summaryrefslogtreecommitdiff
path: root/app
diff options
context:
space:
mode:
authorFrederic Guillot <fred@kanboard.net>2016-05-18 21:27:36 -0400
committerFrederic Guillot <fred@kanboard.net>2016-05-18 21:27:36 -0400
commitbfd59d9e544028a1ea041806fd60e112f3a90167 (patch)
tree0576ae4c6a948cd6af882b23da6073dfef1cae2c /app
parent0830fe22b777e419e42cfb3349e61098be9e4127 (diff)
Reset failed login counter and unlock user when changing password
Diffstat (limited to 'app')
-rw-r--r--app/Controller/UserCredentialController.php109
-rw-r--r--app/Controller/UserModificationController.php69
-rw-r--r--app/Controller/UserViewController.php141
-rw-r--r--app/ServiceProvider/AuthenticationProvider.php2
-rw-r--r--app/ServiceProvider/RouteProvider.php6
-rw-r--r--app/Template/user_credential/authentication.php (renamed from app/Template/user_view/authentication.php)2
-rw-r--r--app/Template/user_credential/password.php (renamed from app/Template/user_view/password.php)9
-rw-r--r--app/Template/user_modification/show.php (renamed from app/Template/user_view/edit.php)2
-rw-r--r--app/Template/user_view/show.php4
-rw-r--r--app/Template/user_view/sidebar.php16
10 files changed, 213 insertions, 147 deletions
diff --git a/app/Controller/UserCredentialController.php b/app/Controller/UserCredentialController.php
new file mode 100644
index 00000000..3310aaa8
--- /dev/null
+++ b/app/Controller/UserCredentialController.php
@@ -0,0 +1,109 @@
+<?php
+
+namespace Kanboard\Controller;
+
+/**
+ * Class UserCredentialController
+ *
+ * @package Kanboard\Controller
+ * @author Frederic Guillot
+ */
+class UserCredentialController extends BaseController
+{
+ /**
+ * Password modification form
+ *
+ * @access public
+ * @param array $values
+ * @param array $errors
+ * @throws \Kanboard\Core\Controller\AccessForbiddenException
+ * @throws \Kanboard\Core\Controller\PageNotFoundException
+ */
+ public function changePassword(array $values = array(), array $errors = array())
+ {
+ $user = $this->getUser();
+
+ return $this->response->html($this->helper->layout->user('user_credential/password', array(
+ 'values' => $values + array('id' => $user['id']),
+ 'errors' => $errors,
+ 'user' => $user,
+ )));
+ }
+
+ /**
+ * Save new password
+ *
+ * @throws \Kanboard\Core\Controller\AccessForbiddenException
+ * @throws \Kanboard\Core\Controller\PageNotFoundException
+ */
+ public function savePassword()
+ {
+ $user = $this->getUser();
+ $values = $this->request->getValues();
+
+ list($valid, $errors) = $this->userValidator->validatePasswordModification($values);
+
+ if ($valid) {
+ if ($this->user->update($values)) {
+ $this->flash->success(t('Password modified successfully.'));
+ $this->userLocking->resetFailedLogin($user['username']);
+ } else {
+ $this->flash->failure(t('Unable to change the password.'));
+ }
+
+ return $this->response->redirect($this->helper->url->to('UserViewController', 'show', array('user_id' => $user['id'])));
+ }
+
+ return $this->changePassword($values, $errors);
+ }
+
+ /**
+ * Display a form to edit authentication
+ *
+ * @access public
+ * @param array $values
+ * @param array $errors
+ * @throws \Kanboard\Core\Controller\AccessForbiddenException
+ * @throws \Kanboard\Core\Controller\PageNotFoundException
+ */
+ public function changeAuthentication(array $values = array(), array $errors = array())
+ {
+ $user = $this->getUser();
+
+ if (empty($values)) {
+ $values = $user;
+ unset($values['password']);
+ }
+
+ return $this->response->html($this->helper->layout->user('user_credential/authentication', array(
+ 'values' => $values,
+ 'errors' => $errors,
+ 'user' => $user,
+ )));
+ }
+
+ /**
+ * Save authentication
+ *
+ * @throws \Kanboard\Core\Controller\AccessForbiddenException
+ * @throws \Kanboard\Core\Controller\PageNotFoundException
+ */
+ public function saveAuthentication()
+ {
+ $user = $this->getUser();
+ $values = $this->request->getValues() + array('disable_login_form' => 0, 'is_ldap_user' => 0);
+ list($valid, $errors) = $this->userValidator->validateModification($values);
+
+ if ($valid) {
+ if ($this->user->update($values)) {
+ $this->flash->success(t('User updated successfully.'));
+ } else {
