Commit 2c6358bd authored by Côme Chilliet's avatar Côme Chilliet
Browse files

Fixes #4759 Forbidding locked accounts to use recovery

parent 76dfe3d8
...@@ -463,22 +463,30 @@ class passwordRecovery { ...@@ -463,22 +463,30 @@ class passwordRecovery {
if (class_available('supannAccount') && ($config->get_cfg_value('supannPasswordRecovery', 'TRUE') == 'TRUE')) { if (class_available('supannAccount') && ($config->get_cfg_value('supannPasswordRecovery', 'TRUE') == 'TRUE')) {
$filter = '(|'.$filter.'(&(objectClass=supannPerson)(supannMailPerso='.$this->email_address.')))'; $filter = '(|'.$filter.'(&(objectClass=supannPerson)(supannMailPerso='.$this->email_address.')))';
} }
$uids = get_list( $filter, "", $ldap = $config->get_ldap_link();
$config->current['BASE'], array("uid"), $ldap->cd($config->current['BASE']);
GL_SUBSEARCH | GL_NO_ACL_CHECK); $ldap->search($filter, array('dn', 'userPassword', 'uid'));
/* Only one uid should be found */ /* Only one uid should be found */
if (count($uids) < 1) { if ($ldap->count() < 1) {
$this->message[] = sprintf(_("There is no account using email %s"), $this->email_address); $this->message[] = sprintf(_('There is no account using email "%s"'), $this->email_address);
return;
} elseif ($ldap->count() > 1) {
$this->message[] = sprintf(_('There are several accounts using email "%s"'), $this->email_address);
return; return;
} elseif (count($uids) > 1) { }
$this->message[] = sprintf(_("There are several accounts using email %s"), $this->email_address);
$attrs = $ldap->fetch();
$method = passwordMethod::get_method($attrs['userPassword'][0], $attrs['dn']);
if (is_object($method) && $method->is_locked($attrs['dn'])) {
$this->message[] = sprintf(_('The user using email "%s" is locked. Please contact your administrator.'), $this->email_address);
return; return;
} }
$smarty = get_smarty(); $smarty = get_smarty();
$this->uid = $uids[0]['uid'][0]; $this->uid = $attrs['uid'][0];
$smarty->assign('uid', $this->uid); $smarty->assign('uid', $this->uid);
$smarty->assign('email_address', $this->email_address); $smarty->assign('email_address', $this->email_address);
$this->step = 2; $this->step = 2;
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment