||||
}
|
||||
switch($_type)
|
||||
{
|
||||
case 'xmlrpc':
|
||||
$xml_functions = array(
|
||||
'changepass' => array(
|
||||
'function' => 'changepass',
|
||||
'signature' => array(array(xmlrpcBoolean,xmlrpcString,xmlrcpString)),
|
||||
'docstring' => lang('Change a user password by passing the old and new passwords. Returns TRUE on success, FALSE on failure.')
|
||||
),
|
||||
'list_methods' => array(
|
||||
'function' => 'list_methods',
|
||||
'signature' => array(array(xmlrpcStruct,xmlrpcString)),
|
||||
'docstring' => lang('Read this list of methods.')
|
||||
)
|
||||
);
|
||||
return $xml_functions;
|
||||
break;
|
||||
case 'soap':
|
||||
return $this->soap_functions;
|
||||
break;
|
||||
default:
|
||||
return array();
|
||||
break;
|
||||
}
|
||||
}
|
||||
}
|
||||
?>
|
@ -15,12 +15,6 @@ class uipassword
|
||||
'change' => True
|
||||
);
|
||||
|
||||
function uipassword()
|
||||
{
|
||||
$this->bo =& CreateObject('preferences.bopassword');
|
||||
|
||||
}
|
||||
|
||||
function change()
|
||||
{
|
||||
//_debug_array($GLOBALS['egw_info']['user']);
|
||||
@ -97,7 +91,8 @@ class uipassword
|
||||
if (!$errors)
|
||||
{
|
||||
try {
|
||||
$passwd_changed = $this->bo->changepass($o_passwd, $n_passwd);
|
||||
$passwd_changed = $GLOBALS['egw']->auth->change_password($o_passwd, $n_passwd,
|
||||
$GLOBALS['egw_info']['user']['account_id']);
|
||||
}
|
||||
catch (Exception $e) {
|
||||
$errors[] = $e->getMessage();
|
||||
@ -117,20 +112,6 @@ class uipassword
|
||||
}
|
||||
else
|
||||
{
|
||||
$GLOBALS['egw']->session->appsession('password','phpgwapi',base64_encode($n_passwd));
|
||||
$GLOBALS['egw_info']['user']['passwd'] = $n_passwd;
|
||||
$GLOBALS['egw_info']['user']['account_lastpwd_change'] = egw_time::to('now','ts');
|
||||
accounts::cache_invalidate($GLOBALS['egw_info']['user']['account_id']);
|
||||
egw::invalidate_session_cache();
|
||||
//_debug_array( $GLOBALS['egw_info']['user']);
|
||||
$GLOBALS['hook_values']['account_id'] = $GLOBALS['egw_info']['user']['account_id'];
|
||||
$GLOBALS['hook_values']['old_passwd'] = $o_passwd;
|
||||
$GLOBALS['hook_values']['new_passwd'] = $n_passwd;
|
||||
|
||||
// called for every app now, not only for the ones enabled for the user
|
||||
$GLOBALS['egw']->hooks->process($GLOBALS['hook_values']+array(
|
||||
'location' => 'changepassword',
|
||||
),False,True);
|
||||
if ($GLOBALS['egw_info']['user']['apps']['preferences'])
|
||||
{
|
||||
egw::redirect_link('/preferences/index.php','cd=18');
|
||||
|
Loading…
Reference in New Issue
Block a user