Commit 1b91ffcd authored by David Edmundson's avatar David Edmundson Committed by Ray Strode

Allow a user to change their own password without admin

Introduces a new action with default state auth_self to be used by
SetPassword and SetPasswordMode when changing ones own password.

https://bugs.freedesktop.org/show_bug.cgi?id=97518
parent 9fdd1d95
......@@ -17,6 +17,16 @@
</defaults>
</action>
<action id="org.freedesktop.accounts.change-own-password">
<_description>Change your own user password</_description>
<_message>Authentication is required to change your own user password</_message>
<defaults>
<allow_any>auth_self</allow_any>
<allow_inactive>auth_self</allow_inactive>
<allow_active>auth_self</allow_active>
</defaults>
</action>
<action id="org.freedesktop.accounts.user-administration">
<_description>Manage user accounts</_description>
<_message>Authentication is required to change user data</_message>
......
......@@ -1878,13 +1878,22 @@ user_set_password_mode (AccountsUser *auser,
{
User *user = (User*)auser;
const gchar *action_id;
gint uid;
if (mode < 0 || mode > PASSWORD_MODE_LAST) {
throw_error (context, ERROR_FAILED, "unknown password mode: %d", mode);
return FALSE;
}
action_id = "org.freedesktop.accounts.user-administration";
if (!get_caller_uid (context, &uid)) {
throw_error (context, ERROR_FAILED, "identifying caller failed");
return FALSE;
}
if (user->uid == (uid_t) uid)
action_id = "org.freedesktop.accounts.change-own-password";
else
action_id = "org.freedesktop.accounts.user-administration";
daemon_local_check_auth (user->daemon,
user,
......@@ -1969,15 +1978,27 @@ user_set_password (AccountsUser *auser,
{
User *user = (User*)auser;
gchar **data;
const gchar *action_id;
gint uid;
if (!get_caller_uid (context, &uid)) {
throw_error (context, ERROR_FAILED, "identifying caller failed");
return FALSE;
}
data = g_new (gchar *, 3);
data[0] = g_strdup (password);
data[1] = g_strdup (hint);
data[2] = NULL;
if (user->uid == (uid_t) uid)
action_id = "org.freedesktop.accounts.change-own-password";
else
action_id = "org.freedesktop.accounts.user-administration";
daemon_local_check_auth (user->daemon,
user,
"org.freedesktop.accounts.user-administration",
action_id,
TRUE,
user_change_password_authorized_cb,
context,
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment