summaryrefslogtreecommitdiffstats
path: root/template/en/default/account
diff options
context:
space:
mode:
authorFrédéric Buclin <LpSolit@gmail.com>2016-02-23 23:49:18 +0100
committerFrédéric Buclin <LpSolit@gmail.com>2016-02-23 23:49:18 +0100
commit8c597ceae28ba1bbe1780d88397af7ab065c613d (patch)
treeb73fdf744bb00b482cd7ebba4b4f2262266be095 /template/en/default/account
parent0856fd924fdfd2e5ed08b2f25ef7e1ebe69f9aca (diff)
downloadbugzilla-8c597ceae28ba1bbe1780d88397af7ab065c613d.tar.gz
bugzilla-8c597ceae28ba1bbe1780d88397af7ab065c613d.tar.xz
Bug 1250354: The "Forgot password" link should not be displayed if users are not allowed to change it
r=dkl
Diffstat (limited to 'template/en/default/account')
-rw-r--r--template/en/default/account/auth/login-small.html.tmpl49
1 files changed, 26 insertions, 23 deletions
diff --git a/template/en/default/account/auth/login-small.html.tmpl b/template/en/default/account/auth/login-small.html.tmpl
index 1b7c6b02e..39b1f8538 100644
--- a/template/en/default/account/auth/login-small.html.tmpl
+++ b/template/en/default/account/auth/login-small.html.tmpl
@@ -27,8 +27,6 @@
<a id="login_link[% qs_suffix %]" href="[% script_url FILTER html %]"
onclick="return show_mini_login_form('[% qs_suffix %]')">Log In</a>
- [% Hook.process('additional_methods') %]
-
<form action="[% login_target FILTER html %]" method="POST"
class="mini_login bz_default_hidden"
id="mini_login[% qs_suffix FILTER html %]">
@@ -56,24 +54,29 @@
<a href="#" onclick="return hide_mini_login_form('[% qs_suffix %]')">[x]</a>
</form>
</li>
-<li id="forgot_container[% qs_suffix %]">
- <span class="separator">| </span>
- <a id="forgot_link[% qs_suffix %]" href="createaccount.cgi?request_new_password=1"
- onclick="return show_forgot_form('[% qs_suffix %]')">Forgot Password</a>
- <form action="token.cgi" method="post" id="forgot_form[% qs_suffix %]"
- class="mini_forgot bz_default_hidden">
- <label for="login[% qs_suffix FILTER html %]">Login:</label>
- <input name="loginname" size="20" id="login[% qs_suffix FILTER html %]" required
- [% IF login_not_email %]
- placeholder="Your Login"
- [% ELSE %]
- type="email" placeholder="Your Email Address"
- [% END %]>
- <input id="forgot_button[% qs_suffix %]" value="Reset Password"
- type="submit">
- <input type="hidden" name="a" value="reqpw">
- <input type="hidden" id="token[% qs_suffix FILTER html %]" name="token"
- value="[% issue_hash_token(['reqpw']) FILTER html %]">
- <a href="#" onclick="return hide_forgot_form('[% qs_suffix %]')">[x]</a>
- </form>
-</li>
+
+[% Hook.process('additional_methods') %]
+
+[% IF user.authorizer.can_change_password %]
+ <li id="forgot_container[% qs_suffix %]">
+ <span class="separator">| </span>
+ <a id="forgot_link[% qs_suffix %]" href="createaccount.cgi?request_new_password=1"
+ onclick="return show_forgot_form('[% qs_suffix %]')">Forgot Password</a>
+ <form action="token.cgi" method="post" id="forgot_form[% qs_suffix %]"
+ class="mini_forgot bz_default_hidden">
+ <label for="login[% qs_suffix FILTER html %]">Login:</label>
+ <input name="loginname" size="20" id="login[% qs_suffix FILTER html %]" required
+ [% IF login_not_email %]
+ placeholder="Your Login"
+ [% ELSE %]
+ type="email" placeholder="Your Email Address"
+ [% END %]>
+ <input id="forgot_button[% qs_suffix %]" value="Reset Password"
+ type="submit">
+ <input type="hidden" name="a" value="reqpw">
+ <input type="hidden" id="token[% qs_suffix FILTER html %]" name="token"
+ value="[% issue_hash_token(['reqpw']) FILTER html %]">
+ <a href="#" onclick="return hide_forgot_form('[% qs_suffix %]')">[x]</a>
+ </form>
+ </li>
+[% END %]