diff options
author | Simon Green <mail@simon.green> | 2015-08-23 07:33:45 +0200 |
---|---|---|
committer | Simon Green <mail@simon.green> | 2015-08-23 07:33:45 +0200 |
commit | 19d20ef6c3b76145e2ea0ebf96a7519eda3bf64d (patch) | |
tree | b12118c4f37e76ffee72e0053619d47ff35b1885 /Bugzilla | |
parent | d3a74a9278457522a6361492fe49e9f984b04a5e (diff) | |
download | bugzilla-19d20ef6c3b76145e2ea0ebf96a7519eda3bf64d.tar.gz bugzilla-19d20ef6c3b76145e2ea0ebf96a7519eda3bf64d.tar.xz |
Bug 670669 - Changing the e-mail address under account prefs does not require current password if can_change_password is false
r=dkl, a=simon
Diffstat (limited to 'Bugzilla')
-rw-r--r-- | Bugzilla/User.pm | 18 |
1 files changed, 18 insertions, 0 deletions
diff --git a/Bugzilla/User.pm b/Bugzilla/User.pm index d6c1f1225..01d5fdf4e 100644 --- a/Bugzilla/User.pm +++ b/Bugzilla/User.pm @@ -2357,6 +2357,19 @@ sub account_ip_login_failures { return $self->{account_ip_login_failures}; } +sub check_current_password { + my $self = shift; + my $password = shift || ThrowUserError("current_password_required"); + + my $cryptpwd + = $self->cryptpassword || ThrowCodeError("unable_to_retrieve_password"); + + if (bz_crypt($password, $cryptpwd) ne $cryptpwd) { + ThrowUserError("current_password_incorrect"); + } + +} + ############### # Subroutines # ############### @@ -3103,6 +3116,11 @@ set_groups. C<bool> - Sets C<disable_mail> to the inverse of the boolean provided. +=item C<check_current_password> + +C<string> - Throws an error if the supplied password does not match the +user's current password. + =back =head1 CLASS FUNCTIONS |