allow to change password without run rights for preferences via a new password app (part of preferences app, but separate to install)

phpgwapi/inc/class.egw_framework.inc.php

@@ -859,12 +859,20 @@ abstract class egw_framework
 		{
 			$this->_add_topmenu_item($apps['home']);
 		}
-
 		if($GLOBALS['egw_info']['user']['apps']['preferences'])
 		{
 			$this->_add_topmenu_item($apps['preferences']);
 		}
-
+		elseif(($pw_app = $GLOBALS['egw_info']['user']['apps']['password']) && 
+			!$GLOBALS['egw']->acl->check('nopasswordchange', 1))
+		{
+			$this->_add_topmenu_item(array(
+				'title' => $pw_app['title'],
+				'url'   => egw::link($pw_app['index']),
+				'icon'  => common::image($pw_app['icon'],$pw_app['icon_app']),
+			));
+		}
+		
 		if($GLOBALS['egw_info']['user']['apps']['manual'] && isset($apps['manual']))
 		{
 			$this->_add_topmenu_item($apps['manual']);

phpgwapi/templates/idots/class.idots_framework.inc.php

@@ -567,7 +567,7 @@ class idots_framework extends egw_framework
 		$_item['url'] = $app_data['url'];
 		$_item['urlextra'] = $app_data['target'];
 		$_item['label'] = ($alt_label?$alt_label:$app_data['title']);
-		$this->tplsav2->menuitems[$app_data['name']] = $_item;
+		$this->tplsav2->menuitems[] = $_item;
 		$this->tplsav2->icon_or_star = $GLOBALS['egw_info']['server']['webserver_url'] . '/phpgwapi/templates/'.$this->template.'/images'.'/orange-ball.png';
 	}
 

preferences/inc/class.uipassword.inc.php

@@ -1,124 +1,131 @@
 <?php
-	/**************************************************************************\
-	* eGroupWare - preferences                                                 *
-	* http://www.egroupware.org                                                *
-	* Written by Joseph Engo <jengo@phpgroupware.org>                          *
-	* --------------------------------------------                             *
-	*  This program is free software; you can redistribute it and/or modify it *
-	*  under the terms of the GNU General Public License as published by the   *
-	*  Free Software Foundation; either version 2 of the License, or (at your  *
-	*  option) any later version.                                              *
-	\**************************************************************************/
+/**
+ * EGroupware preferences
+ *
+ * @package preferences
+ * @link http://www.egroupware.org
+ * @author Joseph Engo <jengo@phpgroupware.org>
+ * @license http://opensource.org/licenses/gpl-license.php GPL - GNU General Public License
+ * @version $Id$
+ */
 
-	/* $Id$ */
+class uipassword
+{
+	var $public_functions = array(
+		'change' => True
+	);
 
-	class uipassword
+	function uipassword()
 	{
-		var $public_functions = array(
-			'change' => True
-		);
+		$this->bo =& CreateObject('preferences.bopassword');
 
