From 01266511c6efe400cf6572b5d79cb77b15ea3715 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?C=C3=B4me=20Chilliet?= <come.chilliet@fusiondirectory.org>
Date: Wed, 27 Nov 2019 10:23:06 +0100
Subject: [PATCH] :ambulance: fix(user) Ease use of UserPasswordAttribute
 through webservices

Now array values are checked to have correct format, and string values
 are used as the new password using default password method.

issue #6052
---
 .../generic/class_UserPasswordAttribute.inc   | 25 +++++++++++++++++++
 1 file changed, 25 insertions(+)

diff --git a/plugins/personal/generic/class_UserPasswordAttribute.inc b/plugins/personal/generic/class_UserPasswordAttribute.inc
index 6a8cdf87f..bdcb7a957 100644
--- a/plugins/personal/generic/class_UserPasswordAttribute.inc
+++ b/plugins/personal/generic/class_UserPasswordAttribute.inc
@@ -255,4 +255,29 @@ class UserPasswordAttribute extends CompositeAttribute
   {
     return $this->attributes[4]->getValue();
   }
+
+  /*! \brief Apply value from RPC requests
+   *
+   *  \param mixed $value the value
+   */
+  function deserializeValue ($value)
+  {
+    if ($this->disabled) {
+      return parent::deserializeValue($value);
+    }
+    if (is_array($value)) {
+      if (count($value) > 5) {
+        return sprintf(_('Too many elements in array value for password field %s: %d instead of %d'), $this->getLdapName(), count($value), 5);
+      } elseif (count($value) < 5) {
+        return sprintf(_('Not enough elements in array value for password field %s: %d instead of %d'), $this->getLdapName(), count($value), 5);
+      } elseif (!isset($value[0])) {
+        return sprintf(_('Array value for password field %s must have numeric keys'), $this->getLdapName());
+      }
+      $this->setValue($value);
+    } elseif (is_string($value)) {
+      $this->setValue(['', $value, $value, '', FALSE]);
+    } else {
+      return sprintf(_('Invalid value type for password field %s, must be array or string'), $this->getLdapName());
+    }
+  }
 }
-- 
GitLab