holm/egroupware
1
1
Fork 0
forked from extern/egroupware
Code Issues Pull Requests Packages Projects Releases Wiki Activity

AD requires to activate account AFTER setting pw

Browse Source
This commit is contained in:
Ralf Becker 2013-07-16 14:58:38 +00:00
parent 94926467d2
commit d63ee993b3
1 changed files with 16 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
admin/inc/class.boaccounts.inc.php
View File

@ -381,16 +381,16 @@
// do NOT save password via accounts::save, as pw policy violation can happen and we cant/dont report that way // do NOT save password via accounts::save, as pw policy violation can happen and we cant/dont report that way
$passwd = $_userData['account_passwd']; $passwd = $_userData['account_passwd'];
$new_account = !$_userData['account_id'];
unset($_userData['account_passwd']); unset($_userData['account_passwd']);
unset($_userData['account_passwd_2']); unset($_userData['account_passwd_2']);
if (!$GLOBALS['egw']->accounts->save($_userData))
if ($new_account && !$GLOBALS['egw']->accounts->save($_userData))
{ {
$errors[] = lang('Failed to save user!'); $errors[] = lang('Failed to save user!');
return $errors; return $errors;
} }
$GLOBALS['egw']->accounts->set_memberships($_userData['account_groups'],$_userData['account_id']);
if ($passwd) if ($passwd)
{ {
try { try {
@ -404,23 +404,32 @@
$GLOBALS['egw']->hooks->process($GLOBALS['hook_values']+array( $GLOBALS['egw']->hooks->process($GLOBALS['hook_values']+array(
'location' => 'changepassword' 'location' => 'changepassword'
),False,True); // called for every app now, not only enabled ones) ),False,True); // called for every app now, not only enabled ones)
if ($_userData['account_lastpwd_change']==0)
if ($_userData['account_lastpwd_change']==0 || // AD requires to activate account AFTER setting pw
$new_account && $_userData['account_status'] == 'A' && $GLOBALS['egw']->accounts->require_password_for_enable())
{ {
// change password sets the shadow_timestamp/account_lastpwd_change timestamp // change password sets the shadow_timestamp/account_lastpwd_change timestamp
// so we need to reset that to 0 as Admin required the change of password upon next login // so we need to reset that to 0 as Admin required the change of password upon next login
unset($_userData['account_passwd']); $GLOBALS['egw']->accounts->save($_userData);
$this->save_user($_userData);
} }
} }
else else
{ {
$errors[] = lang('Failed to change password. Please contact your administrator.'); $errors[] = lang('Failed to change password.');
} }
} }
catch(Exception $e) { catch(Exception $e) {
$errors[] = $e->getMessage(); $errors[] = $e->getMessage();
} }
} }
$GLOBALS['egw']->accounts->set_memberships($_userData['account_groups'],$_userData['account_id']);
if (!$new_account && !$GLOBALS['egw']->accounts->save($_userData))
{
$errors[] = lang('Failed to save user!');
return $errors;
}
if ($_userData['account_lastpwd_change']==0) if ($_userData['account_lastpwd_change']==0)
{ {
if (!isset($auth)) $auth =& CreateObject('phpgwapi.auth'); if (!isset($auth)) $auth =& CreateObject('phpgwapi.auth');