Removes membership providers stuff from back office, removes all old legacy rules for passwords and membership providers.
This commit is contained in:
Shannon
@@ -90,7 +90,7 @@
|
||||
$location.search('invite', null);
|
||||
}),
|
||||
//get the membership provider config for password policies
|
||||
authResource.getPasswordConfig().then(function (data) {
|
||||
authResource.getPasswordConfig(0).then(function (data) {
|
||||
vm.invitedUserPasswordModel.passwordPolicies = data;
|
||||
|
||||
//localize the text
|
||||
|
||||
@@ -15,21 +15,14 @@
|
||||
var unsubscribe = [];
|
||||
|
||||
function resetModel(isNew) {
|
||||
//the model config will contain an object, if it does not we'll create defaults
|
||||
//NOTE: We will not support doing the password regex on the client side because the regex on the server side
|
||||
//based on the membership provider cannot always be ported to js from .net directly.
|
||||
//the model config will contain an object, if it does not we'll create defaults
|
||||
/*
|
||||
{
|
||||
hasPassword: true/false,
|
||||
requiresQuestionAnswer: true/false,
|
||||
enableReset: true/false,
|
||||
enablePasswordRetrieval: true/false,
|
||||
minPasswordLength: 10
|
||||
}
|
||||
*/
|
||||
|
||||
vm.showReset = false;
|
||||
|
||||
//set defaults if they are not available
|
||||
if (vm.config.disableToggle === undefined) {
|
||||
vm.config.disableToggle = false;
|
||||
@@ -37,20 +30,6 @@
|
||||
if (vm.config.hasPassword === undefined) {
|
||||
vm.config.hasPassword = false;
|
||||
}
|
||||
if (vm.config.enablePasswordRetrieval === undefined) {
|
||||
vm.config.enablePasswordRetrieval = true;
|
||||
}
|
||||
if (vm.config.requiresQuestionAnswer === undefined) {
|
||||
vm.config.requiresQuestionAnswer = false;
|
||||
}
|
||||
//don't enable reset if it is new - that doesn't make sense
|
||||
if (isNew === "true") {
|
||||
vm.config.enableReset = false;
|
||||
}
|
||||
else if (vm.config.enableReset === undefined) {
|
||||
vm.config.enableReset = true;
|
||||
}
|
||||
|
||||
if (vm.config.minPasswordLength === undefined) {
|
||||
vm.config.minPasswordLength = 0;
|
||||
}
|
||||
@@ -60,9 +39,7 @@
|
||||
//if it's not an object then just create a new one
|
||||
vm.passwordValues = {
|
||||
newPassword: null,
|
||||
oldPassword: null,
|
||||
reset: null,
|
||||
answer: null
|
||||
oldPassword: null
|
||||
};
|
||||
}
|
||||
else {
|
||||
@@ -73,8 +50,6 @@
|
||||
vm.passwordValues.newPassword = null;
|
||||
vm.passwordValues.oldPassword = null;
|
||||
}
|
||||
vm.passwordValues.reset = null;
|
||||
vm.passwordValues.answer = null;
|
||||
}
|
||||
|
||||
//the value to compare to match passwords
|
||||
@@ -143,8 +118,7 @@
|
||||
|
||||
function showOldPass() {
|
||||
return vm.config.hasPassword &&
|
||||
!vm.config.allowManuallyChangingPassword &&
|
||||
!vm.config.enablePasswordRetrieval && !vm.showReset;
|
||||
!vm.config.allowManuallyChangingPassword;
|
||||
};
|
||||
|
||||
// TODO: I don't think we need this or the cancel button, this can be up to the editor rendering this component
|
||||
|
||||
@@ -204,13 +204,13 @@ function authResource($q, $http, umbRequestHelper, angularHelper) {
|
||||
* @description
|
||||
* Gets the configuration of the user membership provider which is used to configure the change password form
|
||||
*/
|
||||
getPasswordConfig: function () {
|
||||
return umbRequestHelper.resourcePromise(
|
||||
$http.get(
|
||||
umbRequestHelper.getApiUrl(
|
||||
"authenticationApiBaseUrl",
|
||||
"GetPasswordConfig")),
|
||||
'Failed to retrieve membership provider config');
|
||||
getPasswordConfig: function (userId) {
|
||||
return umbRequestHelper.resourcePromise(
|
||||
$http.get(
|
||||
umbRequestHelper.getApiUrl(
|
||||
"authenticationApiBaseUrl",
|
||||
"GetPasswordConfig", { userId: userId })),
|
||||
'Failed to retrieve membership provider config');
|
||||
},
|
||||
|
||||
/**
|
||||
|
||||
@@ -87,6 +87,17 @@ angular.module("umbraco")
|
||||
}
|
||||
}
|
||||
});
|
||||
|
||||
//go get the config for the membership provider and add it to the model
|
||||
authResource.getPasswordConfig(user.id).then(function (data) {
|
||||
$scope.changePasswordModel.config = data;
|
||||
//ensure the hasPassword config option is set to true (the user of course has a password already assigned)
|
||||
//this will ensure the oldPassword is shown so they can change it
|
||||
// disable reset password functionality beacuse it does not make sense inside the backoffice
|
||||
$scope.changePasswordModel.config.hasPassword = true;
|
||||
$scope.changePasswordModel.config.disableToggle = true;
|
||||
});
|
||||
|
||||
}
|
||||
});
|
||||
}
|
||||
@@ -103,6 +114,12 @@ angular.module("umbraco")
|
||||
});
|
||||
}
|
||||
|
||||
//create the initial model for change password
|
||||
$scope.changePasswordModel = {
|
||||
config: {},
|
||||
value: {}
|
||||
};
|
||||
|
||||
