prefs layout fixes:
1. prevent layout breakage when using an authenticator which doesn't allow changing passwords 2. show explanatory messages when OTP or password changing is not available 3. allow app (API) passwords when using any auth module
This commit is contained in:
parent
06b9d39662
commit
5b6d9cee29
|
@ -327,7 +327,6 @@ class Pref_Prefs extends Handler_Protected {
|
||||||
print "</form>";
|
print "</form>";
|
||||||
|
|
||||||
print "</div>"; # content pane
|
print "</div>"; # content pane
|
||||||
print "<div dojoType='dijit.layout.ContentPane' title=\"".__('Password')."\">";
|
|
||||||
|
|
||||||
if ($_SESSION["auth_module"]) {
|
if ($_SESSION["auth_module"]) {
|
||||||
$authenticator = PluginHost::getInstance()->get_plugin($_SESSION["auth_module"]);
|
$authenticator = PluginHost::getInstance()->get_plugin($_SESSION["auth_module"]);
|
||||||
|
@ -335,6 +334,8 @@ class Pref_Prefs extends Handler_Protected {
|
||||||
$authenticator = false;
|
$authenticator = false;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
print "<div dojoType='dijit.layout.ContentPane' title=\"" . __('Password') . "\">";
|
||||||
|
|
||||||
if ($authenticator && method_exists($authenticator, "change_password")) {
|
if ($authenticator && method_exists($authenticator, "change_password")) {
|
||||||
|
|
||||||
print "<div style='display : none' id='pwd_change_infobox'></div>";
|
print "<div style='display : none' id='pwd_change_infobox'></div>";
|
||||||
|
@ -375,17 +376,17 @@ class Pref_Prefs extends Handler_Protected {
|
||||||
}
|
}
|
||||||
|
|
||||||
print "<fieldset>";
|
print "<fieldset>";
|
||||||
print "<label>".__("Old password:")."</label>";
|
print "<label>" . __("Old password:") . "</label>";
|
||||||
print "<input dojoType='dijit.form.ValidationTextBox' type='password' required='1' name='old_password'>";
|
print "<input dojoType='dijit.form.ValidationTextBox' type='password' required='1' name='old_password'>";
|
||||||
print "</fieldset>";
|
print "</fieldset>";
|
||||||
|
|
||||||
print "<fieldset>";
|
print "<fieldset>";
|
||||||
print "<label>".__("New password:")."</label>";
|
print "<label>" . __("New password:") . "</label>";
|
||||||
print "<input dojoType='dijit.form.ValidationTextBox' type='password' required='1' name='new_password'>";
|
print "<input dojoType='dijit.form.ValidationTextBox' type='password' required='1' name='new_password'>";
|
||||||
print "</fieldset>";
|
print "</fieldset>";
|
||||||
|
|
||||||
print "<fieldset>";
|
print "<fieldset>";
|
||||||
print "<label>".__("Confirm password:")."</label>";
|
print "<label>" . __("Confirm password:") . "</label>";
|
||||||
print "<input dojoType='dijit.form.ValidationTextBox' type='password' required='1' name='confirm_password'>";
|
print "<input dojoType='dijit.form.ValidationTextBox' type='password' required='1' name='confirm_password'>";
|
||||||
print "</fieldset>";
|
print "</fieldset>";
|
||||||
|
|
||||||
|
@ -394,152 +395,156 @@ class Pref_Prefs extends Handler_Protected {
|
||||||
|
|
||||||
print "<hr/>";
|
print "<hr/>";
|
||||||
|
|
||||||
print "<button dojoType='dijit.form.Button' type='submit' class='alt-primary'>".
|
print "<button dojoType='dijit.form.Button' type='submit' class='alt-primary'>" .
|
||||||
__("Change password")."</button>";
|
__("Change password") . "</button>";
|
||||||
|
|
||||||
print "</form>";
|
print "</form>";
|
||||||
|
|
||||||
print "</div>"; # content pane
|
} else {
|
||||||
|
print_notice(T_sprintf("Authentication module used for this session (<b>%s</b>) does not provide an ability to set passwords.",
|
||||||
|
$_SESSION["auth_module"]));
|
||||||
|
}
|
||||||
|
|
||||||
if ($_SESSION["auth_module"] == "auth_internal") {
|
print "</div>"; # content pane
|
||||||
|
|
||||||
print "<div dojoType='dijit.layout.ContentPane' title=\"" . __('App passwords') . "\">";
|
print "<div dojoType='dijit.layout.ContentPane' title=\"" . __('App passwords') . "\">";
|
||||||
|
|
||||||
print_notice("You can create separate passwords for API clients. Using one is required if you enable OTP.");
|
print_notice("You can create separate passwords for API clients. Using one is required if you enable OTP.");
|
||||||
|
|
||||||
print "<div id='app_passwords_holder'>";
|
print "<div id='app_passwords_holder'>";
|
||||||
$this->appPasswordList();
|
$this->appPasswordList();
|
||||||
print "</div>";
|
print "</div>";
|
||||||
|
|
||||||
print "<hr>";
|
print "<hr>";
|
||||||
|
|
||||||
print "<button style='float : left' class='alt-primary' dojoType='dijit.form.Button'
|
print "<button style='float : left' class='alt-primary' dojoType='dijit.form.Button'
|
||||||
onclick=\"Helpers.AppPasswords.generate()\">" .
|
onclick=\"Helpers.AppPasswords.generate()\">" .
|
||||||
__('Generate new password') . "</button> ";
|
__('Generate new password') . "</button> ";
|
||||||
|
|
||||||
print "<button style='float : left' class='alt-danger' dojoType='dijit.form.Button'
|
print "<button style='float : left' class='alt-danger' dojoType='dijit.form.Button'
|
||||||
onclick=\"Helpers.AppPasswords.removeSelected()\">" .
|
onclick=\"Helpers.AppPasswords.removeSelected()\">" .
|
||||||
__('Remove selected passwords') . "</button>";
|
__('Remove selected passwords') . "</button>";
|
||||||
|
|
||||||
print "</div>"; # content pane
|
print "</div>"; # content pane
|
||||||
}
|
|
||||||
|
|
||||||
print "<div dojoType='dijit.layout.ContentPane' title=\"".__('One time passwords / Authenticator')."\">";
|
print "<div dojoType='dijit.layout.ContentPane' title=\"".__('One time passwords / Authenticator')."\">";
|
||||||
|
|
||||||
if ($_SESSION["auth_module"] == "auth_internal") {
|
if ($_SESSION["auth_module"] == "auth_internal") {
|
||||||
|
|
||||||
if ($otp_enabled) {
|
if ($otp_enabled) {
|
||||||
|
|
||||||
print_warning("One time passwords are currently enabled. Enter your current password below to disable.");
|
print_warning("One time passwords are currently enabled. Enter your current password below to disable.");
|
||||||
|
|
||||||
print "<form dojoType='dijit.form.Form'>";
|
print "<form dojoType='dijit.form.Form'>";
|
||||||
|
|
||||||
print "<script type='dojo/method' event='onSubmit' args='evt'>
|
print "<script type='dojo/method' event='onSubmit' args='evt'>
|
||||||
evt.preventDefault();
|
evt.preventDefault();
|
||||||
if (this.validate()) {
|
if (this.validate()) {
|
||||||
Notify.progress('Disabling OTP', true);
|
Notify.progress('Disabling OTP', true);
|
||||||
|
|
||||||
new Ajax.Request('backend.php', {
|
new Ajax.Request('backend.php', {
|
||||||
parameters: dojo.objectToQuery(this.getValues()),
|
parameters: dojo.objectToQuery(this.getValues()),
|
||||||
onComplete: function(transport) {
|
onComplete: function(transport) {
|
||||||
Notify.close();
|
Notify.close();
|
||||||
if (transport.responseText.indexOf('ERROR: ') == 0) {
|
if (transport.responseText.indexOf('ERROR: ') == 0) {
|
||||||
Notify.error(transport.responseText.replace('ERROR: ', ''));
|
Notify.error(transport.responseText.replace('ERROR: ', ''));
|
||||||
} else {
|
} else {
|
||||||
window.location.reload();
|
window.location.reload();
|
||||||
}
|
}
|
||||||
}});
|
}});
|
||||||
this.reset();
|
this.reset();
|
||||||
}
|
}
|
||||||
</script>";
|
</script>";
|
||||||
|
|
||||||
print "<fieldset>";
|
print "<fieldset>";
|
||||||
print "<label>".__("Your password:")."</label>";
|
print "<label>".__("Your password:")."</label>";
|
||||||
print "<input dojoType='dijit.form.ValidationTextBox' type='password' required='1' name='password'>";
|
print "<input dojoType='dijit.form.ValidationTextBox' type='password' required='1' name='password'>";
|
||||||
print "</fieldset>";
|
print "</fieldset>";
|
||||||
|
|
||||||
print_hidden("op", "pref-prefs");
|
print_hidden("op", "pref-prefs");
|
||||||
print_hidden("method", "otpdisable");
|
print_hidden("method", "otpdisable");
|
||||||
|
|
||||||
print "<hr/>";
|
print "<hr/>";
|
||||||
|
|
||||||
print "<button dojoType='dijit.form.Button' type='submit'>".
