diff --git a/app/Http/Controllers/Auth/ResetPasswordController.php b/app/Http/Controllers/Auth/ResetPasswordController.php index f1cfbc853..805b82918 100644 --- a/app/Http/Controllers/Auth/ResetPasswordController.php +++ b/app/Http/Controllers/Auth/ResetPasswordController.php @@ -103,22 +103,24 @@ class ResetPasswordController extends Controller ], $messages); } + if ($user->ldap_import != '1') { - // set the response - $response = $broker->reset( - $this->credentials($request), function ($user, $password) { - $this->resetPassword($user, $password); - }); + // set the response + $response = $broker->reset( + $this->credentials($request), function ($user, $password) { + $this->resetPassword($user, $password); + }); - // Check if the password reset above actually worked - if ($response == \Password::PASSWORD_RESET) { - Log::debug('Password reset for '.$user->username.' worked'); - return redirect()->guest('login')->with('success', trans('passwords.reset')); + // Check if the password reset above actually worked + if ($response == \Password::PASSWORD_RESET) { + Log::debug('Password reset for ' . $user->username . ' worked'); + return redirect()->guest('login')->with('success', trans('passwords.reset')); + } + + Log::debug('Password reset for ' . $user->username . ' FAILED - this user exists but the token is not valid'); + return redirect()->back()->withInput($request->only('email'))->with('success', trans('passwords.reset')); } - Log::debug('Password reset for '.$user->username.' FAILED - this user exists but the token is not valid'); - return redirect()->back()->withInput($request->only('email'))->with('success', trans('passwords.reset')); - } diff --git a/app/Http/Controllers/ProfileController.php b/app/Http/Controllers/ProfileController.php index 896c25346..1a9bd0035 100755 --- a/app/Http/Controllers/ProfileController.php +++ b/app/Http/Controllers/ProfileController.php @@ -99,9 +99,13 @@ class ProfileController extends Controller * User change email page. * */ - public function password() : View + public function password() : View | RedirectResponse { + $user = auth()->user(); + if ($user->ldap_import=='1') { + return redirect()->route('account')->with('error', trans('admin/users/message.error.password_ldap')); + } return view('account/change-password', compact('user')); } @@ -116,7 +120,7 @@ class ProfileController extends Controller $user = auth()->user(); if ($user->ldap_import == '1') { - return redirect()->route('account.password.index')->with('error', trans('admin/users/message.error.password_ldap')); + return redirect()->route('account')->with('error', trans('admin/users/message.error.password_ldap')); } $rules = [ diff --git a/app/Http/Controllers/Users/BulkUsersController.php b/app/Http/Controllers/Users/BulkUsersController.php index 5541f7a15..9ded0ee8e 100644 --- a/app/Http/Controllers/Users/BulkUsersController.php +++ b/app/Http/Controllers/Users/BulkUsersController.php @@ -70,7 +70,7 @@ class BulkUsersController extends Controller // bulk password reset, just do the thing } elseif ($request->input('bulk_actions') == 'bulkpasswordreset') { foreach ($users as $user) { - if (($user->activated == '1') && ($user->email != '')) { + if (($user->activated == '1') && ($user->email != '') && ($user->ldap_import != '1')) { $credentials = ['email' => $user->email]; Password::sendResetLink($credentials/* , function (Message $message) { $message->subject($this->getEmailSubject()); // TODO - I'm not sure if we still need this, but this second parameter is no longer accepted in later Laravel versions. diff --git a/resources/lang/en-US/general.php b/resources/lang/en-US/general.php index db2830bcd..77670b5a7 100644 --- a/resources/lang/en-US/general.php +++ b/resources/lang/en-US/general.php @@ -573,5 +573,8 @@ return [ 'import_asset_tag_exists' => 'An asset with the asset tag :asset_tag already exists and an update was not requested. No change was made.', 'countries_manually_entered_help' => 'Values with an asterisk (*) were manually entered and do not match existing ISO 3166 dropdown values', 'accessories_assigned' => 'Assigned Accessories', + 'user_managed_passwords' => 'Password Management', + 'user_managed_passwords_disallow' => 'Disallow users from managing their own passwords', + 'user_managed_passwords_allow' => 'Allow users to manage their own passwords', ]; diff --git a/resources/views/account/view-assets.blade.php b/resources/views/account/view-assets.blade.php index b03069d45..f2eeba8f3 100755 --- a/resources/views/account/view-assets.blade.php +++ b/resources/views/account/view-assets.blade.php @@ -109,12 +109,15 @@ @endcan + + @if ($user->ldap_import!='1')
{{ trans('general.changepassword') }}
+ @endif @can('self.api')
diff --git a/resources/views/layouts/default.blade.php b/resources/views/layouts/default.blade.php index a884a28d0..eb02277a0 100644 --- a/resources/views/layouts/default.blade.php +++ b/resources/views/layouts/default.blade.php @@ -373,12 +373,14 @@ dir="{{ Helper::determineLanguageDirection() }}"> @endcan + @if (Auth::user()->ldap_import!='1')
  • {{ trans('general.changepassword') }}
    • + @endif @can('self.api') diff --git a/resources/views/users/bulk-edit.blade.php b/resources/views/users/bulk-edit.blade.php index 25519ef27..19b24bbe8 100644 --- a/resources/views/users/bulk-edit.blade.php +++ b/resources/views/users/bulk-edit.blade.php @@ -144,7 +144,7 @@
    - {{ trans('general.ldap_sync') }} + {{ trans('general.user_managed_passwords') }}
    +