updateUserInfo();
|
||||
|
||||
//remove all event handlers
|
||||
@@ -113,25 +130,6 @@ angular.module("umbraco")
|
||||
|
||||
});
|
||||
|
||||
/* ---------- UPDATE PASSWORD ---------- */
|
||||
|
||||
//create the initial model for change password
|
||||
$scope.changePasswordModel = {
|
||||
config: {},
|
||||
value: {}
|
||||
};
|
||||
|
||||
//go get the config for the membership provider and add it to the model
|
||||
authResource.getPasswordConfig().then(function(data) {
|
||||
$scope.changePasswordModel.config = data;
|
||||
//ensure the hasPassword config option is set to true (the user of course has a password already assigned)
|
||||
//this will ensure the oldPassword is shown so they can change it
|
||||
// disable reset password functionality beacuse it does not make sense inside the backoffice
|
||||
$scope.changePasswordModel.config.hasPassword = true;
|
||||
$scope.changePasswordModel.config.disableToggle = true;
|
||||
$scope.changePasswordModel.config.enableReset = false;
|
||||
});
|
||||
|
||||
$scope.changePassword = function() {
|
||||
|
||||
if (formHelper.submitForm({ scope: $scope })) {
|
||||
|
||||
@@ -1,9 +1,4 @@
|
||||
<div>
|
||||
<div class="alert alert-success text-center" ng-hide="!vm.passwordValues.generatedPassword">
|
||||
<small>Password has been reset to:</small>
|
||||
<br />
|
||||
<strong>{{vm.passwordValues.generatedPassword}}</strong>
|
||||
</div>
|
||||
<div ng-switch="vm.changing">
|
||||
<div ng-switch-when="false">
|
||||
<button type="button" ng-click="vm.doChange()" class="btn umb-button__button btn-action">
|
||||
@@ -13,15 +8,7 @@
|
||||
<div ng-switch-when="true">
|
||||
|
||||
<ng-form name="changePasswordForm">
|
||||
<umb-control-group alias="resetPassword" label="@user_resetPassword" ng-show="vm.config.enableReset">
|
||||
<umb-checkbox model="vm.passwordValues.reset" server-validation-field="resetPassword"
|
||||
on-change="vm.showReset = !vm.showReset" />
|
||||
<span ng-messages="changePasswordForm.resetPassword.$error" show-validation-on-submit>
|
||||
<span class="help-inline" ng-message="valServerField">{{changePasswordForm.resetPassword.errorMsg}}</span>
|
||||
</span>
|
||||
|
||||
</umb-control-group>
|
||||
|
||||
|
||||
<!-- we need to show the old pass field when the provider cannot retrieve the password -->
|
||||
<umb-control-group alias="oldPassword" label="@user_oldPassword" ng-if="vm.showOldPass()" required="true">
|
||||
<input type="password" name="oldPassword" ng-model="vm.passwordValues.oldPassword"
|
||||
@@ -35,7 +22,7 @@
|
||||
</span>
|
||||
</umb-control-group>
|
||||
|
||||
<umb-control-group alias="password" label="@user_newPassword" ng-if="!vm.showReset" required="true">
|
||||
<umb-control-group alias="password" label="@user_newPassword" required="true">
|
||||
<input type="password" name="password" ng-model="vm.passwordValues.newPassword"
|
||||
class="input-block-level umb-textstring textstring"
|
||||
required
|
||||
@@ -49,7 +36,7 @@
|
||||
</span>
|
||||
</umb-control-group>
|
||||
|
||||
<umb-control-group alias="confirmPassword" label="@user_confirmNewPassword" ng-if="!vm.showReset" required="true">
|
||||
<umb-control-group alias="confirmPassword" label="@user_confirmNewPassword" required="true">
|
||||
<input type="password" name="confirmPassword" ng-model="vm.passwordValues.confirm"
|
||||
class="input-block-level umb-textstring textstring"
|
||||
val-compare="password"
|
||||
|
||||
@@ -145,13 +145,6 @@ function MemberEditController($scope, $routeParams, $location, appState, memberR
|
||||
|
||||
$scope.page.saveButtonState = "busy";
|
||||
|
||||
//anytime a user is changing a member's password without the oldPassword, we are in effect resetting it so we need to set that flag here
|
||||
var passwordProp = _.find(contentEditingHelper.getAllProps($scope.content), function (e) { return e.alias === '_umb_password' });
|
||||
if (passwordProp && passwordProp.value && (typeof passwordProp.value.reset !== 'undefined') && !passwordProp.value.reset) {
|
||||
// if the admin is not explicitly resetting the password, flag it for resetting if a new password is being entered
|
||||
passwordProp.value.reset = !passwordProp.value.oldPassword && passwordProp.config.allowManuallyChangingPassword;
|
||||
}
|
||||
|
||||
memberResource.save($scope.content, create, fileManager.getFiles())
|
||||
.then(function(data) {
|
||||
|
||||
|
||||
@@ -4,15 +4,10 @@ angular.module("umbraco").controller("Umbraco.PropertyEditors.ChangePasswordCont
|
||||
$scope.isNew = $routeParams.create;
|
||||
|
||||
function resetModel() {
|
||||
//the model config will contain an object, if it does not we'll create defaults
|
||||
//NOTE: We will not support doing the password regex on the client side because the regex on the server side
|
||||
//based on the membership provider cannot always be ported to js from .net directly.
