From 5b6d9cee2957c1d41288d31aada1edb826db1916 Mon Sep 17 00:00:00 2001 From: Andrew Dolgov Date: Tue, 18 Feb 2020 11:51:04 +0300 Subject: [PATCH] prefs layout fixes: 1. prevent layout breakage when using an authenticator which doesn't allow changing passwords 2. show explanatory messages when OTP or password changing is not available 3. allow app (API) passwords when using any auth module --- classes/pref/prefs.php | 231 +++++++++++++++++++++-------------------- 1 file changed, 118 insertions(+), 113 deletions(-) diff --git a/classes/pref/prefs.php b/classes/pref/prefs.php index 4214ac6a8..ab52918a7 100644 --- a/classes/pref/prefs.php +++ b/classes/pref/prefs.php @@ -327,7 +327,6 @@ class Pref_Prefs extends Handler_Protected { print ""; print ""; # content pane - print "
"; if ($_SESSION["auth_module"]) { $authenticator = PluginHost::getInstance()->get_plugin($_SESSION["auth_module"]); @@ -335,6 +334,8 @@ class Pref_Prefs extends Handler_Protected { $authenticator = false; } + print "
"; + if ($authenticator && method_exists($authenticator, "change_password")) { print ""; @@ -375,17 +376,17 @@ class Pref_Prefs extends Handler_Protected { } print "
"; - print ""; + print ""; print ""; print "
"; print "
"; - print ""; + print ""; print ""; print "
"; print "
"; - print ""; + print ""; print ""; print "
"; @@ -394,152 +395,156 @@ class Pref_Prefs extends Handler_Protected { print "
"; - print ""; + print ""; print ""; - print "
"; # content pane + } else { + print_notice(T_sprintf("Authentication module used for this session (%s) does not provide an ability to set passwords.", + $_SESSION["auth_module"])); + } - if ($_SESSION["auth_module"] == "auth_internal") { + print "
"; # content pane - print "
"; + print "
"; - print_notice("You can create separate passwords for API clients. Using one is required if you enable OTP."); + print_notice("You can create separate passwords for API clients. Using one is required if you enable OTP."); - print "
"; - $this->appPasswordList(); - print "
"; + print "
"; + $this->appPasswordList(); + print "
"; - print "
"; + print "
"; - print " "; + print " "; - print ""; + print ""; - print "
"; # content pane - } + print "
"; # content pane - print "
"; + print "
"; - if ($_SESSION["auth_module"] == "auth_internal") { + if ($_SESSION["auth_module"] == "auth_internal") { - if ($otp_enabled) { + if ($otp_enabled) { - print_warning("One time passwords are currently enabled. Enter your current password below to disable."); + print_warning("One time passwords are currently enabled. Enter your current password below to disable."); - print "
"; + print ""; - print ""; + new Ajax.Request('backend.php', { + parameters: dojo.objectToQuery(this.getValues()), + onComplete: function(transport) { + Notify.close(); + if (transport.responseText.indexOf('ERROR: ') == 0) { + Notify.error(transport.responseText.replace('ERROR: ', '')); + } else { + window.location.reload(); + } + }}); + this.reset(); + } + "; - print "
"; - print ""; - print ""; - print "
"; + print "
"; + print ""; + print ""; + print "
"; - print_hidden("op", "pref-prefs"); - print_hidden("method", "otpdisable"); + print_hidden("op", "pref-prefs"); + print_hidden("method", "otpdisable"); - print "
"; + print "
"; - print ""; + print ""; - print "
"; + print ""; + } else { + + print_warning("You will need a compatible Authenticator to use this. Changing your password would automatically disable OTP."); + print_notice("You will need to generate app passwords for the API clients if you enable OTP."); + + if (function_exists("imagecreatefromstring")) { + print "

" . __("Scan the following code by the Authenticator application or copy the key manually") . "

"; + + $csrf_token = $_SESSION["csrf_token"]; + print "otp qr-code"; } else { + print_error("PHP GD functions are required to generate QR codes."); + print "

" . __("Use the following OTP key with a compatible Authenticator application") . "

"; + } - print_warning("You will need a compatible Authenticator to use this. Changing your password would automatically disable OTP."); - print_notice("You will need to generate app passwords for the API clients if you enable OTP."); + print "
"; - if (function_exists("imagecreatefromstring")) { - print "

" . __("Scan the following code by the Authenticator application or copy the key manually") . "

"; + $otp_secret = $this->otpsecret(); - $csrf_token = $_SESSION["csrf_token"]; - print "otp qr-code"; - } else { - print_error("PHP GD functions are required to generate QR codes."); - print "

" . __("Use the following OTP key with a compatible Authenticator application") . "

"; - } + print "
"; + print ""; + print ""; + print "
"; - print ""; + print_hidden("op", "pref-prefs"); + print_hidden("method", "otpenable"); - $otp_secret = $this->otpsecret(); + print ""; - - print "
"; - print ""; - print ""; - print "
"; - - print "
"; - print ""; - print ""; - print "
"; - - print "
"; - print ""; - - print "
"; + new Ajax.Request('backend.php', { + parameters: dojo.objectToQuery(this.getValues()), + onComplete: function(transport) { + Notify.close(); + if (transport.responseText.indexOf('ERROR:') == 0) { + Notify.error(transport.responseText.replace('ERROR:', '')); + } else { + window.location.reload(); + } + } }); } + "; + + print "
"; + print ""; + print ""; + print "
"; + + print "
"; + print ""; + print ""; + print "
"; + + print "
"; + print ""; + + print ""; + } - print "
"; # content pane - print "
"; # tab container - + } else { + print_notice("OTP is only available when using auth_internal authentication module."); } + print ""; # content pane + + print ""; # tab container + PluginHost::getInstance()->run_hooks(PluginHost::HOOK_PREFS_TAB_SECTION, "hook_prefs_tab_section", "prefPrefsAuth");