No password reset for disabled users
Signed-off-by: Joas Schilling <coding@schilljs.com>
This commit is contained in:
Joas Schilling
parent
231cffffb9
commit
d5c6d56170
|
|
@ -167,7 +167,7 @@ class LostController extends Controller {
|
|||
*/
|
||||
protected function checkPasswordResetToken($token, $userId) {
|
||||
$user = $this->userManager->get($userId);
|
||||
if($user === null) {
|
||||
if($user === null || !$user->isEnabled()) {
|
||||
throw new \Exception($this->l10n->t('Couldn\'t reset password because the token is invalid'));
|
||||
}
|
||||
|
||||
|
|
@ -340,16 +340,25 @@ class LostController extends Controller {
|
|||
/**
|
||||
* @param string $input
|
||||
* @return IUser
|
||||
* @throws \Exception
|
||||
* @throws \InvalidArgumentException
|
||||
*/
|
||||
protected function findUserByIdOrMail($input) {
|
||||
$user = $this->userManager->get($input);
|
||||
if ($user instanceof IUser) {
|
||||
if (!$user->isEnabled()) {
|
||||
throw new \InvalidArgumentException($this->l10n->t('Couldn\'t send reset email. Please make sure your username is correct.'));
|
||||
}
|
||||
|
||||
return $user;
|
||||
}
|
||||
$users = $this->userManager->getByEmail($input);
|
||||
if (count($users) === 1) {
|
||||
return $users[0];
|
||||
$user = $users[0];
|
||||
if (!$user->isEnabled()) {
|
||||
throw new \InvalidArgumentException($this->l10n->t('Couldn\'t send reset email. Please make sure your username is correct.'));
|
||||
}
|
||||
|
||||
return $user;
|
||||
}
|
||||
|
||||
throw new \InvalidArgumentException($this->l10n->t('Couldn\'t send reset email. Please make sure your username is correct.'));
|
||||
|
|
|
|||
|
|
@ -84,6 +84,9 @@ class LostControllerTest extends \Test\TestCase {
|
|||
$this->existingUser->expects($this->any())
|
||||
->method('getUID')
|
||||
->willReturn('ExistingUser');
|
||||
$this->existingUser->expects($this->any())
|
||||
->method('isEnabled')
|
||||
->willReturn(true);
|
||||
|
||||
$this->config = $this->createMock(IConfig::class);
|
||||
$this->config->expects($this->any())
|
||||
|
|
@ -684,8 +687,34 @@ class LostControllerTest extends \Test\TestCase {
|
|||
$this->assertSame($expectedResponse, $response);
|
||||
}
|
||||
|
||||
public function testSetPasswordForDisabledUser() {
|
||||
$user = $this->createMock(IUser::class);
|
||||
$user->expects($this->any())
|
||||
->method('isEnabled')
|
||||
->willReturn(false);
|
||||
$user->expects($this->never())
|
||||
->method('setPassword');
|
||||
|
||||
$this->config->method('getUserValue')
|
||||
->with('ValidTokenUser', 'core', 'lostpassword', null)
|
||||
->willReturn('encryptedData');
|
||||
$this->userManager->method('get')
|
||||
->with('DisabledUser')
|
||||
->willReturn($this->existingUser);
|
||||
|
||||
$response = $this->lostController->setPassword('TheOnlyAndOnlyOneTokenToResetThePassword', 'DisabledUser', 'NewPassword', true);
|
||||
$expectedResponse = [
|
||||
'status' => 'error',
|
||||
'msg' => 'Couldn\'t reset password because the token is invalid'
|
||||
];
|
||||
$this->assertSame($expectedResponse, $response);
|
||||
}
|
||||
|
||||
public function testSendEmailNoEmail() {
|
||||
$user = $this->createMock(IUser::class);
|
||||
$user->expects($this->any())
|
||||
->method('isEnabled')
|
||||
->willReturn(true);
|
||||
$this->userManager->method('userExists')
|
||||
->with('ExistingUser')
|
||||
->willReturn(true);
|
||||
|
|
|
|||
Loading…
Reference in New Issue