Require password confirmation to change the Quota
Signed-off-by: Joas Schilling <coding@schilljs.com>
This commit is contained in:
parent
05df523395
commit
a53c313878
|
@ -32,6 +32,13 @@
|
|||
OC_JSON::checkSubAdminUser();
|
||||
OCP\JSON::callCheck();
|
||||
|
||||
$lastConfirm = (int) \OC::$server->getSession()->get('last-password-confirm');
|
||||
if ($lastConfirm < (time() - 30 * 60 + 15)) { // allow 15 seconds delay
|
||||
$l = \OC::$server->getL10N('core');
|
||||
OC_JSON::error(array( 'data' => array( 'message' => $l->t('Password confirmation is required'))));
|
||||
exit();
|
||||
}
|
||||
|
||||
$username = isset($_POST["username"]) ? (string)$_POST["username"] : '';
|
||||
|
||||
$isUserAccessible = false;
|
||||
|
|
|
@ -553,14 +553,23 @@ var UserList = {
|
|||
* @param {Function} ready callback after save
|
||||
*/
|
||||
_updateQuota: function(uid, quota, ready) {
|
||||
if (OC.PasswordConfirmation.requiresPasswordConfirmation()) {
|
||||
OC.PasswordConfirmation.requirePasswordConfirmation(_.bind(this._updateQuota, this, uid, quota, ready));
|
||||
return;
|
||||
}
|
||||
|
||||
$.post(
|
||||
OC.filePath('settings', 'ajax', 'setquota.php'),
|
||||
{username: uid, quota: quota},
|
||||
function (result) {
|
||||
if (result.status === 'error') {
|
||||
OC.Notification.showTemporary(result.data.message);
|
||||
} else {
|
||||
if (ready) {
|
||||
ready(result.data.quota);
|
||||
}
|
||||
}
|
||||
}
|
||||
);
|
||||
},
|
||||
|
||||
|
|
Loading…
Reference in New Issue