From 19d20ef6c3b76145e2ea0ebf96a7519eda3bf64d Mon Sep 17 00:00:00 2001
From: Simon Green <mail@simon.green>
Date: Sun, 23 Aug 2015 01:33:45 -0400
Subject: Bug 670669 - Changing the e-mail address under account prefs does not
 require current password if can_change_password is false r=dkl, a=simon

---
 Bugzilla/User.pm | 18 ++++++++++++++++++
 1 file changed, 18 insertions(+)

(limited to 'Bugzilla/User.pm')

diff --git a/Bugzilla/User.pm b/Bugzilla/User.pm
index d6c1f1225..01d5fdf4e 100644
--- a/Bugzilla/User.pm
+++ b/Bugzilla/User.pm
@@ -2357,6 +2357,19 @@ sub account_ip_login_failures {
     return $self->{account_ip_login_failures};
 }
 
+sub check_current_password {
+    my $self = shift;
+    my $password = shift || ThrowUserError("current_password_required");
+
+    my $cryptpwd
+        = $self->cryptpassword || ThrowCodeError("unable_to_retrieve_password");
+
+    if (bz_crypt($password, $cryptpwd) ne $cryptpwd) {
+        ThrowUserError("current_password_incorrect");
+    }
+
+}
+
 ###############
 # Subroutines #
 ###############
@@ -3103,6 +3116,11 @@ set_groups.
 
 C<bool> - Sets C<disable_mail> to the inverse of the boolean provided.
 
+=item C<check_current_password>
+
+C<string> - Throws an error if the supplied password does not match the
+user's current password.
+
 =back
 
 =head1 CLASS FUNCTIONS
-- 
cgit v1.2.3-24-g4f1b