+ $this->flash->failure(t('Unable to update your user.'));
+ }
+
+ return $this->response->redirect($this->helper->url->to('UserCredentialController', 'changeAuthentication', array('user_id' => $user['id'])));
+ }
+
+ return $this->changeAuthentication($values, $errors);
+ }
+}
diff --git a/app/Controller/UserModificationController.php b/app/Controller/UserModificationController.php
new file mode 100644
index 00000000..0a50eb5b
--- /dev/null
+++ b/app/Controller/UserModificationController.php
@@ -0,0 +1,69 @@
+<?php
+
+namespace Kanboard\Controller;
+
+/**
+ * Class UserModificationController
+ *
+ * @package Kanboard\Controller
+ * @author Frederic Guillot
+ */
+class UserModificationController extends BaseController
+{
+ /**
+ * Display a form to edit user information
+ *
+ * @access public
+ * @param array $values
+ * @param array $errors
+ * @throws \Kanboard\Core\Controller\AccessForbiddenException
+ * @throws \Kanboard\Core\Controller\PageNotFoundException
+ */
+ public function show(array $values = array(), array $errors = array())
+ {
+ $user = $this->getUser();
+
+ if (empty($values)) {
+ $values = $user;
+ unset($values['password']);
+ }
+
+ return $this->response->html($this->helper->layout->user('user_modification/show', array(
+ 'values' => $values,
+ 'errors' => $errors,
+ 'user' => $user,
+ 'timezones' => $this->timezone->getTimezones(true),
+ 'languages' => $this->language->getLanguages(true),
+ 'roles' => $this->role->getApplicationRoles(),
+ )));
+ }
+
+ /**
+ * Save user information
+ */
+ public function save()
+ {
+ $user = $this->getUser();
+ $values = $this->request->getValues();
+
+ if (! $this->userSession->isAdmin()) {
+ if (isset($values['role'])) {
+ unset($values['role']);
+ }
+ }
+
+ list($valid, $errors) = $this->userValidator->validateModification($values);
+
+ if ($valid) {
+ if ($this->user->update($values)) {
+ $this->flash->success(t('User updated successfully.'));
+ } else {
+ $this->flash->failure(t('Unable to update your user.'));
+ }
+
+ return $this->response->redirect($this->helper->url->to('UserViewController', 'show', array('user_id' => $user['id'])));
+ }
+
+ return $this->show($values, $errors);
+ }
+}
diff --git a/app/Controller/UserViewController.php b/app/Controller/UserViewController.php
index dc03f419..b299e35b 100644
--- a/app/Controller/UserViewController.php
+++ b/app/Controller/UserViewController.php
@@ -29,7 +29,7 @@ class UserViewController extends BaseController
$this->response->html($this->helper->layout->app('user_view/profile', array(
'title' => $user['name'] ?: $user['username'],
- 'user' => $user,
+ 'user' => $user,
)));
}
@@ -42,7 +42,7 @@ class UserViewController extends BaseController
{
$user = $this->getUser();
$this->response->html($this->helper->layout->user('user_view/show', array(
- 'user' => $user,
+ 'user' => $user,
'timezones' => $this->timezone->getTimezones(true),
'languages' => $this->language->getLanguages(true),
)));
@@ -67,7 +67,7 @@ class UserViewController extends BaseController
$this->response->html($this->helper->layout->user('user_view/timesheet', array(
'subtask_paginator' => $subtask_paginator,
- 'user' => $user,
+ 'user' => $user,
)));
}
@@ -81,7 +81,7 @@ class UserViewController extends BaseController
$user = $this->getUser();
$this->response->html($this->helper->layout->user('user_view/password_reset', array(
'tokens' => $this->passwordReset->getAll($user['id']),
- 'user' => $user,
+ 'user' => $user,
)));
}
@@ -95,7 +95,7 @@ class UserViewController extends BaseController
$user = $this->getUser();
$this->response->html($this->helper->layout->user('user_view/last', array(
'last_logins' => $this->lastLogin->getAll($user['id']),
- 'user' => $user,
+ 'user' => $user,
)));
}
@@ -109,7 +109,7 @@ class UserViewController extends BaseController
$user = $this->getUser();
$this->response->html($this->helper->layout->user('user_view/sessions', array(
'sessions' => $this->rememberMeSession->getAll($user['id']),
- 'user' => $user,
+ 'user' => $user,
)));
}
@@ -143,11 +143,11 @@ class UserViewController extends BaseController
}
return $this->response->html($this->helper->layout->user('user_view/notifications', array(
