prefs layout fixes:
1. prevent layout breakage when using an authenticator which doesn't allow changing passwords 2. show explanatory messages when OTP or password changing is not available 3. allow app (API) passwords when using any auth module
This commit is contained in:
parent
06b9d39662
commit
5b6d9cee29
|
@ -327,7 +327,6 @@ class Pref_Prefs extends Handler_Protected {
|
|||
print "</form>";
|
||||
|
||||
print "</div>"; # content pane
|
||||
print "<div dojoType='dijit.layout.ContentPane' title=\"".__('Password')."\">";
|
||||
|
||||
if ($_SESSION["auth_module"]) {
|
||||
$authenticator = PluginHost::getInstance()->get_plugin($_SESSION["auth_module"]);
|
||||
|
@ -335,6 +334,8 @@ class Pref_Prefs extends Handler_Protected {
|
|||
$authenticator = false;
|
||||
}
|
||||
|
||||
print "<div dojoType='dijit.layout.ContentPane' title=\"" . __('Password') . "\">";
|
||||
|
||||
if ($authenticator && method_exists($authenticator, "change_password")) {
|
||||
|
||||
print "<div style='display : none' id='pwd_change_infobox'></div>";
|
||||
|
@ -375,17 +376,17 @@ class Pref_Prefs extends Handler_Protected {
|
|||
}
|
||||
|
||||
print "<fieldset>";
|
||||
print "<label>".__("Old password:")."</label>";
|
||||
print "<label>" . __("Old password:") . "</label>";
|
||||
print "<input dojoType='dijit.form.ValidationTextBox' type='password' required='1' name='old_password'>";
|
||||
print "</fieldset>";
|
||||
|
||||
print "<fieldset>";
|
||||
print "<label>".__("New password:")."</label>";
|
||||
print "<label>" . __("New password:") . "</label>";
|
||||
print "<input dojoType='dijit.form.ValidationTextBox' type='password' required='1' name='new_password'>";
|
||||
print "</fieldset>";
|
||||
|
||||
print "<fieldset>";
|
||||
print "<label>".__("Confirm password:")."</label>";
|
||||
print "<label>" . __("Confirm password:") . "</label>";
|
||||
print "<input dojoType='dijit.form.ValidationTextBox' type='password' required='1' name='confirm_password'>";
|
||||
print "</fieldset>";
|
||||
|
||||
|
@ -394,152 +395,156 @@ class Pref_Prefs extends Handler_Protected {
|
|||
|
||||
print "<hr/>";
|
||||
|
||||
print "<button dojoType='dijit.form.Button' type='submit' class='alt-primary'>".
|
||||
__("Change password")."</button>";
|
||||
print "<button dojoType='dijit.form.Button' type='submit' class='alt-primary'>" .
|
||||
__("Change password") . "</button>";
|
||||
|
||||
print "</form>";
|
||||
|
||||
print "</div>"; # content pane
|
||||
} else {
|
||||
print_notice(T_sprintf("Authentication module used for this session (<b>%s</b>) does not provide an ability to set passwords.",
|
||||
$_SESSION["auth_module"]));
|
||||
}
|
||||
|
||||
if ($_SESSION["auth_module"] == "auth_internal") {
|
||||
print "</div>"; # content pane
|
||||
|
||||
print "<div dojoType='dijit.layout.ContentPane' title=\"" . __('App passwords') . "\">";
|
||||
print "<div dojoType='dijit.layout.ContentPane' title=\"" . __('App passwords') . "\">";
|
||||
|
||||
print_notice("You can create separate passwords for API clients. Using one is required if you enable OTP.");
|
||||
print_notice("You can create separate passwords for API clients. Using one is required if you enable OTP.");
|
||||
|
||||
print "<div id='app_passwords_holder'>";
|
||||
$this->appPasswordList();
|
||||
print "</div>";
|
||||
print "<div id='app_passwords_holder'>";
|
||||
$this->appPasswordList();
|
||||
print "</div>";
|
||||
|
||||
print "<hr>";
|
||||
print "<hr>";
|
||||
|
||||
print "<button style='float : left' class='alt-primary' dojoType='dijit.form.Button'
|
||||
onclick=\"Helpers.AppPasswords.generate()\">" .
|
||||
__('Generate new password') . "</button> ";
|
||||
print "<button style='float : left' class='alt-primary' dojoType='dijit.form.Button'
|
||||
onclick=\"Helpers.AppPasswords.generate()\">" .
|
||||
__('Generate new password') . "</button> ";
|
||||
|
||||
print "<button style='float : left' class='alt-danger' dojoType='dijit.form.Button'
|
||||
onclick=\"Helpers.AppPasswords.removeSelected()\">" .
|
||||
__('Remove selected passwords') . "</button>";
|
||||
print "<button style='float : left' class='alt-danger' dojoType='dijit.form.Button'
|
||||
onclick=\"Helpers.AppPasswords.removeSelected()\">" .
|
||||
__('Remove selected passwords') . "</button>";
|
||||
|
||||
print "</div>"; # content pane
|
||||
}
|
||||
print "</div>"; # content pane
|
||||
|
||||
print "<div dojoType='dijit.layout.ContentPane' title=\"".__('One time passwords / Authenticator')."\">";
|
||||
print "<div dojoType='dijit.layout.ContentPane' title=\"".__('One time passwords / Authenticator')."\">";
|
||||
|
||||
if ($_SESSION["auth_module"] == "auth_internal") {
|
||||
if ($_SESSION["auth_module"] == "auth_internal") {
|
||||
|
||||
if ($otp_enabled) {
|
||||
if ($otp_enabled) {
|
||||
|
||||
print_warning("One time passwords are currently enabled. Enter your current password below to disable.");
|
||||
print_warning("One time passwords are currently enabled. Enter your current password below to disable.");
|
||||
|
||||
print "<form dojoType='dijit.form.Form'>";
|
||||
print "<form dojoType='dijit.form.Form'>";
|
||||
|
||||
print "<script type='dojo/method' event='onSubmit' args='evt'>
|
||||
evt.preventDefault();
|
||||
if (this.validate()) {
|
||||
Notify.progress('Disabling OTP', true);
|
||||
print "<script type='dojo/method' event='onSubmit' args='evt'>
|
||||
evt.preventDefault();
|
||||
if (this.validate()) {
|
||||
Notify.progress('Disabling OTP', true);
|
||||
|
||||
new Ajax.Request('backend.php', {
|
||||
parameters: dojo.objectToQuery(this.getValues()),
|
||||
onComplete: function(transport) {
|
||||
Notify.close();
|
||||
if (transport.responseText.indexOf('ERROR: ') == 0) {
|
||||
Notify.error(transport.responseText.replace('ERROR: ', ''));
|
||||
} else {
|
||||
window.location.reload();
|
||||
}
|
||||
}});
|
||||
this.reset();
|
||||
}
|
||||
</script>";
|
||||
new Ajax.Request('backend.php', {
|
||||
parameters: dojo.objectToQuery(this.getValues()),
|
||||
onComplete: function(transport) {
|
||||
Notify.close();
|
||||
if (transport.responseText.indexOf('ERROR: ') == 0) {
|
||||
Notify.error(transport.responseText.replace('ERROR: ', ''));
|
||||
} else {
|
||||
window.location.reload();
|
||||
}
|
||||
}});
|
||||
this.reset();
|
||||
}
|
||||
</script>";
|
||||
|
||||
print "<fieldset>";
|
||||
print "<label>".__("Your password:")."</label>";
|
||||
print "<input dojoType='dijit.form.ValidationTextBox' type='password' required='1' name='password'>";
|
||||
print "</fieldset>";
|
||||
print "<fieldset>";
|
||||
print "<label>".__("Your password:")."</label>";
|
||||
print "<input dojoType='dijit.form.ValidationTextBox' type='password' required='1' name='password'>";
|
||||
print "</fieldset>";
|
||||
|
||||
print_hidden("op", "pref-prefs");
|
||||
print_hidden("method", "otpdisable");
|
||||
print_hidden("op", "pref-prefs");
|
||||
print_hidden("method", "otpdisable");
|
||||
|
||||
print "<hr/>";
|
||||
print "<hr/>";
|
||||
|
||||
print "<button dojoType='dijit.form.Button' type='submit'>".
|
||||
__("Disable OTP")."</button>";
|
||||
print "<button dojoType='dijit.form.Button' type='submit'>".
|
||||
__("Disable OTP")."</button>";
|
||||
|
||||
print "</form>";
|
||||
print "</form>";
|
||||
|
||||
} else {
|
||||
|
||||
print_warning("You will need a compatible Authenticator to use this. Changing your password would automatically disable OTP.");
|
||||
print_notice("You will need to generate app passwords for the API clients if you enable OTP.");
|
||||
|
||||
if (function_exists("imagecreatefromstring")) {
|
||||
print "<h3>" . __("Scan the following code by the Authenticator application or copy the key manually") . "</h3>";
|
||||
|
||||
$csrf_token = $_SESSION["csrf_token"];
|
||||
print "<img alt='otp qr-code' src='backend.php?op=pref-prefs&method=otpqrcode&csrf_token=$csrf_token'>";
|
||||
} else {
|
||||
print_error("PHP GD functions are required to generate QR codes.");
|
||||
print "<h3>" . __("Use the following OTP key with a compatible Authenticator application") . "</h3>";
|
||||
}
|
||||
|
||||
print_warning("You will need a compatible Authenticator to use this. Changing your password would automatically disable OTP.");
|
||||
print_notice("You will need to generate app passwords for the API clients if you enable OTP.");
|
||||
print "<form dojoType='dijit.form.Form' id='changeOtpForm'>";
|
||||
|
||||
if (function_exists("imagecreatefromstring")) {
|
||||
print "<h3>" . __("Scan the following code by the Authenticator application or copy the key manually") . "</h3>";
|
||||
$otp_secret = $this->otpsecret();
|
||||
|
||||
$csrf_token = $_SESSION["csrf_token"];
|
||||
print "<img alt='otp qr-code' src='backend.php?op=pref-prefs&method=otpqrcode&csrf_token=$csrf_token'>";
|
||||
} else {
|
||||
print_error("PHP GD functions are required to generate QR codes.");
|
||||
print "<h3>" . __("Use the following OTP key with a compatible Authenticator application") . "</h3>";
|
||||
}
|
||||
print "<fieldset>";
|
||||
print "<label>".__("OTP Key:")."</label>";
|
||||
print "<input dojoType='dijit.form.ValidationTextBox' disabled='disabled' value='$otp_secret' size='32'>";
|
||||
print "</fieldset>";
|
||||
|
||||
print "<form dojoType='dijit.form.Form' id='changeOtpForm'>";
|
||||
print_hidden("op", "pref-prefs");
|
||||
print_hidden("method", "otpenable");
|
||||
|
||||
$otp_secret = $this->otpsecret();
|
||||
print "<script type='dojo/method' event='onSubmit' args='evt'>
|
||||
evt.preventDefault();
|
||||
if (this.validate()) {
|
||||
Notify.progress('Saving data...', true);
|
||||
|
||||
print "<fieldset>";
|
||||
print "<label>".__("OTP Key:")."</label>";
|
||||
print "<input dojoType='dijit.form.ValidationTextBox' disabled='disabled' value='$otp_secret' size='32'>";
|
||||
print "</fieldset>";
|
||||
|
||||
print_hidden("op", "pref-prefs");
|
||||
print_hidden("method", "otpenable");
|
||||
|
||||
print "<script type='dojo/method' event='onSubmit' args='evt'>
|
||||
evt.preventDefault();
|
||||
if (this.validate()) {
|
||||
Notify.progress('Saving data...', true);
|
||||
|
||||
new Ajax.Request('backend.php', {
|
||||
parameters: dojo.objectToQuery(this.getValues()),
|
||||
onComplete: function(transport) {
|
||||
Notify.close();
|
||||
if (transport.responseText.indexOf('ERROR:') == 0) {
|
||||
Notify.error(transport.responseText.replace('ERROR:', ''));
|
||||
} else {
|
||||
window.location.reload();
|
||||
}
|
||||
} });
|
||||
|
||||
}
|
||||
</script>";
|
||||
|
||||
print "<fieldset>";
|
||||
print "<label>".__("Your password:")."</label>";
|
||||
print "<input dojoType='dijit.form.ValidationTextBox' type='password' required='1'
|
||||
name='password'>";
|
||||
print "</fieldset>";
|
||||
|
||||
print "<fieldset>";
|
||||
print "<label>".__("One time password:")."</label>";
|
||||
print "<input dojoType='dijit.form.ValidationTextBox' autocomplete='off'
|
||||
required='1' name='otp'>";
|
||||
print "</fieldset>";
|
||||
|
||||
print "<hr/>";
|
||||
print "<button dojoType='dijit.form.Button' type='submit' class='alt-primary'>".
|
||||
__("Enable OTP")."</button>";
|
||||
|
||||
print "</form>";
|
||||
new Ajax.Request('backend.php', {
|
||||
parameters: dojo.objectToQuery(this.getValues()),
|
||||
onComplete: function(transport) {
|
||||
Notify.close();
|
||||
if (transport.responseText.indexOf('ERROR:') == 0) {
|
||||
Notify.error(transport.responseText.replace('ERROR:', ''));
|
||||
} else {
|
||||
window.location.reload();
|
||||
}
|
||||
} });
|
||||
|
||||
}
|
||||
</script>";
|
||||
|
||||
print "<fieldset>";
|
||||
print "<label>".__("Your password:")."</label>";
|
||||
print "<input dojoType='dijit.form.ValidationTextBox' type='password' required='1'
|
||||
name='password'>";
|
||||
print "</fieldset>";
|
||||
|
||||
print "<fieldset>";
|
||||
print "<label>".__("One time password:")."</label>";
|
||||
print "<input dojoType='dijit.form.ValidationTextBox' autocomplete='off'
|
||||
required='1' name='otp'>";
|
||||
print "</fieldset>";
|
||||
|
||||
print "<hr/>";
|
||||
print "<button dojoType='dijit.form.Button' type='submit' class='alt-primary'>".
|
||||
__("Enable OTP")."</button>";
|
||||
|
||||
print "</form>";
|
||||
|
||||
}
|
||||
|
||||
print "</div>"; # content pane
|
||||
print "</div>"; # tab container
|
||||
|
||||
} else {
|
||||
print_notice("OTP is only available when using <b>auth_internal</b> authentication module.");
|
||||
}
|
||||
|
||||
print "</div>"; # content pane
|
||||
|
||||
print "</div>"; # tab container
|
||||
|
||||
PluginHost::getInstance()->run_hooks(PluginHost::HOOK_PREFS_TAB_SECTION,
|
||||
"hook_prefs_tab_section", "prefPrefsAuth");
|
||||
|
||||
|
|
Loading…
Reference in New Issue