AccountController: Prohibit password changes for users with `no-user/password-change`
This commit is contained in:
Johannes Meyer
parent
7ae3f187bd
commit
67cc81e49f
|
|
@ -43,17 +43,19 @@ class AccountController extends Controller
|
||||||
$config = Config::app()->getSection('global');
|
$config = Config::app()->getSection('global');
|
||||||
$user = $this->Auth()->getUser();
|
$user = $this->Auth()->getUser();
|
||||||
if ($user->getAdditional('backend_type') === 'db') {
|
if ($user->getAdditional('backend_type') === 'db') {
|
||||||
try {
|
if ($user->can('*') || ! $user->can('no-user/password-change')) {
|
||||||
$userBackend = UserBackend::create($user->getAdditional('backend_name'));
|
try {
|
||||||
} catch (ConfigurationError $e) {
|
$userBackend = UserBackend::create($user->getAdditional('backend_name'));
|
||||||
$userBackend = null;
|
} catch (ConfigurationError $e) {
|
||||||
}
|
$userBackend = null;
|
||||||
if ($userBackend !== null) {
|
}
|
||||||
$changePasswordForm = new ChangePasswordForm();
|
if ($userBackend !== null) {
|
||||||
$changePasswordForm
|
$changePasswordForm = new ChangePasswordForm();
|
||||||
->setBackend($userBackend)
|
$changePasswordForm
|
||||||
->handleRequest();
|
->setBackend($userBackend)
|
||||||
$this->view->changePasswordForm = $changePasswordForm;
|
->handleRequest();
|
||||||
|
$this->view->changePasswordForm = $changePasswordForm;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue