change password for admin user when in LDAP mode

2024-09-28 21:37:31 +02:00 · 2016-05-09 20:57:41 +08:00 · 2016-05-09 20:57:41 +08:00 · cb9b8a7f55
commit cb9b8a7f55
parent ccaad63730
3 changed files with 18 additions and 2 deletions
--- a/api/user.go
+++ b/api/user.go
@ -187,7 +187,9 @@ func (ua *UserAPI) Delete() {
 // ChangePassword handles PUT to /api/users/{}/password
 func (ua *UserAPI) ChangePassword() {

-	if !(ua.AuthMode == "db_auth") {
+	ldapAdminUser := (ua.AuthMode == "ldap_auth" && ua.userID == 1 && ua.userID == ua.currentUserID)
+	
+	if !(ua.AuthMode == "db_auth" || ldapAdminUser) {
 		ua.CustomAbort(http.StatusForbidden, "")
 	}

--- a/controllers/base.go
+++ b/controllers/base.go
@ -41,6 +41,7 @@ type BaseController struct {
 	beego.Controller
 	i18n.Locale
 	SelfRegistration bool
+	IsLdapAdminUser  bool	
 	IsAdmin          bool
 	AuthMode         string
 }
@ -115,17 +116,24 @@ func (b *BaseController) Prepare() {
 	if sessionUserID != nil {
 		b.Data["Username"] = b.GetSession("username")
 		b.Data["UserId"] = sessionUserID.(int)
-
+		
+		if (sessionUserID == 1 && b.AuthMode == "ldap_auth") {
+			b.IsLdapAdminUser = true
+		}
+		
 		var err error
 		b.IsAdmin, err = dao.IsAdminRole(sessionUserID.(int))
 		if err != nil {
 			log.Errorf("Error occurred in IsAdminRole:%v", err)
 			b.CustomAbort(http.StatusInternalServerError, "Internal error.")
 		}
+	}else {
+		b.IsLdapAdminUser = false
 	}

 	b.Data["IsAdmin"] = b.IsAdmin
 	b.Data["SelfRegistration"] = b.SelfRegistration
+	b.Data["IsLdapAdminUser"] = b.IsLdapAdminUser

 }

--- a/views/segment/header-content.tpl
+++ b/views/segment/header-content.tpl
@ -56,6 +56,12 @@
 					    {{ if eq .AuthMode "db_auth" }}
 						<li><a id="aChangePassword" href="/changePassword" target="_blank"><span class="glyphicon glyphicon-pencil"></span>&nbsp;&nbsp;{{i18n .Lang "change_password"}}</a></li>
 						<li role="separator" class="divider"></li>
+						{{ end }}
+						  {{ if eq .AuthMode "ldap_auth" }}
+							  {{ if eq .IsLdapAdminUser true }}
+						<li><a id="aChangePassword" href="/changePassword" target="_blank"><span class="glyphicon glyphicon-pencil"></span>&nbsp;&nbsp;{{i18n .Lang "change_password"}}</a></li>
+						<li role="separator" class="divider"></li>
+						    {{ end }} 
 						{{ end }}
 						{{ if eq .AuthMode "db_auth" }}
 						  {{ if eq .IsAdmin true }}