Projekte/web-base
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

more bugfixes

Browse Source
This commit is contained in:
Roman 2024-12-30 12:20:02 +01:00
parent 9788289260
commit 20e464776c
1 changed files with 12 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
Core/API/UserAPI.class.php
View File

@ -879,12 +879,12 @@ namespace Core\API\User {
return $this->createError("Cannot remove Administrator group from own user."); return $this->createError("Cannot remove Administrator group from own user.");
} else if (in_array(Group::ADMIN, $groupIds) && !$currentUser->hasGroup(Group::ADMIN)) { } else if (in_array(Group::ADMIN, $groupIds) && !$currentUser->hasGroup(Group::ADMIN)) {
return $this->createError("You cannot add the administrator group to other users."); return $this->createError("You cannot add the administrator group to other users.");
} } else if (!empty($groups)) {
$availableGroups = Group::findAll($sql, new CondIn(new Column("id"), $groupIds));
$availableGroups = Group::findAll($sql, new CondIn(new Column("id"), $groupIds)); foreach ($groupIds as $groupId) {
foreach ($groupIds as $groupId) { if (!isset($availableGroups[$groupId])) {
if (!isset($availableGroups[$groupId])) { return $this->createError("Group with id=$groupId does not exist.");
return $this->createError("Group with id=$groupId does not exist."); }
} }
} }
@ -918,8 +918,12 @@ namespace Core\API\User {
} }
if (!is_null($password)) { if (!is_null($password)) {
$user->password = $this->hashPassword($password); if ($user->isLocalAccount()) {
$columnsToUpdate[] = "password"; $user->password = $this->hashPassword($password);
$columnsToUpdate[] = "password";
} else {
return $this->createError("Cannot change password of an externally managed user account.");
}
} }
if (!is_null($confirmed)) { if (!is_null($confirmed)) {