From 3ebe219e9618ea6dd0ad85adb6560ea76f735e2f Mon Sep 17 00:00:00 2001 From: Henrique Dias Date: Thu, 24 Aug 2017 14:44:53 +0100 Subject: [PATCH] Option to lock user's password #215 Former-commit-id: e4f0afef51c437bd55c58f12f2f45ce8e8c84bb0 [formerly 549235edf9d6c43d1454a8a00d7b6f832bb8a3ca] [formerly 12d099aa44bff7d995b05680e405d8040f1e1850 [formerly fc9ca4f6a4eb9a9ed89e35c413158e801a18e25e]] Former-commit-id: e9666db20e2b473095f21c03d59f2a8fbf07929e [formerly 87ee9eb83daed5180c6a3714c0ddc861668d747b] Former-commit-id: 5a15b05320c1eb28324e50cad7ca980d3eebcb02 --- assets/src/components/files/Listing.vue | 2 +- assets/src/components/files/Preview.vue | 2 +- assets/src/i18n/en.yaml | 1 + assets/src/i18n/pt.yaml | 1 + assets/src/views/ProfileSettings.vue | 2 +- assets/src/views/User.vue | 7 +++++++ filemanager.go | 4 ++++ http/users.go | 4 ++++ rice-box.go.REMOVED.git-id | 2 +- 9 files changed, 21 insertions(+), 4 deletions(-) diff --git a/assets/src/components/files/Listing.vue b/assets/src/components/files/Listing.vue index 2b8eb7f0..47033b02 100644 --- a/assets/src/components/files/Listing.vue +++ b/assets/src/components/files/Listing.vue @@ -263,7 +263,7 @@ export default { .then(req => { this.checkConflict(files, req.items, base) }) - .catch(error => { console.log(error) }) + .catch(this.$showError) return } diff --git a/assets/src/components/files/Preview.vue b/assets/src/components/files/Preview.vue index 9ded871f..eba6aadc 100644 --- a/assets/src/components/files/Preview.vue +++ b/assets/src/components/files/Preview.vue @@ -75,7 +75,7 @@ export default { this.listing = req this.updateLinks() }) - .catch(error => { console.log(error) }) + .catch(this.$showError) }, beforeDestroy () { window.removeEventListener('keyup', this.key) diff --git a/assets/src/i18n/en.yaml b/assets/src/i18n/en.yaml index a52155ca..2724f11d 100644 --- a/assets/src/i18n/en.yaml +++ b/assets/src/i18n/en.yaml @@ -124,6 +124,7 @@ settings: examples: Examples globalSettings: Global Settings language: Language + lockPassword: Prevent the user from changing the password newPassword: Your new password newPasswordConfirm: Confirm your new password newUser: New User diff --git a/assets/src/i18n/pt.yaml b/assets/src/i18n/pt.yaml index d7885916..56133b4a 100644 --- a/assets/src/i18n/pt.yaml +++ b/assets/src/i18n/pt.yaml @@ -145,6 +145,7 @@ settings: examples: Exemplos globalSettings: Configurações Globais language: Linguagem + lockPassword: Não permitir que o utilizador altere a palavra-passe newPassword: Nova palavra-passe newPasswordConfirm: Confirme a nova palavra-passe newUser: Novo Utilizador diff --git a/assets/src/views/ProfileSettings.vue b/assets/src/views/ProfileSettings.vue index b6759f7f..22ebe48b 100644 --- a/assets/src/views/ProfileSettings.vue +++ b/assets/src/views/ProfileSettings.vue @@ -18,7 +18,7 @@

-
+

{{ $t('settings.changePassword') }}

diff --git a/assets/src/views/User.vue b/assets/src/views/User.vue index 50a34ac4..3afd8338 100644 --- a/assets/src/views/User.vue +++ b/assets/src/views/User.vue @@ -21,6 +21,8 @@

+

{{ $t('settings.lockPassword') }}

+

{{ $t('settings.permissions') }}

{{ $t('settings.permissionsHelp') }}

@@ -93,6 +95,7 @@ export default { allowEdit: false, allowCommands: false, allowPublish: false, + lockPassword: false, permissions: {}, password: '', username: '', @@ -120,6 +123,7 @@ export default { this.allowEdit = true this.allowNew = true this.allowPublish = true + this.lockPassword = false for (let key in this.permissions) { this.permissions[key] = true } @@ -141,6 +145,7 @@ export default { this.allowNew = user.allowNew this.allowEdit = user.allowEdit this.allowPublish = user.allowPublish + this.lockPassword = user.lockPassword this.filesystem = user.filesystem this.username = user.username this.commands = user.commands.join(' ') @@ -187,6 +192,7 @@ export default { this.allowPublish = false this.permissins = {} this.allowCommands = false + this.lockPassword = false this.password = '' this.username = '' this.filesystem = '' @@ -238,6 +244,7 @@ export default { ID: this.id, username: this.username, password: this.password, + lockPassword: this.lockPassword, filesystem: this.filesystem, admin: this.admin, allowCommands: this.allowCommands, diff --git a/filemanager.go b/filemanager.go index f208fa49..b07a9d09 100644 --- a/filemanager.go +++ b/filemanager.go @@ -286,6 +286,7 @@ var DefaultUser = User{ AllowEdit: true, AllowNew: true, AllowPublish: true, + LockPassword: false, Commands: []string{}, Rules: []*Rule{}, CSS: "", @@ -325,6 +326,9 @@ type User struct { // Locale is the language of the user. Locale string `json:"locale"` + // Prevents the user to change its password. + LockPassword bool `json:"lockPassword"` + // These indicate if the user can perform certain actions. AllowNew bool `json:"allowNew"` // Create files and folders AllowEdit bool `json:"allowEdit"` // Edit/rename files diff --git a/http/users.go b/http/users.go index c2daf077..eec93c99 100644 --- a/http/users.go +++ b/http/users.go @@ -287,6 +287,10 @@ func usersPutHandler(c *fm.Context, w http.ResponseWriter, r *http.Request) (int return http.StatusBadRequest, fm.ErrEmptyPassword } + if id == c.User.ID && c.User.LockPassword { + return http.StatusForbidden, nil + } + c.User.Password, err = fm.HashPassword(u.Password) if err != nil { return http.StatusInternalServerError, err diff --git a/rice-box.go.REMOVED.git-id b/rice-box.go.REMOVED.git-id index 282113f7..9cd6dd01 100644 --- a/rice-box.go.REMOVED.git-id +++ b/rice-box.go.REMOVED.git-id @@ -1 +1 @@ -8cd7343b99621ae03aa9fae0a5cb69dcf5b31963 \ No newline at end of file +625c9d7a95a0ae5b69748035174471082ff86489 \ No newline at end of file