|
||||
//the model config will contain an object, if it does not we'll create defaults
|
||||
/*
|
||||
{
|
||||
hasPassword: true/false,
|
||||
requiresQuestionAnswer: true/false,
|
||||
enableReset: true/false,
|
||||
enablePasswordRetrieval: true/false,
|
||||
hasPassword: true/false,
|
||||
minPasswordLength: 10
|
||||
}
|
||||
*/
|
||||
@@ -23,16 +18,7 @@ angular.module("umbraco").controller("Umbraco.PropertyEditors.ChangePasswordCont
|
||||
}
|
||||
if (!$scope.model.config || $scope.model.config.hasPassword === undefined) {
|
||||
$scope.model.config.hasPassword = false;
|
||||
}
|
||||
if (!$scope.model.config || $scope.model.config.enablePasswordRetrieval === undefined) {
|
||||
$scope.model.config.enablePasswordRetrieval = true;
|
||||
}
|
||||
if (!$scope.model.config || $scope.model.config.requiresQuestionAnswer === undefined) {
|
||||
$scope.model.config.requiresQuestionAnswer = false;
|
||||
}
|
||||
if (!$scope.model.config || $scope.model.config.enableReset === undefined) {
|
||||
$scope.model.config.enableReset = true;
|
||||
}
|
||||
}
|
||||
if (!$scope.model.config || $scope.model.config.minPasswordLength === undefined) {
|
||||
$scope.model.config.minPasswordLength = 0;
|
||||
}
|
||||
|
||||
@@ -80,27 +80,13 @@
|
||||
vm.usernameIsEmail = Umbraco.Sys.ServerVariables.umbracoSettings.usernameIsEmail && user.email === user.username;
|
||||
|
||||
//go get the config for the membership provider and add it to the model
|
||||
authResource.getPasswordConfig().then(function (data) {
|
||||
authResource.getPasswordConfig(user.id).then(function (data) {
|
||||
vm.changePasswordModel.config = data;
|
||||
|
||||
//the user has a password if they are not states: Invited, NoCredentials
|
||||
vm.changePasswordModel.config.hasPassword = vm.user.userState !== 3 && vm.user.userState !== 4;
|
||||
|
||||
vm.changePasswordModel.config.disableToggle = true;
|
||||
|
||||
//this is only relavent for membership providers now (it's basically obsolete)
|
||||
vm.changePasswordModel.config.enableReset = false;
|
||||
|
||||
//in the ASP.NET Identity world, this config option will allow an admin user to change another user's password
|
||||
//if the user has access to the user section. So if this editor is being access, the user of course has access to this section.
|
||||
//the authorization check is also done on the server side when submitted.
|
||||
|
||||
// only update the setting if not the current logged in user, otherwise leave the value as it is
|
||||
// currently set in the web.config
|
||||
if (!vm.user.isCurrentUser)
|
||||
{
|
||||
vm.changePasswordModel.config.allowManuallyChangingPassword = true;
|
||||
}
|
||||
|
||||
vm.loading = false;
|
||||
});
|
||||
@@ -134,16 +120,7 @@
|
||||
|
||||
if (formHelper.submitForm({ scope: $scope })) {
|
||||
|
||||
//anytime a user is changing another user's password, we are in effect resetting it so we need to set that flag here
|
||||
if (vm.user.changePassword) {
|
||||
//NOTE: the check for allowManuallyChangingPassword is due to this legacy user membership provider setting, if that is true, then the current user
|
||||
//can change their own password without entering their current one (this is a legacy setting since that is a security issue but we need to maintain compat).
|
||||
//if allowManuallyChangingPassword=false, then we are using default settings and the user will need to enter their old password to change their own password.
|
||||
vm.user.changePassword.reset = (!vm.user.changePassword.oldPassword && !vm.user.isCurrentUser) || vm.changePasswordModel.config.allowManuallyChangingPassword;
|
||||
}
|
||||
|
||||
vm.page.saveButtonState = "busy";
|
||||
vm.user.resetPasswordValue = null;
|
||||
|
||||
//save current nav to be restored later so that the tabs dont change
|
||||
var currentNav = vm.user.navigation;
|
||||
|
||||
Reference in New Issue
Block a user