Merge branch 'hotfix-2.3.159'

pull/727/head v2.3.159
iglocska 2015-11-16 00:27:49 +01:00
commit 770e30b842
5 changed files with 14 additions and 6 deletions

View File

@ -1 +1 @@
{"major":2, "minor":3, "hotfix":158}
{"major":2, "minor":3, "hotfix":159}

View File

@ -231,9 +231,9 @@ class AppController extends Controller {
public $userRole = null;
protected function _isJson($data=false){
protected function _isJson($data=false) {
if ($data) return (json_decode($data) != NULL) ? true : false;
return $this->request->header('Accept') === 'application/json';
return $this->request->header('Accept') === 'application/json' || $this->RequestHandler->prefers() === 'json';
}
//public function blackhole($type) {

View File

@ -587,11 +587,17 @@ class UsersController extends AppController {
$this->Session->setFlash(__('Invalid id for user', true), 'default', array(), 'error');
$this->redirect(array('action' => 'view', $this->Auth->user('id')));
}
$this->User->read();
$user = $this->User->read();
$oldKey = $this->User->data['User']['authkey'];
if ('me' == $id ) $id = $this->Auth->user('id');
else if (!$this->_isSiteAdmin() && !($this->_isAdmin() && $this->Auth->user('org') == $this->User->data['User']['org']) && ($this->Auth->user('id') != $id)) throw new MethodNotAllowedException();
$newkey = $this->User->generateAuthKey();
$this->User->saveField('authkey', $newkey);
$this->__extralog(
'reset_auth_key',
'Authentication key for user ' . $user['User']['id'] . ' (' . $user['User']['email'] . ')',
$fieldsResult = 'authkey(' . $oldKey . ') => (' . $newkey . ')'
);
$this->Session->setFlash(__('New authkey generated.', true));
$this->_refreshAuth();
$this->redirect($this->referer());

View File

@ -32,7 +32,8 @@ class Log extends AppModel {
'update_database',
'version_warning',
'auth',
'auth_fail'
'auth_fail',
'reset_auth_key'
)),
'message' => 'Options : ...'
)

View File

@ -218,7 +218,8 @@ class User extends AppModel {
'SysLogLogable.SysLogLogable' => array( // TODO Audit, logable
'userModel' => 'User',
'userKey' => 'user_id',
'change' => 'full'
'change' => 'full',
'ignore' => array('password')
),
'Trim',
'Containable'