|
print "<button dojoType='dijit.form.Button' type='submit'>".
|
||||||
__("Disable OTP")."</button>";
|
__("Disable OTP")."</button>";
|
||||||
|
|
||||||
print "</form>";
|
print "</form>";
|
||||||
|
|
||||||
|
} else {
|
||||||
|
|
||||||
|
print_warning("You will need a compatible Authenticator to use this. Changing your password would automatically disable OTP.");
|
||||||
|
print_notice("You will need to generate app passwords for the API clients if you enable OTP.");
|
||||||
|
|
||||||
|
if (function_exists("imagecreatefromstring")) {
|
||||||
|
print "<h3>" . __("Scan the following code by the Authenticator application or copy the key manually") . "</h3>";
|
||||||
|
|
||||||
|
$csrf_token = $_SESSION["csrf_token"];
|
||||||
|
print "<img alt='otp qr-code' src='backend.php?op=pref-prefs&method=otpqrcode&csrf_token=$csrf_token'>";
|
||||||
} else {
|
} else {
|
||||||
|
print_error("PHP GD functions are required to generate QR codes.");
|
||||||
|
print "<h3>" . __("Use the following OTP key with a compatible Authenticator application") . "</h3>";
|
||||||
|
}
|
||||||
|
|
||||||
print_warning("You will need a compatible Authenticator to use this. Changing your password would automatically disable OTP.");
|
print "<form dojoType='dijit.form.Form' id='changeOtpForm'>";
|
||||||
print_notice("You will need to generate app passwords for the API clients if you enable OTP.");
|
|
||||||
|
|
||||||
if (function_exists("imagecreatefromstring")) {
|
$otp_secret = $this->otpsecret();
|
||||||
print "<h3>" . __("Scan the following code by the Authenticator application or copy the key manually") . "</h3>";
|
|
||||||
|
|
||||||
$csrf_token = $_SESSION["csrf_token"];
|
print "<fieldset>";
|
||||||
print "<img alt='otp qr-code' src='backend.php?op=pref-prefs&method=otpqrcode&csrf_token=$csrf_token'>";
|
print "<label>".__("OTP Key:")."</label>";
|
||||||
} else {
|
print "<input dojoType='dijit.form.ValidationTextBox' disabled='disabled' value='$otp_secret' size='32'>";
|
||||||
print_error("PHP GD functions are required to generate QR codes.");
|
print "</fieldset>";
|
||||||
print "<h3>" . __("Use the following OTP key with a compatible Authenticator application") . "</h3>";
|
|
||||||
}
|
|
||||||
|
|
||||||
print "<form dojoType='dijit.form.Form' id='changeOtpForm'>";
|
print_hidden("op", "pref-prefs");
|
||||||
|
print_hidden("method", "otpenable");
|
||||||
|
|
||||||
$otp_secret = $this->otpsecret();
|
print "<script type='dojo/method' event='onSubmit' args='evt'>
|
||||||
|
evt.preventDefault();
|
||||||
|
if (this.validate()) {
|
||||||
|
Notify.progress('Saving data...', true);
|
||||||
|
|
||||||
print "<fieldset>";
|
new Ajax.Request('backend.php', {
|
||||||
print "<label>".__("OTP Key:")."</label>";
|
parameters: dojo.objectToQuery(this.getValues()),
|
||||||
print "<input dojoType='dijit.form.ValidationTextBox' disabled='disabled' value='$otp_secret' size='32'>";
|
onComplete: function(transport) {
|
||||||
print "</fieldset>";
|
Notify.close();
|
||||||
|
if (transport.responseText.indexOf('ERROR:') == 0) {
