commit 2e496985dec654425f2a289c2de70200ff67cb2a
parent 3477e8e87e7776cd6086b08a8093828f427633da
Author: Felicitus <felicitus@felicitus.org>
Date: Tue, 6 Sep 2011 09:34:32 +0200
Added configuration option to disable password changing
Diffstat:
2 files changed, 11 insertions(+), 2 deletions(-)
diff --git a/config.php.template b/config.php.template
@@ -89,4 +89,9 @@ Configuration::setOption("partkeepr.frontend.autologin.password", null);
/**
* Specifies if frontend debugging should be turned on
*/
-Configuration::setOption("partkeepr.frontend.debug", false);-
\ No newline at end of file
+Configuration::setOption("partkeepr.frontend.debug", false);
+
+/**
+ * Specifies if password changing is allowed.
+ */
+Configuration::setOption("partkeepr.frontend.allow_password_change", true);+
\ No newline at end of file
diff --git a/src/de/RaumZeitLabor/PartKeepr/UserPreference/UserPreferenceService.php b/src/de/RaumZeitLabor/PartKeepr/UserPreference/UserPreferenceService.php
@@ -91,6 +91,10 @@ class UserPreferenceService extends Service implements RestfulService {
}
public function changePassword () {
+ if (Configuration::getOption("partkeepr.frontend.allow_password_change", true) === false) {
+ throw new \Exception("Password changing has been disabled on this server");
+ }
+
if (!$this->getUser()->compareHashedPassword($this->getParameter("oldpassword"))) {
throw new \Exception("Invalid Password");
} else {