diff --git a/core/users/app_config.php b/core/users/app_config.php index a43e97d320..6553fd95f1 100644 --- a/core/users/app_config.php +++ b/core/users/app_config.php @@ -92,6 +92,10 @@ $apps[$x]['permissions'][$y]['groups'][] = "superadmin"; $apps[$x]['permissions'][$y]['groups'][] = "admin"; $apps[$x]['permissions'][$y]['groups'][] = "users"; + $y++; + $apps[$x]['permissions'][$y]['name'] = "user_password"; + $apps[$x]['permissions'][$y]['groups'][] = "superadmin"; + $apps[$x]['permissions'][$y]['groups'][] = "admin"; //default settings $y=0; diff --git a/core/users/user_edit.php b/core/users/user_edit.php index b780deee16..e1ddd1ec25 100644 --- a/core/users/user_edit.php +++ b/core/users/user_edit.php @@ -103,11 +103,13 @@ } //retrieve password requirements - $required['length'] = $_SESSION['users']['password_length']['numeric']; - $required['number'] = ($_SESSION['users']['password_number']['boolean'] == 'true') ? true : false; - $required['lowercase'] = ($_SESSION['users']['password_lowercase']['boolean'] == 'true') ? true : false; - $required['uppercase'] = ($_SESSION['users']['password_uppercase']['boolean'] == 'true') ? true : false; - $required['special'] = ($_SESSION['users']['password_special']['boolean'] == 'true') ? true : false; + if (permission_exists('user_password')) { + $required['length'] = $_SESSION['users']['password_length']['numeric']; + $required['number'] = ($_SESSION['users']['password_number']['boolean'] == 'true') ? true : false; + $required['lowercase'] = ($_SESSION['users']['password_lowercase']['boolean'] == 'true') ? true : false; + $required['uppercase'] = ($_SESSION['users']['password_uppercase']['boolean'] == 'true') ? true : false; + $required['special'] = ($_SESSION['users']['password_special']['boolean'] == 'true') ? true : false; + } //prepare the data if (!empty($_POST)) { @@ -213,7 +215,7 @@ } //require passwords not allowed to be empty - if (permission_exists('user_add') && $action == 'add') { + if (permission_exists('user_password') && permission_exists('user_add') && $action == 'add') { if (empty($password)) { message::add($text['message-password_blank'], 'negative', 7500); } @@ -228,7 +230,7 @@ } //require passwords with the defined required attributes: length, number, lower case, upper case, and special characters - if (!empty($password)) { + if (permission_exists('user_password') && !empty($password)) { if (!empty($required['length']) && is_numeric($required['length']) && $required['length'] != 0) { if (strlen($password) < $required['length']) { $invalid[] = $text['label-characters']; @@ -514,7 +516,7 @@ if (!empty($username) && (empty($username_old) || $username != $username_old)) { $array['users'][$x]['username'] = $username; } - if (!empty($password) && $password == $password_confirm) { + if (permission_exists('user_password') && !empty($password) && $password == $password_confirm) { $array['users'][$x]['password'] = password_hash($password, PASSWORD_DEFAULT, $options); $array['users'][$x]['salt'] = null; } @@ -671,36 +673,37 @@ $document['title'] = $text['title-user_edit']; //show the content - echo "\n"; + if (permission_exists('user_password')) { + echo "\n"; + } echo "
\n"; @@ -746,49 +749,51 @@ echo " "; echo " "; - echo " "; - echo " ".$text['label-password'].""; - echo " "; - echo " "; //help defeat browser auto-fill - echo " "; - echo "

\n"; - if ((!empty($required['length']) && is_numeric($required['length']) && $required['length'] != 0) || $required['number'] || $required['lowercase'] || $required['uppercase'] || $required['special']) { - echo $text['label-required'].': '; - if (is_numeric($required['length']) && $required['length'] != 0) { - echo $required['length']." ".$text['label-characters']; - if ($required['number'] || $required['lowercase'] || $required['uppercase'] || $required['special']) { - echo " ("; - } - } - if ($required['number']) { - $required_temp[] = $text['label-number']; - } - if ($required['lowercase']) { - $required_temp[] = $text['label-lowercase']; - } - if ($required['uppercase']) { - $required_temp[] = $text['label-uppercase']; - } - if ($required['special']) { - $required_temp[] = $text['label-special']; - } - if (!empty($required_temp)) { - echo implode(', ',$required_temp); + if (permission_exists('user_password')) { + echo " "; + echo " ".$text['label-password'].""; + echo " "; + echo " "; //help defeat browser auto-fill + echo " "; + echo "

\n"; + if ((!empty($required['length']) && is_numeric($required['length']) && $required['length'] != 0) || $required['number'] || $required['lowercase'] || $required['uppercase'] || $required['special']) { + echo $text['label-required'].': '; if (is_numeric($required['length']) && $required['length'] != 0) { - echo ")"; + echo $required['length']." ".$text['label-characters']; + if ($required['number'] || $required['lowercase'] || $required['uppercase'] || $required['special']) { + echo " ("; + } } + if ($required['number']) { + $required_temp[] = $text['label-number']; + } + if ($required['lowercase']) { + $required_temp[] = $text['label-lowercase']; + } + if ($required['uppercase']) { + $required_temp[] = $text['label-uppercase']; + } + if ($required['special']) { + $required_temp[] = $text['label-special']; + } + if (!empty($required_temp)) { + echo implode(', ',$required_temp); + if (is_numeric($required['length']) && $required['length'] != 0) { + echo ")"; + } + } + unset($required_temp); } - unset($required_temp); + echo " "; + echo " "; + echo " "; + echo " ".$text['label-confirm_password'].""; + echo " "; + echo "
\n"; + echo " ".$text['message-green_border_passwords_match']."\n"; + echo " "; + echo " "; } - echo " "; - echo " "; - echo " "; - echo " ".$text['label-confirm_password'].""; - echo " "; - echo "
\n"; - echo " ".$text['message-green_border_passwords_match']."\n"; - echo " "; - echo " "; echo " "; echo " ".$text['label-email']."";