X-Git-Url: http://source.bookstackapp.com/bookstack/blobdiff_plain/c429cf78187e80deb63982a282a1c6889f30291a..refs/pull/3083/head:/app/Http/Controllers/UserController.php diff --git a/app/Http/Controllers/UserController.php b/app/Http/Controllers/UserController.php index f7b2afef8..a78f921f2 100644 --- a/app/Http/Controllers/UserController.php +++ b/app/Http/Controllers/UserController.php @@ -13,6 +13,7 @@ use BookStack\Uploads\ImageRepo; use Exception; use Illuminate\Http\Request; use Illuminate\Support\Str; +use Illuminate\Validation\Rules\Password; use Illuminate\Validation\ValidationException; class UserController extends Controller @@ -74,18 +75,18 @@ class UserController extends Controller { $this->checkPermission('users-manage'); $validationRules = [ - 'name' => 'required', - 'email' => 'required|email|unique:users,email', + 'name' => ['required'], + 'email' => ['required', 'email', 'unique:users,email'], ]; $authMethod = config('auth.method'); $sendInvite = ($request->get('send_invite', 'false') === 'true'); if ($authMethod === 'standard' && !$sendInvite) { - $validationRules['password'] = 'required|min:6'; - $validationRules['password-confirm'] = 'required|same:password'; - } elseif ($authMethod === 'ldap' || $authMethod === 'saml2') { - $validationRules['external_auth_id'] = 'required'; + $validationRules['password'] = ['required', Password::default()]; + $validationRules['password-confirm'] = ['required', 'same:password']; + } elseif ($authMethod === 'ldap' || $authMethod === 'saml2' || $authMethod === 'openid') { + $validationRules['external_auth_id'] = ['required']; } $this->validate($request, $validationRules); @@ -93,7 +94,7 @@ class UserController extends Controller if ($authMethod === 'standard') { $user->password = bcrypt($request->get('password', Str::random(32))); - } elseif ($authMethod === 'ldap' || $authMethod === 'saml2') { + } elseif ($authMethod === 'ldap' || $authMethod === 'saml2' || $authMethod === 'openid') { $user->external_auth_id = $request->get('external_auth_id'); } @@ -123,17 +124,20 @@ class UserController extends Controller { $this->checkPermissionOrCurrentUser('users-manage', $id); - $user = $this->user->newQuery()->with(['apiTokens'])->findOrFail($id); + /** @var User $user */ + $user = $this->user->newQuery()->with(['apiTokens', 'mfaValues'])->findOrFail($id); $authMethod = ($user->system_name) ? 'system' : config('auth.method'); $activeSocialDrivers = $socialAuthService->getActiveDrivers(); + $mfaMethods = $user->mfaValues->groupBy('method'); $this->setPageTitle(trans('settings.user_profile')); $roles = $this->userRepo->getAllRoles(); return view('users.edit', [ 'user' => $user, 'activeSocialDrivers' => $activeSocialDrivers, + 'mfaMethods' => $mfaMethods, 'authMethod' => $authMethod, 'roles' => $roles, ]); @@ -152,12 +156,12 @@ class UserController extends Controller $this->checkPermissionOrCurrentUser('users-manage', $id); $this->validate($request, [ - 'name' => 'min:2', - 'email' => 'min:2|email|unique:users,email,' . $id, - 'password' => 'min:6|required_with:password_confirm', - 'password-confirm' => 'same:password|required_with:password', - 'setting' => 'array', - 'profile_image' => 'nullable|' . $this->getImageValidationRules(), + 'name' => ['min:2'], + 'email' => ['min:2', 'email', 'unique:users,email,' . $id], + 'password' => ['required_with:password_confirm', Password::default()], + 'password-confirm' => ['same:password', 'required_with:password'], + 'setting' => ['array'], + 'profile_image' => array_merge(['nullable'], $this->getImageValidationRules()), ]); $user = $this->userRepo->getById($id);