-		function uipassword()
+	}
+
+	function change()
+	{
+		$n_passwd   = $_POST['n_passwd'];
+		$n_passwd_2 = $_POST['n_passwd_2'];
+		$o_passwd_2 = $_POST['o_passwd_2'];
+
+		if($GLOBALS['egw']->acl->check('nopasswordchange', 1) || $_POST['cancel'])
 		{
-			$this->bo =& CreateObject('preferences.bopassword');
-
-		}
-
-		function change()
-		{
-			$n_passwd   = $_POST['n_passwd'];
-			$n_passwd_2 = $_POST['n_passwd_2'];
-			$o_passwd_2 = $_POST['o_passwd_2'];
-
-			if($GLOBALS['egw']->acl->check('nopasswordchange', 1) || $_POST['cancel'])
+			if ($GLOBALS['egw_info']['user']['apps']['preferences'])
 			{
-				 $GLOBALS['egw']->redirect_link('/preferences/index.php');
-				$GLOBALS['egw']->common->egw_exit();
-			}
-
-			$GLOBALS['egw']->template->set_file(array(
-				'form' => 'changepassword.tpl'
-			));
-			$GLOBALS['egw']->template->set_var('lang_enter_password',lang('Enter your new password'));
-			$GLOBALS['egw']->template->set_var('lang_reenter_password',lang('Re-enter your password'));
-			$GLOBALS['egw']->template->set_var('lang_enter_old_password',lang('Enter your old password'));
-			$GLOBALS['egw']->template->set_var('lang_change',lang('Change'));
-			$GLOBALS['egw']->template->set_var('lang_cancel',lang('Cancel'));
-			$GLOBALS['egw']->template->set_var('form_action',$GLOBALS['egw']->link('/index.php','menuaction=preferences.uipassword.change'));
-
-			if($GLOBALS['egw_info']['server']['auth_type'] != 'ldap')
-			{
-				$GLOBALS['egw']->template->set_var('sql_message',lang('note: This feature does *not* change your email password. This will '
-					. 'need to be done manually.'));
-			}
-
-			if($_POST['change'])
-			{
-				$o_passwd = $GLOBALS['egw_info']['user']['passwd'];
-
-				if($o_passwd != $o_passwd_2)
-				{
-					$errors[] = lang('The old password is not correct');
-				}
-
-				if($n_passwd != $n_passwd_2)
-				{
-					$errors[] = lang('The two passwords are not the same');
-				}
-
-				if(!$n_passwd)
-				{
-					$errors[] = lang('You must enter a password');
-				}
-				if($GLOBALS['egw_info']['server']['check_save_passwd'] && $error_msg = $GLOBALS['egw']->auth->crackcheck($n_passwd))
-				{
-					$errors[] = $error_msg;
-				}
-
-				if(is_array($errors))
-				{
-					$GLOBALS['egw']->common->egw_header();
-					echo parse_navbar();
-					$GLOBALS['egw']->template->set_var('messages',$GLOBALS['egw']->common->error_list($errors));
-					$GLOBALS['egw']->template->pfp('out','form');
-					$GLOBALS['egw']->common->egw_exit(True);
-				}
-
-				$passwd_changed = $this->bo->changepass($o_passwd, $n_passwd);
-				if(!$passwd_changed)
-				{
-					$errors[] = lang('Failed to change password.  Please contact your administrator.');
-					$GLOBALS['egw']->common->egw_header();
-					echo parse_navbar();
-					$GLOBALS['egw']->template->set_var('messages',$GLOBALS['egw']->common->error_list($errors));
-					$GLOBALS['egw']->template->pfp('out','form');
-					$GLOBALS['egw']->common->egw_exit(True);
-				}
-				else
-				{
-					$GLOBALS['egw']->session->appsession('password','phpgwapi',base64_encode($n_passwd));
-					$GLOBALS['egw_info']['user']['passwd'] = $n_passwd;
-					$GLOBALS['hook_values']['account_id'] = $GLOBALS['egw_info']['user']['account_id'];
-					$GLOBALS['hook_values']['old_passwd'] = $o_passwd;
-					$GLOBALS['hook_values']['new_passwd'] = $n_passwd;
-
-					// called for every app now, not only for the ones enabled for the user
-					$GLOBALS['egw']->hooks->process($GLOBALS['hook_values']+array(
-						'location' => 'changepassword',
-					),False,True);
-					$GLOBALS['egw']->redirect_link('/preferences/index.php','cd=18');
-				}
+				egw::redirect_link('/preferences/index.php');
 			}
 			else
 			{
-				$GLOBALS['egw_info']['flags']['app_header'] = lang('Change your password');
-				$GLOBALS['egw']->common->egw_header();
-				echo parse_navbar();
-
-				$GLOBALS['egw']->template->set_var('messages',$_GET['message']);
-				$GLOBALS['egw']->template->pfp('out','form');
-				$GLOBALS['egw']->common->egw_footer();
+				egw::redirect_link('/index.php');	// redirect to start page
 			}
 		}
+
+		$GLOBALS['egw']->template->set_file(array(
+			'form' => 'changepassword.tpl'
+		));
+		$GLOBALS['egw']->template->set_var('lang_enter_password',lang('Enter your new password'));
+		$GLOBALS['egw']->template->set_var('lang_reenter_password',lang('Re-enter your password'));
+		$GLOBALS['egw']->template->set_var('lang_enter_old_password',lang('Enter your old password'));
+		$GLOBALS['egw']->template->set_var('lang_change',lang('Change'));
+		$GLOBALS['egw']->template->set_var('lang_cancel',lang('Cancel'));
+		$GLOBALS['egw']->template->set_var('form_action',
+			$GLOBALS['egw_info']['user']['apps']['preferences'] ?
+				egw::link('/index.php','menuaction=preferences.uipassword.change') :
+				egw::link('/preferences/password.php'));
+
+		if($GLOBALS['egw_info']['server']['auth_type'] != 'ldap')
+		{
+			$GLOBALS['egw']->template->set_var('sql_message',lang('note: This feature does *not* change your email password. This will '
+				. 'need to be done manually.'));
+		}
+
+		if($_POST['change'])
+		{
+			$o_passwd = $GLOBALS['egw_info']['user']['passwd'];
+
+			if($o_passwd != $o_passwd_2)
+			{
+				$errors[] = lang('The old password is not correct');
+			}
+
+			if($n_passwd != $n_passwd_2)
+			{
+				$errors[] = lang('The two passwords are not the same');
+			}
+
+			if(!$n_passwd)
+			{
+				$errors[] = lang('You must enter a password');
+			}
+			if($GLOBALS['egw_info']['server']['check_save_passwd'] && $error_msg = $GLOBALS['egw']->auth->crackcheck($n_passwd))
+			{
+				$errors[] = $error_msg;
+			}
+
+			if(is_array($errors))
+			{
+				common::egw_header();
+				echo parse_navbar();
+				$GLOBALS['egw']->template->set_var('messages',common::error_list($errors));
+				$GLOBALS['egw']->template->pfp('out','form');
+				common::egw_exit(True);
+			}
+
+			$passwd_changed = $this->bo->changepass($o_passwd, $n_passwd);
+			if(!$passwd_changed)
+			{
+				$errors[] = lang('Failed to change password.  Please contact your administrator.');
+				common::egw_header();
+				echo parse_navbar();
+				$GLOBALS['egw']->template->set_var('messages',common::error_list($errors));
+				$GLOBALS['egw']->template->pfp('out','form');
+				common::egw_exit(True);
+			}
+			else
+			{
+				$GLOBALS['egw']->session->appsession('password','phpgwapi',base64_encode($n_passwd));
+				$GLOBALS['egw_info']['user']['passwd'] = $n_passwd;
+				egw::invalidate_session_cache();
+				$GLOBALS['hook_values']['account_id'] = $GLOBALS['egw_info']['user']['account_id'];
+				$GLOBALS['hook_values']['old_passwd'] = $o_passwd;
+				$GLOBALS['hook_values']['new_passwd'] = $n_passwd;
+
+				// called for every app now, not only for the ones enabled for the user
+				$GLOBALS['egw']->hooks->process($GLOBALS['hook_values']+array(
+					'location' => 'changepassword',
+				),False,True);
+				if ($GLOBALS['egw_info']['user']['apps']['preferences'])
+				{
+					egw::redirect_link('/preferences/index.php','cd=18');
+				}
+				$_GET['message'] = lang('Password changed');
+			}
+		}
+		$GLOBALS['egw_info']['flags']['app_header'] = lang('Change your password');
+		common::egw_header();
+		echo parse_navbar();
+
+		$GLOBALS['egw']->template->set_var('messages','<span class="redItalic">'.htmlspecialchars($_GET['message']).'</span>');
+		$GLOBALS['egw']->template->pfp('out','form');
+		common::egw_footer();
 	}
-?>
+}

