From 6733c4d7da44a7f0c2d431e1c26dab2693a7d297 Mon Sep 17 00:00:00 2001
From: Chris Smith <chris.eureka@jalakai.co.uk>
Date: Sun, 4 Oct 2009 13:57:40 +0200
Subject: [PATCH] FS#1728, ensure create user correctly checks field
modification 'canDo'
Ignore-this: e4d974b5e09e45861a5e463784c6b946
darcs-hash:20091004115740-f07c6-46e15fc4f69949530690400fcb0698b9b7a0e350.gz
---
lib/plugins/usermanager/admin.php | 41 +++++++++++++++++++++++++------
1 file changed, 34 insertions(+), 7 deletions(-)
diff --git a/lib/plugins/usermanager/admin.php b/lib/plugins/usermanager/admin.php
index 1975dc6c9..26ee95093 100644
--- a/lib/plugins/usermanager/admin.php
+++ b/lib/plugins/usermanager/admin.php
@@ -358,16 +358,43 @@ class admin_plugin_usermanager extends DokuWiki_Admin_Plugin {
list($user,$pass,$name,$mail,$grps) = $this->_retrieveUser();
if (empty($user)) return false;
- if (empty($pass)){
- if(!empty($_REQUEST['usernotify'])){
- $pass = auth_pwgen();
- } else {
+
+ if ($this->_auth->canDo('modPass')){
+ if (empty($pass)){
+ if(!empty($_REQUEST['usernotify'])){
+ $pass = auth_pwgen();
+ } else {
+ msg($this->lang['add_fail'], -1);
+ return false;
+ }
+ }
+ } else {
+ if (!empty($pass)){
+ msg($this->lang['add_fail'], -1);
return false;
}
}
- if (empty($name) || empty($mail)){
- msg($this->lang['add_fail'], -1);
- return false;
+
+ if ($this->_auth->canDo('modName')){
+ if (empty($name)){
+ msg($this->lang['add_fail'], -1);
+ return false;
+ }
+ } else {
+ if (!empty($name)){
+ return false;
+ }
+ }
+
+ if ($this->_auth->canDo('modMail')){
+ if (empty($mail)){
+ msg($this->lang['add_fail'], -1);
+ return false;
+ }
+ } else {
+ if (!empty($mail)){
+ return false;
+ }
}
if ($ok = $this->_auth->triggerUserMod('create', array($user,$pass,$name,$mail,$grps))) {
--
GitLab