浏览代码

Merge branch 'master' of https://github.com/rkeil-git/pwm

rkeil 8 年之前
父节点
当前提交
52ac2d110b

+ 6 - 16
server/src/main/java/password/pwm/ws/server/rest/RestProfileServer.java

@@ -25,6 +25,7 @@ package password.pwm.ws.server.rest;
 import com.novell.ldapchai.ChaiUser;
 import com.novell.ldapchai.exception.ChaiUnavailableException;
 import password.pwm.Permission;
+import password.pwm.config.profile.UpdateAttributesProfile;
 import password.pwm.config.value.data.FormConfiguration;
 import password.pwm.util.form.FormUtility;
 import password.pwm.config.PwmSetting;
@@ -36,7 +37,6 @@ import password.pwm.http.PwmRequest;
 import password.pwm.http.servlet.UpdateProfileServlet;
 import password.pwm.i18n.Message;
 import password.pwm.ldap.UserInfo;
-import password.pwm.ldap.UserInfoFactory;
 import password.pwm.util.FormMap;
 import password.pwm.ws.server.RestRequestBean;
 import password.pwm.ws.server.RestResultBean;
@@ -99,35 +99,25 @@ public class RestProfileServer extends AbstractRestServer {
             throws PwmUnrecoverableException, ChaiUnavailableException
     {
         final RestRequestBean restRequestBean = RestServerHelper.initializeRestRequest(request, response, SERVICE_PERMISSIONS, username);
+        final UpdateAttributesProfile updateAttributesProfile = restRequestBean.getPwmSession().getSessionManager().getUpdateAttributeProfile(restRequestBean.getPwmApplication());
 
         if (!restRequestBean.getPwmApplication().getConfig().readSettingAsBoolean(PwmSetting.UPDATE_PROFILE_ENABLE)) {
             throw new PwmUnrecoverableException(PwmError.ERROR_SERVICE_NOT_AVAILABLE);
         }
 
-        if (!restRequestBean.getPwmSession().getSessionManager().checkPermission(restRequestBean.getPwmApplication(), Permission.PROFILE_UPDATE)) {
-            throw new PwmUnrecoverableException(PwmError.ERROR_UNAUTHORIZED);
-        }
-
         final Map<String,String> profileData = new HashMap<>();
         {
             final Map<FormConfiguration,String> formData = new HashMap<>();
-            for (final FormConfiguration formConfiguration : restRequestBean.getPwmApplication().getConfig().readSettingAsForm(PwmSetting.UPDATE_PROFILE_FORM)) {
+            for (final FormConfiguration formConfiguration : updateAttributesProfile.readSettingAsForm(PwmSetting.UPDATE_PROFILE_FORM)) {
                 formData.put(formConfiguration,"");
             }
-            final List<FormConfiguration> formFields = restRequestBean.getPwmApplication().getConfig().readSettingAsForm(PwmSetting.UPDATE_PROFILE_FORM);
+            final List<FormConfiguration> formFields = updateAttributesProfile.readSettingAsForm(PwmSetting.UPDATE_PROFILE_FORM);
 
             if (restRequestBean.getUserIdentity() != null) {
                 final UserInfo userInfo = restRequestBean.getPwmSession().getUserInfo();
                 FormUtility.populateFormMapFromLdap(formFields, restRequestBean.getPwmSession().getLabel(), formData, userInfo);
             } else {
-                final UserInfo userInfo = UserInfoFactory.newUserInfo(
-                        restRequestBean.getPwmApplication(),
-                        restRequestBean.getPwmSession().getLabel(),
-                        restRequestBean.getPwmSession().getSessionStateBean().getLocale(),
-                        restRequestBean.getUserIdentity(),
-                        restRequestBean.getPwmSession().getSessionManager().getChaiProvider()
-                );
-                FormUtility.populateFormMapFromLdap(formFields, restRequestBean.getPwmSession().getLabel(), formData, userInfo);
+                throw new PwmUnrecoverableException(PwmError.ERROR_NO_PROFILE_ASSIGNED);
             }
 
             for (final FormConfiguration formConfig : formData.keySet()) {
@@ -137,7 +127,7 @@ public class RestProfileServer extends AbstractRestServer {
 
         final JsonProfileData outputData = new JsonProfileData();
         outputData.profile = profileData;
-        outputData.formDefinition = restRequestBean.getPwmApplication().getConfig().readSettingAsForm(PwmSetting.UPDATE_PROFILE_FORM);
+        outputData.formDefinition = updateAttributesProfile.readSettingAsForm(PwmSetting.UPDATE_PROFILE_FORM);
         final RestResultBean restResultBean = new RestResultBean();
         restResultBean.setData(outputData);
         return restResultBean;

+ 1 - 1
server/src/main/resources/password/pwm/i18n/PwmSetting.properties

@@ -668,7 +668,7 @@ Setting_Description_token.length=Specify the length of the email token
 Setting_Description_token.lifetime=Specify the default lifetime an token is valid (in seconds). The default is one hour.  This default may be overridden by module specific settings.
 Setting_Description_token.storageMethod=Select the storage method @PwmAppName@ uses to save issued tokens.<table style\="width\: 400px"><tr><td>Method</td><td>Description</td></tr><tr><td>LocalDB</td><td>Stores the tokens in the local embedded LocalDB database.  Tokens are not common across multiple application instances.</td></tr><tr><td>DB</td><td>Store the tokens in a configured, remote database.  Tokens work across multiple application instances.</td></tr><tr><td>Crypto</td><td>Use crypto to create and read tokens, they are not stored locally.  Tokens work across multiple application instances if they have the same Security Key.  Crypto tokens ignore the length rules and might be too long to use for SMS purposes.</td></tr><tr><td>LDAP</td><td>Use the LDAP directory to store tokens.  Tokens work across multiple application instances.  You cannot use LDAP tokens as New User Registration tokens.</td></tr></table>
 Setting_Description_updateAttributes.check.queryMatch=When you use the "checkProfile" or "checkAll" parameter with the command servlet, @PwmAppName@ uses this query match to determine if the user is required to populate the parameter values. <br/><br/>If this value is blank, then @PwmAppName@ checks the user's current values against the form requirements.
-Setting_Description_updateAttributes.email.verification=Enable this option to send an email to the user's email address before @PwmAppName@ updates the account.  The user must verify receipt of the email before @PwmAppName@ updates the account.
+Setting_Description_updateAttributes.email.verification=Enable this option to send an email to the user's email address before @PwmAppName@ updates the account. The user's email must change to cause this verification email to be sent. The user must verify receipt of the email before @PwmAppName@ updates the account.
 Setting_Description_updateAttributes.enable=Enable the option to Update Profile Attributes.  If true, this setting enables the Update Profile module.
 Setting_Description_updateAttributes.forceSetup=Enable this option to present the Update Profile module to the users upon login if the users do not satisfy the form configuration conditions. Specifically, @PwmAppName@ checks the <b>Required</b> and <b>Regular Expression</b> conditions against the current LDAP form values.  The users cannot perform other functions until they update the form values to values that match the form configuration.
 Setting_Description_updateAttributes.form=Update Profile Form values.