preferences/password.php

@@ -0,0 +1,24 @@
+<?php
+/**
+ * EGroupware preferences password change without preferences rights
+ *
+ * @package preferences
+ * @link http://www.egroupware.org
+ * @author Ralf Becker <rb@stylite.de>
+ * @license http://opensource.org/licenses/gpl-license.php GPL - GNU General Public License
+ * @version $Id$
+ */
+
+$GLOBALS['egw_info'] = array(
+	'flags' => array(
+		'noheader'   => True,
+		'nonavbar'   => True,
+		'currentapp' => 'password',
+	)
+);
+include('../header.inc.php');
+
+$GLOBALS['egw']->template = new Template(common::get_tpl_dir('preferences'));
+
+ExecMethod('preferences.uipassword.change');
+common::egw_footer();

preferences/setup/setup.inc.php

@@ -29,3 +29,18 @@ $setup_info['preferences']['depends'][] = array(
 	'appname' => 'phpgwapi',
 	'versions' => Array('1.2','1.3','1.4','1.5','1.6','1.7')
 );
+
+/**
+ * Password change without preferences rights
+ */
+$setup_info['password']['name']      = 'password';
+$setup_info['password']['title']     = 'Password';
+$setup_info['password']['version']   = $setup_info['preferences']['version'];
+$setup_info['password']['app_order'] = 1;
+$setup_info['password']['tables']    = array();
+$setup_info['password']['enable']    = 2;
+$setup_info['password']['index']     = '/preferences/password.php';
+$setup_info['password']['author']    = $setup_info['preferences']['author']; 
+$setup_info['password']['maintainer']= $setup_info['preferences']['maintainer'];
+$setup_info['password']['license']   = $setup_info['preferences']['license'];
+$setup_info['password']['depends']   = $setup_info['preferences']['depends'];