|
||||||
print_hidden("op", "pref-prefs");
|
Notify.error(transport.responseText.replace('ERROR:', ''));
|
||||||
print_hidden("method", "otpenable");
|
} else {
|
||||||
|
window.location.reload();
|
||||||
print "<script type='dojo/method' event='onSubmit' args='evt'>
|
}
|
||||||
evt.preventDefault();
|
} });
|
||||||
if (this.validate()) {
|
|
||||||
Notify.progress('Saving data...', true);
|
|
||||||
|
|
||||||
new Ajax.Request('backend.php', {
|
|
||||||
parameters: dojo.objectToQuery(this.getValues()),
|
|
||||||
onComplete: function(transport) {
|
|
||||||
Notify.close();
|
|
||||||
if (transport.responseText.indexOf('ERROR:') == 0) {
|
|
||||||
Notify.error(transport.responseText.replace('ERROR:', ''));
|
|
||||||
} else {
|
|
||||||
window.location.reload();
|
|
||||||
}
|
|
||||||
} });
|
|
||||||
|
|
||||||
}
|
|
||||||
</script>";
|
|
||||||
|
|
||||||
print "<fieldset>";
|
|
||||||
print "<label>".__("Your password:")."</label>";
|
|
||||||
print "<input dojoType='dijit.form.ValidationTextBox' type='password' required='1'
|
|
||||||
name='password'>";
|
|
||||||
print "</fieldset>";
|
|
||||||
|
|
||||||
print "<fieldset>";
|
|
||||||
print "<label>".__("One time password:")."</label>";
|
|
||||||
print "<input dojoType='dijit.form.ValidationTextBox' autocomplete='off'
|
|
||||||
required='1' name='otp'>";
|
|
||||||
print "</fieldset>";
|
|
||||||
|
|
||||||
print "<hr/>";
|
|
||||||
print "<button dojoType='dijit.form.Button' type='submit' class='alt-primary'>".
|
|
||||||
__("Enable OTP")."</button>";
|
|
||||||
|
|
||||||
print "</form>";
|
|
||||||
|
|
||||||
}
|
}
|
||||||
|
</script>";
|
||||||
|
|
||||||
|
print "<fieldset>";
|
||||||
|
print "<label>".__("Your password:")."</label>";
|
||||||
|
print "<input dojoType='dijit.form.ValidationTextBox' type='password' required='1'
|
||||||
|
name='password'>";
|
||||||
|
print "</fieldset>";
|
||||||
|
|
||||||
|
print "<fieldset>";
|
||||||
|
print "<label>".__("One time password:")."</label>";
|
||||||
|
print "<input dojoType='dijit.form.ValidationTextBox' autocomplete='off'
|
||||||
|
required='1' name='otp'>";
|
||||||
|
print "</fieldset>";
|
||||||
|
|
||||||
|
print "<hr/>";
|
||||||
|
print "<button dojoType='dijit.form.Button' type='submit' class='alt-primary'>".
|
||||||
|
__("Enable OTP")."</button>";
|
||||||
|
|
||||||
|
print "</form>";
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
print "</div>"; # content pane
|
} else {
|
||||||
print "</div>"; # tab container
|
print_notice("OTP is only available when using <b>auth_internal</b> authentication module.");
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
print "</div>"; # content pane
|
||||||
|
|
||||||
|
print "</div>"; # tab container
|
||||||
|
|
||||||
PluginHost::getInstance()->run_hooks(PluginHost::HOOK_PREFS_TAB_SECTION,
|
PluginHost::getInstance()->run_hooks(PluginHost::HOOK_PREFS_TAB_SECTION,
|
||||||
"hook_prefs_tab_section", "prefPrefsAuth");
|
"hook_prefs_tab_section", "prefPrefsAuth");
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue