summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--EVENTS.txt4
-rw-r--r--actions/passwordsettings.php14
-rw-r--r--lib/accountsettingsaction.php35
-rw-r--r--plugins/Ldap/LdapPlugin.php11
4 files changed, 49 insertions, 15 deletions
diff --git a/EVENTS.txt b/EVENTS.txt
index 25a51516b..c3fe73134 100644
--- a/EVENTS.txt
+++ b/EVENTS.txt
@@ -489,6 +489,10 @@ ChangePassword: Handle a password change request
- $newpassword: the desired new password
- &$errormsg: set this to an error message if the password could not be changed. If the password was changed, leave this as false
+CanUserChangeField: Determines if a user is allowed to change a specific profile field
+- $nickname: nickname of the user who would like to know which of their profile fields are mutable
+- $field: name of the field the user wants to change (nickname, fullname, password, avatar, etc)
+
UserDeleteRelated: Specify additional tables to delete entries from when deleting users
- $user: User object
- &$related: array of DB_DataObject class names to delete entries on matching user_id.
diff --git a/actions/passwordsettings.php b/actions/passwordsettings.php
index 6658d279f..15539d4a0 100644
--- a/actions/passwordsettings.php
+++ b/actions/passwordsettings.php
@@ -58,6 +58,19 @@ class PasswordsettingsAction extends AccountSettingsAction
return _('Change password');
}
+ function prepare($args){
+ parent::prepare($args);
+
+ $user = common_current_user();
+
+ Event::handle('CanUserChangeField', array($user->nickname, 'password'));
+
+ if(! $fields['password']){
+ //user is not allowed to change his password
+ $this->clientError(_('You are not allowed to change your password'));
+ }
+ }
+
/**
* Instructions for use
*
@@ -86,6 +99,7 @@ class PasswordsettingsAction extends AccountSettingsAction
function showContent()
{
$user = common_current_user();
+
$this->elementStart('form', array('method' => 'POST',
'id' => 'form_password',
'class' => 'form_settings',
diff --git a/lib/accountsettingsaction.php b/lib/accountsettingsaction.php
index a004a3ed9..9865e1748 100644
--- a/lib/accountsettingsaction.php
+++ b/lib/accountsettingsaction.php
@@ -102,26 +102,31 @@ class AccountSettingsNav extends Widget
$this->action->elementStart('ul', array('class' => 'nav'));
if (Event::handle('StartAccountSettingsNav', array(&$this->action))) {
+ $user = common_current_user();
- $menu =
- array('profilesettings' =>
+ $menu = array();
+ $menu['profilesettings'] =
array(_('Profile'),
- _('Change your profile settings')),
- 'avatarsettings' =>
- array(_('Avatar'),
- _('Upload an avatar')),
- 'passwordsettings' =>
- array(_('Password'),
- _('Change your password')),
- 'emailsettings' =>
+ _('Change your profile settings'));
+ if(Event::handle('CanUserChangeField', array($user->nickname, 'avatar'))){
+ $menu['avatarsettings'] =
+ array(_('Avatar'),
+ _('Upload an avatar'));
+ }
+ if(Event::handle('CanUserChangeField', array($user->nickname, 'password'))){
+ $menu['passwordsettings'] =
+ array(_('Password'),
+ _('Change your password'));
+ }
+ $menu['emailsettings'] =
array(_('Email'),
- _('Change email handling')),
- 'userdesignsettings' =>
+ _('Change email handling'));
+ $menu['userdesignsettings'] =
array(_('Design'),
- _('Design your profile')),
- 'othersettings' =>
+ _('Design your profile'));
+ $menu['othersettings'] =
array(_('Other'),
- _('Other options')));
+ _('Other options'));
foreach ($menu as $menuaction => $menudesc) {
$this->action->menuItem(common_local_url($menuaction),
diff --git a/plugins/Ldap/LdapPlugin.php b/plugins/Ldap/LdapPlugin.php
index 755562f54..3795ffd7f 100644
--- a/plugins/Ldap/LdapPlugin.php
+++ b/plugins/Ldap/LdapPlugin.php
@@ -102,4 +102,15 @@ class LdapPlugin extends Plugin
//return false, indicating that the event has been handled
return false;
}
+
+ function onCanUserChangeField($nickname, $field)
+ {
+ switch($field)
+ {
+ case 'password':
+ case 'nickname':
+ case 'email':
+ return false;
+ }
+ }
}