- 'projects' => $this->projectUserRole->getProjectsByUser($user['id'], array(ProjectModel::ACTIVE)),
+ 'projects' => $this->projectUserRole->getProjectsByUser($user['id'], array(ProjectModel::ACTIVE)),
'notifications' => $this->userNotification->readSettings($user['id']),
- 'types' => $this->userNotificationType->getTypes(),
- 'filters' => $this->userNotificationFilter->getFilters(),
- 'user' => $user,
+ 'types' => $this->userNotificationType->getTypes(),
+ 'filters' => $this->userNotificationFilter->getFilters(),
+ 'user' => $user,
)));
}
@@ -168,7 +168,7 @@ class UserViewController extends BaseController
}
$this->response->html($this->helper->layout->user('user_view/integrations', array(
- 'user' => $user,
+ 'user' => $user,
'values' => $this->userMetadata->getAll($user['id']),
)));
}
@@ -183,7 +183,7 @@ class UserViewController extends BaseController
$user = $this->getUser();
$this->response->html($this->helper->layout->user('user_view/external', array(
'last_logins' => $this->lastLogin->getAll($user['id']),
- 'user' => $user,
+ 'user' => $user,
)));
}
@@ -200,7 +200,7 @@ class UserViewController extends BaseController
if ($switch === 'enable' || $switch === 'disable') {
$this->checkCSRFParam();
- if ($this->user->{$switch.'PublicAccess'}($user['id'])) {
+ if ($this->user->{$switch . 'PublicAccess'}($user['id'])) {
$this->flash->success(t('User updated successfully.'));
} else {
$this->flash->failure(t('Unable to update this user.'));
@@ -210,121 +210,8 @@ class UserViewController extends BaseController
}
return $this->response->html($this->helper->layout->user('user_view/share', array(
- 'user' => $user,
+ 'user' => $user,
'title' => t('Public access'),
)));
}
-
- /**
- * Password modification
- *
- * @access public
- */
- public function password()
- {
- $user = $this->getUser();
- $values = array('id' => $user['id']);
- $errors = array();
-
- if ($this->request->isPost()) {
- $values = $this->request->getValues();
- list($valid, $errors) = $this->userValidator->validatePasswordModification($values);
-
- if ($valid) {
- if ($this->user->update($values)) {
- $this->flash->success(t('Password modified successfully.'));
- } else {
- $this->flash->failure(t('Unable to change the password.'));
- }
-
- return $this->response->redirect($this->helper->url->to('UserViewController', 'show', array('user_id' => $user['id'])));
- }
- }
-
- return $this->response->html($this->helper->layout->user('user_view/password', array(
- 'values' => $values,
- 'errors' => $errors,
- 'user' => $user,
- )));
- }
-
- /**
- * Display a form to edit a user
- *
- * @access public
- */
- public function edit()
- {
- $user = $this->getUser();
- $values = $user;
- $errors = array();
-
- unset($values['password']);
-
- if ($this->request->isPost()) {
- $values = $this->request->getValues();
-
- if (! $this->userSession->isAdmin()) {
- if (isset($values['role'])) {
- unset($values['role']);
- }
- }
-
- list($valid, $errors) = $this->userValidator->validateModification($values);
-
- if ($valid) {
- if ($this->user->update($values)) {
- $this->flash->success(t('User updated successfully.'));
- } else {
- $this->flash->failure(t('Unable to update your user.'));
- }
-
- return $this->response->redirect($this->helper->url->to('UserViewController', 'show', array('user_id' => $user['id'])));
- }
- }
-
- return $this->response->html($this->helper->layout->user('user_view/edit', array(
- 'values' => $values,
- 'errors' => $errors,
- 'user' => $user,
- 'timezones' => $this->timezone->getTimezones(true),
- 'languages' => $this->language->getLanguages(true),
- 'roles' => $this->role->getApplicationRoles(),
- )));
- }
-
- /**
- * Display a form to edit authentication
- *
- * @access public
- */
- public function authentication()
- {
- $user = $this->getUser();
- $values = $user;
- $errors = array();
-
- unset($values['password']);
-
- if ($this->request->isPost()) {
- $values = $this->request->getValues() + array('disable_login_form' => 0, 'is_ldap_user' => 0);
- list($valid, $errors) = $this->userValidator->validateModification($values);
-
- if ($valid) {
- if ($this->user->update($values)) {
- $this->flash->success(t('User updated successfully.'));
- } else {
- $this->flash->failure(t('Unable to update your user.'));
- }
-
- return $this->response->redirect($this->helper->url->to('UserViewController', 'authentication', array('user_id' => $user['id'])));
- }
- }
-
- return $this->response->html($this->helper->layout->user('user_view/authentication', array(
- 'values' => $values,
- 'errors' => $errors,
- 'user' => $user,
- )));
- }
}
diff --git a/app/ServiceProvider/AuthenticationProvider.php b/app/ServiceProvider/AuthenticationProvider.php
index 193929c7..1ac4656c 100644
--- a/app/ServiceProvider/AuthenticationProvider.php
+++ b/app/ServiceProvider/AuthenticationProvider.php
@@ -143,7 +143,7 @@ class AuthenticationProvider implements ServiceProviderInterface
$acl->add('UserCreationController', '*', Role::APP_ADMIN);
$acl->add('UserListController', '*', Role::APP_ADMIN);
$acl->add('UserStatusController', '*', Role::APP_ADMIN);
- $acl->add('UserViewController', array('authentication'), Role::APP_ADMIN);
+ $acl->add('UserCredentialController', array('changeAuthentication', 'saveAuthentication'), Role::APP_ADMIN);
return $acl;
}
diff --git a/app/ServiceProvider/RouteProvider.php b/app/ServiceProvider/RouteProvider.php
index 2bf3b6db..eb567e46 100644
--- a/app/ServiceProvider/RouteProvider.php
+++ b/app/ServiceProvider/RouteProvider.php
@@ -149,13 +149,13 @@ class RouteProvider implements ServiceProviderInterface
$container['route']->addRoute('user/show/:user_id/timesheet', 'UserViewController', 'timesheet');
$container['route']->addRoute('user/show/:user_id/last-logins', 'UserViewController', 'lastLogin');
$container['route']->addRoute('user/show/:user_id/sessions', 'UserViewController', 'sessions');
- $container['route']->addRoute('user/:user_id/edit', 'UserViewController', 'edit');
- $container['route']->addRoute('user/:user_id/password', 'UserViewController', 'password');
+ $container['route']->addRoute('user/:user_id/edit', 'UserModificationController', 'show');
+ $container['route']->addRoute('user/:user_id/password', 'UserCredentialController', 'changePassword');
$container['route']->addRoute('user/:user_id/share', 'UserViewController', 'share');
$container['route']->addRoute('user/:user_id/notifications', 'UserViewController', 'notifications');
$container['route']->addRoute('user/:user_id/accounts', 'UserViewController', 'external');
$container['route']->addRoute('user/:user_id/integrations', 'UserViewController', 'integrations');
- $container['route']->addRoute('user/:user_id/authentication', 'UserViewController', 'authentication');
+ $container['route']->addRoute('user/:user_id/authentication', 'UserCredentialController', 'changeAuthentication');
$container['route']->addRoute('user/:user_id/2fa', 'twofactor', 'index');
$container['route']->addRoute('user/:user_id/avatar', 'AvatarFile', 'show');
diff --git a/app/Template/user_view/authentication.php b/app/Template/user_credential/authentication.php
index 44643388..fbe2e915 100644
--- a/app/Template/user_view/authentication.php
+++ b/app/Template/user_credential/authentication.php
@@ -1,7 +1,7 @@
<div class="page-header">
<h2><?= t('Edit Authentication') ?></h2>
</div>
-<form method="post" action="<?= $this->url->href('UserViewController', 'authentication', array('user_id' => $user['id'])) ?>" autocomplete="off">
+<form method="post" action="<?= $this->url->href('UserCredentialController', 'saveAuthentication', array('user_id' => $user['id'])) ?>" autocomplete="off">
<?= $this->form->csrf() ?>
<?= $this->form->hidden('id', $values) ?>
diff --git a/app/Template/user_view/password.php b/app/Template/user_credential/password.php
index 32ff9d5c..5a6e4403 100644
--- a/app/Template/user_view/password.php
+++ b/app/Template/user_credential/password.php
@@ -2,15 +2,12 @@
<h2><?= t('Password modification') ?></h2>
</div>
-<form method="post" action="<?= $this->url->href('UserViewController', 'password', array('user_id' => $user['id'])) ?>" autocomplete="off">
-
+<form method="post" action="<?= $this->url->href('UserCredentialController', 'savePassword', array('user_id' => $user['id'])) ?>" autocomplete="off">
<?= $this->form->hidden('id', $values) ?>
<?= $this->form->csrf() ?>
- <div class="alert alert-error">
