Module: nagvis Branch: master Commit: a1b33c5bffb205ef8c67274636437d8ae657bf87 URL: http://nagvis.git.sourceforge.net/git/gitweb.cgi?p=nagvis/nagvis;a=commit;h=a1b33c5bffb205ef8c67274636437d8ae657bf87
Author: LaMi <[email protected]> Date: Sat Nov 28 16:08:23 2009 +0100 Change password is now denied when trusted authentication is enabled --- .../nagvis-js/classes/GlobalHeaderMenu.php | 5 ++++- .../server/core/classes/CoreModChangePassword.php | 8 ++++++-- .../userfiles/templates/pages/default.header.html | 2 +- 3 files changed, 11 insertions(+), 4 deletions(-) diff --git a/share/frontend/nagvis-js/classes/GlobalHeaderMenu.php b/share/frontend/nagvis-js/classes/GlobalHeaderMenu.php index 0c5dced..e39092d 100644 --- a/share/frontend/nagvis-js/classes/GlobalHeaderMenu.php +++ b/share/frontend/nagvis-js/classes/GlobalHeaderMenu.php @@ -249,6 +249,8 @@ class GlobalHeaderMenu { * @author Lars Michelsen <[email protected]> */ private function getStaticMacros() { + $SHANDLER = new CoreSessionHandler(); + // Replace paths and language macros $aReturn = Array('pathBase' => $this->pathHtmlBase, 'pathImages' => $this->CORE->getMainCfg()->getValue('paths','htmlimages'), @@ -275,7 +277,8 @@ class GlobalHeaderMenu { 'langLogout' => $this->CORE->getLang()->getText('Logout'), 'langRotationStart' => $this->CORE->getLang()->getText('rotationStart'), 'langRotationStop' => $this->CORE->getLang()->getText('rotationStop'), - 'authChangePasswordSupported' => $this->AUTHORISATION->getAuthentication()->checkFeature('changePassword'), + // Supported by backend and not using trusted auth + 'permittedChangePassword' => $this->AUTHORISATION->getAuthentication()->checkFeature('changePassword') && !$SHANDLER->isSetAndNotEmpty('authTrusted'), 'permittedUserMgmt' => $this->AUTHORISATION->isPermitted('UserMgmt', 'manage'), 'permittedRoleMgmt' => $this->AUTHORISATION->isPermitted('RoleMgmt', 'manage')); diff --git a/share/server/core/classes/CoreModChangePassword.php b/share/server/core/classes/CoreModChangePassword.php index 514a6e2..c0d6e75 100644 --- a/share/server/core/classes/CoreModChangePassword.php +++ b/share/server/core/classes/CoreModChangePassword.php @@ -2,6 +2,7 @@ class CoreModChangePassword extends CoreModule { protected $CORE; protected $FHANDLER; + protected $SHANDLER; public function __construct($CORE) { $this->CORE = $CORE; @@ -10,6 +11,7 @@ class CoreModChangePassword extends CoreModule { 'change' => REQUIRES_AUTHORISATION); $this->FHANDLER = new CoreRequestHandler($_POST); + $this->SHANDLER = new CoreSessionHandler(); } public function handleAction() { @@ -22,7 +24,8 @@ class CoreModChangePassword extends CoreModule { // would be printed in HTML format in nagvis-js frontend. case 'view': // Check if user is already authenticated - if(isset($this->AUTHENTICATION) && $this->AUTHENTICATION->isAuthenticated()) { + // Change password must be denied when using trusted mode + if(isset($this->AUTHENTICATION) && $this->AUTHENTICATION->isAuthenticated() && !$this->SHANDLER->isSetAndNotEmpty('authTrusted')) { $VIEW = new NagVisViewChangePassword($this->CORE); $sReturn = json_encode(Array('code' => $VIEW->parse())); } else { @@ -31,7 +34,8 @@ class CoreModChangePassword extends CoreModule { break; case 'change': // Check if user is already authenticated - if(isset($this->AUTHENTICATION) && $this->AUTHENTICATION->isAuthenticated()) { + // Change password must be denied when using trusted mode + if(isset($this->AUTHENTICATION) && $this->AUTHENTICATION->isAuthenticated() && !$this->SHANDLER->isSetAndNotEmpty('authTrusted')) { $aReturn = $this->handleResponse(); if($aReturn !== false) { diff --git a/share/userfiles/templates/pages/default.header.html b/share/userfiles/templates/pages/default.header.html index 38a7b79..cb6f4b6 100644 --- a/share/userfiles/templates/pages/default.header.html +++ b/share/userfiles/templates/pages/default.header.html @@ -43,7 +43,7 @@ <dd id="user-ddcontent" onmouseover="cancelHide('user')" onmouseout="ddMenu('user',-1)"> <ul> <li><a href="#">{$langLoggedIn}: {$currentUser}</a></li> - {if $authChangePasswordSupported == true}<li><a href="javascript:showFrontendDialog(oGeneralProperties.path_server+'?mod=ChangePassword&act=view', '{$langChangePassword}');">{$langChangePassword}</a></li>{/if} + {if $permittedChangePassword == true}<li><a href="javascript:showFrontendDialog(oGeneralProperties.path_server+'?mod=ChangePassword&act=view', '{$langChangePassword}');">{$langChangePassword}</a></li>{/if} {if $permittedUserMgmt == true}<li><a href="javascript:showFrontendDialog(oGeneralProperties.path_server+'?mod=UserMgmt&act=view', '{$langUserMgmt}');">{$langUserMgmt}</a></li>{/if} {if $permittedRoleMgmt == true}<li><a href="javascript:showFrontendDialog(oGeneralProperties.path_server+'?mod=RoleMgmt&act=view', '{$langManageRoles}', 500);">{$langManageRoles}</a></li>{/if} <li><a href="#" onclick="getSyncRequest('{$pathBase}/server/core/ajax_handler.php?mod=Auth&act=logout');return false;" class="underline">{$langLogout}</a></li> ------------------------------------------------------------------------------ Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day trial. Simplify your report design, integration and deployment - and focus on what you do best, core application coding. Discover what's new with Crystal Reports now. http://p.sf.net/sfu/bobj-july _______________________________________________ Nagvis-checkins mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/nagvis-checkins
