mbk-lab
/
nextcloud
2
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Merge pull request #4809 from nextcloud/downstream-27676 

Disable reset password link
This commit is contained in:
Lukas Reschke 2017-05-12 12:39:07 +02:00 committed by GitHub
parent 48a9a4bd81 0828df5ed4
commit 4f752ed1fc
5 changed files with 29 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
config/config.sample.php
View File

@ -253,6 +253,7 @@ $CONFIG = array(
* read-only user backend like LDAP), you can specify a custom link, where the * read-only user backend like LDAP), you can specify a custom link, where the
* user is redirected to, when clicking the "reset password" link after a failed * user is redirected to, when clicking the "reset password" link after a failed
* login-attempt. * login-attempt.
* In case you do not want to provide any link, replace the url with 'disabled'
*/ */
'lost_password_link' => 'https://example.org/link/to/password/reset', 'lost_password_link' => 'https://example.org/link/to/password/reset',

2
core/Controller/LoginController.php
View File

@ -159,6 +159,8 @@ class LoginController extends Controller {
$parameters['canResetPassword'] = $userObj->canChangePassword(); $parameters['canResetPassword'] = $userObj->canChangePassword();
} }
} }
} elseif ($parameters['resetPasswordLink'] === 'disabled') {
$parameters['canResetPassword'] = false;
} }
$parameters['alt_login'] = OC_App::getAlternativeLogIns(); $parameters['alt_login'] = OC_App::getAlternativeLogIns();

16
core/Controller/LostController.php
View File

@ -131,6 +131,14 @@ class LostController extends Controller {
* @return TemplateResponse * @return TemplateResponse
*/ */
public function resetform($token, $userId) { public function resetform($token, $userId) {
if ($this->config->getSystemValue('lost_password_link', '') !== '') {
return new TemplateResponse('core', 'error', [
'errors' => [['error' => $this->l10n->t('Password reset is disabled')]]
],
'guest'
);
}
try { try {
$this->checkPasswordResetToken($token, $userId); $this->checkPasswordResetToken($token, $userId);
} catch (\Exception $e) { } catch (\Exception $e) {
@ -211,6 +219,10 @@ class LostController extends Controller {
* @return JSONResponse * @return JSONResponse
*/ */
public function email($user){ public function email($user){
if ($this->config->getSystemValue('lost_password_link', '') !== '') {
return new JSONResponse($this->error($this->l10n->t('Password reset is disabled')));
}
// FIXME: use HTTP error codes // FIXME: use HTTP error codes
try { try {
$this->sendEmail($user); $this->sendEmail($user);
@ -234,6 +246,10 @@ class LostController extends Controller {
* @return array * @return array
*/ */
public function setPassword($token, $userId, $password, $proceed) { public function setPassword($token, $userId, $password, $proceed) {
if ($this->config->getSystemValue('lost_password_link', '') !== '') {
return $this->error($this->l10n->t('Password reset is disabled'));
}
if ($this->encryptionManager->isEnabled() && !$proceed) { if ($this->encryptionManager->isEnabled() && !$proceed) {
return $this->error('', array('encryption' => true)); return $this->error('', array('encryption' => true));
} }

4
core/js/lostpassword.js
View File

@ -22,7 +22,9 @@ OC.Lostpassword = {
if (!$('#user').val().length){ if (!$('#user').val().length){
$('#submit').trigger('click'); $('#submit').trigger('click');
} else { } else {
if (OC.config.lost_password_link) { if (OC.config.lost_password_link === 'disabled') {
return;
} else if (OC.config.lost_password_link) {
window.location = OC.config.lost_password_link; window.location = OC.config.lost_password_link;
} else { } else {
$.post( $.post(

22
tests/Core/Controller/LostControllerTest.php
View File

@ -86,9 +86,13 @@ class LostControllerTest extends \Test\TestCase {
->willReturn('ExistingUser'); ->willReturn('ExistingUser');
$this->config = $this->createMock(IConfig::class); $this->config = $this->createMock(IConfig::class);
$this->config->method('getSystemValue') $this->config->expects($this->any())
->with('secret', null) ->method('getSystemValue')
->willReturn('SECRET'); ->willReturnMap([
['secret', null, 'SECRET'],
['secret', '', 'SECRET'],
['lost_password_link', '', ''],
]);
$this->l10n = $this->createMock(IL10N::class); $this->l10n = $this->createMock(IL10N::class);
$this->l10n $this->l10n
->expects($this->any()) ->expects($this->any())
@ -347,10 +351,6 @@ class LostControllerTest extends \Test\TestCase {
->method('send') ->method('send')
->with($message); ->with($message);
$this->config->method('getSystemValue')
->with('secret', '')
->willReturn('SECRET');
$this->crypto->method('encrypt') $this->crypto->method('encrypt')
->with( ->with(
$this->equalTo('12348:ThisIsMaybeANotSoSecretToken!'), $this->equalTo('12348:ThisIsMaybeANotSoSecretToken!'),
@ -434,10 +434,6 @@ class LostControllerTest extends \Test\TestCase {
->method('send') ->method('send')
->with($message); ->with($message);
$this->config->method('getSystemValue')
->with('secret', '')
->willReturn('SECRET');
$this->crypto->method('encrypt') $this->crypto->method('encrypt')
->with( ->with(
$this->equalTo('12348:ThisIsMaybeANotSoSecretToken!'), $this->equalTo('12348:ThisIsMaybeANotSoSecretToken!'),
@ -516,10 +512,6 @@ class LostControllerTest extends \Test\TestCase {
->with($message) ->with($message)
->will($this->throwException(new \Exception())); ->will($this->throwException(new \Exception()));
$this->config->method('getSystemValue')
->with('secret', '')
->willReturn('SECRET');
$this->crypto->method('encrypt') $this->crypto->method('encrypt')
->with( ->with(
$this->equalTo('12348:ThisIsMaybeANotSoSecretToken!'), $this->equalTo('12348:ThisIsMaybeANotSoSecretToken!'),