- <?= $this->form->label(t('Current password for the user "%s"', $this->user->getFullname()), 'current_password') ?>
- <?= $this->form->password('current_password', $values, $errors) ?>
- </div>
+ <?= $this->form->label(t('Current password for the user "%s"', $this->user->getFullname()), 'current_password') ?>
+ <?= $this->form->password('current_password', $values, $errors) ?>
<?= $this->form->label(t('New password for the user "%s"', $this->user->getFullname($user)), 'password') ?>
<?= $this->form->password('password', $values, $errors) ?>
diff --git a/app/Template/user_view/edit.php b/app/Template/user_modification/show.php
index 18947905..396d550d 100644
--- a/app/Template/user_view/edit.php
+++ b/app/Template/user_modification/show.php
@@ -1,7 +1,7 @@
<div class="page-header">
<h2><?= t('Edit user') ?></h2>
</div>
-<form method="post" action="<?= $this->url->href('UserViewController', 'edit', array('user_id' => $user['id'])) ?>" autocomplete="off">
+<form method="post" action="<?= $this->url->href('UserModificationController', 'save', array('user_id' => $user['id'])) ?>" autocomplete="off">
<?= $this->form->csrf() ?>
diff --git a/app/Template/user_view/show.php b/app/Template/user_view/show.php
index df0affb8..390a1e45 100644
--- a/app/Template/user_view/show.php
+++ b/app/Template/user_view/show.php
@@ -15,6 +15,10 @@
<li><?= t('Role:') ?> <strong><?= $this->user->getRoleName($user['role']) ?></strong></li>
<li><?= t('Account type:') ?> <strong><?= $user['is_ldap_user'] ? t('Remote') : t('Local') ?></strong></li>
<li><?= $user['twofactor_activated'] == 1 ? t('Two factor authentication enabled') : t('Two factor authentication disabled') ?></li>
+ <li><?= t('Number of failed login:') ?> <strong><?= $user['nb_failed_login'] ?></strong></li>
+ <?php if ($user['lock_expiration_date'] != 0): ?>
+ <li><?= t('Account locked until:') ?> <strong><?= $this->dt->datetime($user['lock_expiration_date']) ?></strong></li>
+ <?php endif ?>
</ul>
<div class="page-header">
diff --git a/app/Template/user_view/sidebar.php b/app/Template/user_view/sidebar.php
index 9a25df16..5eb0457b 100644
--- a/app/Template/user_view/sidebar.php
+++ b/app/Template/user_view/sidebar.php
@@ -33,9 +33,9 @@
<ul>
<?php if ($this->user->isAdmin() || $this->user->isCurrentUser($user['id'])): ?>
- <?php if ($this->user->hasAccess('UserViewController', 'edit')): ?>
- <li <?= $this->app->checkMenuSelection('UserViewController', 'edit') ?>>
- <?= $this->url->link(t('Edit profile'), 'UserViewController', 'edit', array('user_id' => $user['id'])) ?>
+ <?php if ($this->user->hasAccess('UserModificationController', 'show')): ?>
+ <li <?= $this->app->checkMenuSelection('UserModificationController', 'show') ?>>
+ <?= $this->url->link(t('Edit profile'), 'UserModificationController', 'show', array('user_id' => $user['id'])) ?>
</li>
<li <?= $this->app->checkMenuSelection('AvatarFile') ?>>
<?= $this->url->link(t('Avatar'), 'AvatarFile', 'show', array('user_id' => $user['id'])) ?>
@@ -43,8 +43,8 @@
<?php endif ?>
<?php if ($user['is_ldap_user'] == 0): ?>
- <li <?= $this->app->checkMenuSelection('UserViewController', 'password') ?>>
- <?= $this->url->link(t('Change password'), 'UserViewController', 'password', array('user_id' => $user['id'])) ?>
+ <li <?= $this->app->checkMenuSelection('UserCredentialController', 'changePassword') ?>>
+ <?= $this->url->link(t('Change password'), 'UserCredentialController', 'changePassword', array('user_id' => $user['id'])) ?>
</li>
<?php endif ?>
@@ -72,9 +72,9 @@
</li>
<?php endif ?>
- <?php if ($this->user->hasAccess('UserViewController', 'authentication')): ?>
- <li <?= $this->app->checkMenuSelection('UserViewController', 'authentication') ?>>
- <?= $this->url->link(t('Edit Authentication'), 'UserViewController', 'authentication', array('user_id' => $user['id'])) ?>
+ <?php if ($this->user->hasAccess('UserCredentialController', 'changeAuthentication')): ?>
+ <li <?= $this->app->checkMenuSelection('UserCredentialController', 'changeAuthentication') ?>>
+ <?= $this->url->link(t('Edit Authentication'), 'UserCredentialController', 'changeAuthentication', array('user_id' => $user['id'])) ?>
</li>
<?php endif ?>