Merge pull request #4809 from nextcloud/downstream-27676
Disable reset password link
This commit is contained in:
commit
4f752ed1fc
|
@ -253,6 +253,7 @@ $CONFIG = array(
|
|||
* read-only user backend like LDAP), you can specify a custom link, where the
|
||||
* user is redirected to, when clicking the "reset password" link after a failed
|
||||
* login-attempt.
|
||||
* In case you do not want to provide any link, replace the url with 'disabled'
|
||||
*/
|
||||
'lost_password_link' => 'https://example.org/link/to/password/reset',
|
||||
|
||||
|
|
|
@ -159,6 +159,8 @@ class LoginController extends Controller {
|
|||
$parameters['canResetPassword'] = $userObj->canChangePassword();
|
||||
}
|
||||
}
|
||||
} elseif ($parameters['resetPasswordLink'] === 'disabled') {
|
||||
$parameters['canResetPassword'] = false;
|
||||
}
|
||||
|
||||
$parameters['alt_login'] = OC_App::getAlternativeLogIns();
|
||||
|
|
|
@ -131,6 +131,14 @@ class LostController extends Controller {
|
|||
* @return TemplateResponse
|
||||
*/
|
||||
public function resetform($token, $userId) {
|
||||
if ($this->config->getSystemValue('lost_password_link', '') !== '') {
|
||||
return new TemplateResponse('core', 'error', [
|
||||
'errors' => [['error' => $this->l10n->t('Password reset is disabled')]]
|
||||
],
|
||||
'guest'
|
||||
);
|
||||
}
|
||||
|
||||
try {
|
||||
$this->checkPasswordResetToken($token, $userId);
|
||||
} catch (\Exception $e) {
|
||||
|
@ -211,6 +219,10 @@ class LostController extends Controller {
|
|||
* @return JSONResponse
|
||||
*/
|
||||
public function email($user){
|
||||
if ($this->config->getSystemValue('lost_password_link', '') !== '') {
|
||||
return new JSONResponse($this->error($this->l10n->t('Password reset is disabled')));
|
||||
}
|
||||
|
||||
// FIXME: use HTTP error codes
|
||||
try {
|
||||
$this->sendEmail($user);
|
||||
|
@ -234,6 +246,10 @@ class LostController extends Controller {
|
|||
* @return array
|
||||
*/
|
||||
public function setPassword($token, $userId, $password, $proceed) {
|
||||
if ($this->config->getSystemValue('lost_password_link', '') !== '') {
|
||||
return $this->error($this->l10n->t('Password reset is disabled'));
|
||||
}
|
||||
|
||||
if ($this->encryptionManager->isEnabled() && !$proceed) {
|
||||
return $this->error('', array('encryption' => true));
|
||||
}
|
||||
|
|
|
@ -22,7 +22,9 @@ OC.Lostpassword = {
|
|||
if (!$('#user').val().length){
|
||||
$('#submit').trigger('click');
|
||||
} else {
|
||||
if (OC.config.lost_password_link) {
|
||||
if (OC.config.lost_password_link === 'disabled') {
|
||||
return;
|
||||
} else if (OC.config.lost_password_link) {
|
||||
window.location = OC.config.lost_password_link;
|
||||
} else {
|
||||
$.post(
|
||||
|
|
|
@ -86,9 +86,13 @@ class LostControllerTest extends \Test\TestCase {
|
|||
->willReturn('ExistingUser');
|
||||
|
||||
$this->config = $this->createMock(IConfig::class);
|
||||
$this->config->method('getSystemValue')
|
||||
->with('secret', null)
|
||||
->willReturn('SECRET');
|
||||
$this->config->expects($this->any())
|
||||
->method('getSystemValue')
|
||||
->willReturnMap([
|
||||
['secret', null, 'SECRET'],
|
||||
['secret', '', 'SECRET'],
|
||||
['lost_password_link', '', ''],
|
||||
]);
|
||||
$this->l10n = $this->createMock(IL10N::class);
|
||||
$this->l10n
|
||||
->expects($this->any())
|
||||
|
@ -347,10 +351,6 @@ class LostControllerTest extends \Test\TestCase {
|
|||
->method('send')
|
||||
->with($message);
|
||||
|
||||
$this->config->method('getSystemValue')
|
||||
->with('secret', '')
|
||||
->willReturn('SECRET');
|
||||
|
||||
$this->crypto->method('encrypt')
|
||||
->with(
|
||||
$this->equalTo('12348:ThisIsMaybeANotSoSecretToken!'),
|
||||
|
@ -434,10 +434,6 @@ class LostControllerTest extends \Test\TestCase {
|
|||
->method('send')
|
||||
->with($message);
|
||||
|
||||
$this->config->method('getSystemValue')
|
||||
->with('secret', '')
|
||||
->willReturn('SECRET');
|
||||
|
||||
$this->crypto->method('encrypt')
|
||||
->with(
|
||||
$this->equalTo('12348:ThisIsMaybeANotSoSecretToken!'),
|
||||
|
@ -516,10 +512,6 @@ class LostControllerTest extends \Test\TestCase {
|
|||
->with($message)
|
||||
->will($this->throwException(new \Exception()));
|
||||
|
||||
$this->config->method('getSystemValue')
|
||||
->with('secret', '')
|
||||
->willReturn('SECRET');
|
||||
|
||||
$this->crypto->method('encrypt')
|
||||
->with(
|
||||
$this->equalTo('12348:ThisIsMaybeANotSoSecretToken!'),
|
||||
|
|
Loading…
Reference in New Issue