Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 45d31f16 authored by Florent VINCENT's avatar Florent VINCENT 👾
Browse files

Merge branch 'reset-password-patches' into 'master' 

Added patches for recovery email  field

See merge request !14
parents 35d8e7a2 3386d1a9

.gitlab-ci.yml

+5 −3
Original line number Diff line number Diff line
@@ -2,13 +2,15 @@ 
# improved performance.

variables:

  DOCKER_DRIVER: overlay2

  DOCKER_TLS_CERTDIR: "/certs"

  

default:

  image: docker:stable

  image: docker:19.03.12



  services:

    - docker:dind

    - docker:19.03.12-dind

  before_script:

    - docker info

    - docker login -u "$CI_REGISTRY_USER" -p "$CI_REGISTRY_PASSWORD" $CI_REGISTRY

  tags:

    - generic_privileged

Dockerfile

+1 −0
Original line number Diff line number Diff line
@@ -54,6 +54,7 @@ RUN patch -u ${BASE_DIR}/core/Controller/ContactsMenuController.php -i ${TMP_PAT 
RUN cd ${BASE_DIR} && patch -p0 < ${TMP_PATCH_DIR}/005-autocomplete-user-leak-core.patch

RUN cd ${BASE_DIR}/custom_apps && patch -p0 < ${TMP_PATCH_DIR}/005-autocomplete-user-leak-custom-app.patch

RUN patch -u ${BASE_DIR}/custom_apps/notes/lib/Service/NoteUtil.php -i ${TMP_PATCH_DIR}/006-notes-url-fix.patch

RUN cd ${BASE_DIR} && patch -p0 < ${TMP_PATCH_DIR}/007-recovery-email-changes.patch

RUN rm -rf ${TMP_PATCH_DIR}



# autocomplete leak tweak apps frontend with sed, disable group suggestion

patches/007-recovery-email-changes.patch

0 → 100644
+34 −0
Original line number Diff line number Diff line 
--- ./core/Controller/LostController.php	2021-03-26 09:51:09.317785801 +0530

+++ ./core/Controller/LostController.new.php	2021-03-26 09:51:35.490073707 +0530

@@ -205,8 +205,9 @@

 		}

 

 		try {

-			$mailAddress = !is_null($user->getEMailAddress()) ? $user->getEMailAddress() : '';

-			$decryptedToken = $this->crypto->decrypt($encryptedToken, $mailAddress.$this->config->getSystemValue('secret'));

+			$recoveryEmail = $this->config->getUserValue($userId, 'email-recovery', 'recovery-email');

+			$mailAddress = is_null($recoveryEmail) ? '' : $recoveryEmail;

+ 			$decryptedToken = $this->crypto->decrypt($encryptedToken, $mailAddress.$this->config->getSystemValue('secret'));

 		} catch (\Exception $e) {

 			throw new \Exception($this->l10n->t('Couldn\'t reset password because the token is invalid'));

 		}

@@ -334,7 +335,7 @@

 	 */

 	protected function sendEmail($input) {

 		$user = $this->findUserByIdOrMail($input);

-		$email = $user->getEMailAddress();

+		$email = $this->config->getUserValue($user->getUID(), 'email-recovery', 'recovery-email');

 

 		if (empty($email)) {

 			throw new ResetPasswordException('Could not send reset e-mail since there is no email for username ' . $input);--- ./personal.info.original.php	2021-03-26 11:34:48.659322845 +0530--- ./personal.info.original.php	2021-03-26 11:34:48.659322845 +0530

--- ./apps/settings/templates/settings/personal/personal.info.php	2021-03-26 11:34:48.659322845 +0530

+++ ./apps/settings/templates/settings/personal/personal.info.new.php	2021-03-26 11:42:51.729044400 +0530

@@ -113,7 +113,7 @@

 									print_unescaped('class="hidden"');

 								} ?>

 					   value="<?php p($_['displayName']) ?>"

-					   autocomplete="on" autocapitalize="none" autocorrect="off" />

+					   autocomplete="on" autocapitalize="none" autocorrect="off" readonly />

 				<?php if (!$_['displayNameChangeSupported']) { ?>

 					<span><?php if (isset($_['displayName']) && !empty($_['displayName'])) {

 									p($_['displayName']);