tyler.durden
/
icingaweb2
mirror of https://github.com/Icinga/icingaweb2.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

AccountController: Prohibit password changes for users with `no-user/password-change`

This commit is contained in:
Johannes Meyer 2019-12-05 09:13:34 +01:00
parent 7ae3f187bd
commit 67cc81e49f
1 changed files with 13 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
application/controllers/AccountController.php
View File

@ -43,6 +43,7 @@ class AccountController extends Controller
$config = Config::app()->getSection('global');
$user = $this->Auth()->getUser();
if ($user->getAdditional('backend_type') === 'db') {
if ($user->can('*') || ! $user->can('no-user/password-change')) {
try {
$userBackend = UserBackend::create($user->getAdditional('backend_name'));
} catch (ConfigurationError $e) {
@ -56,6 +57,7 @@ class AccountController extends Controller
$this->view->changePasswordForm = $changePasswordForm;
}
}
}
$form = new PreferenceForm();
$form->setPreferences($user->getPreferences());