mirror of
https://github.com/Icinga/icingaweb2.git
synced 2025-07-26 23:34:08 +02:00
AccountController: Prohibit password changes for users with no-user/password-change
This commit is contained in:
parent
7ae3f187bd
commit
67cc81e49f
@ -43,17 +43,19 @@ class AccountController extends Controller
|
||||
$config = Config::app()->getSection('global');
|
||||
$user = $this->Auth()->getUser();
|
||||
if ($user->getAdditional('backend_type') === 'db') {
|
||||
try {
|
||||
$userBackend = UserBackend::create($user->getAdditional('backend_name'));
|
||||
} catch (ConfigurationError $e) {
|
||||
$userBackend = null;
|
||||
}
|
||||
if ($userBackend !== null) {
|
||||
$changePasswordForm = new ChangePasswordForm();
|
||||
$changePasswordForm
|
||||
->setBackend($userBackend)
|
||||
->handleRequest();
|
||||
$this->view->changePasswordForm = $changePasswordForm;
|
||||
if ($user->can('*') || ! $user->can('no-user/password-change')) {
|
||||
try {
|
||||
$userBackend = UserBackend::create($user->getAdditional('backend_name'));
|
||||
} catch (ConfigurationError $e) {
|
||||
$userBackend = null;
|
||||
}
|
||||
if ($userBackend !== null) {
|
||||
$changePasswordForm = new ChangePasswordForm();
|
||||
$changePasswordForm
|
||||
->setBackend($userBackend)
|
||||
->handleRequest();
|
||||
$this->view->changePasswordForm = $changePasswordForm;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
|
Loading…
x
Reference in New Issue
Block a user