Merge branch 'hotfix-2.3.159'

2015-11-16 00:27:49 +01:00 · 2015-11-16 00:27:49 +01:00 · 770e30b842
parent 35cd740b6e 3045cc2630
commit 770e30b842
5 changed files with 14 additions and 6 deletions
--- a/VERSION.json
+++ b/VERSION.json
@ -1 +1 @@
-{"major":2, "minor":3, "hotfix":158}
+{"major":2, "minor":3, "hotfix":159}
--- a/app/Controller/AppController.php
+++ b/app/Controller/AppController.php
@ -231,9 +231,9 @@ class AppController extends Controller {
 	
 	public $userRole = null;

-	protected function _isJson($data=false){
+	protected function _isJson($data=false) {
 		if ($data) return (json_decode($data) != NULL) ? true : false;
-		return $this->request->header('Accept') === 'application/json';
+		return $this->request->header('Accept') === 'application/json' || $this->RequestHandler->prefers() === 'json';
 	}

 	//public function blackhole($type) {
--- a/app/Controller/UsersController.php
+++ b/app/Controller/UsersController.php
@ -587,11 +587,17 @@ class UsersController extends AppController {
 			$this->Session->setFlash(__('Invalid id for user', true), 'default', array(), 'error');
 			$this->redirect(array('action' => 'view', $this->Auth->user('id')));
 		}
-		$this->User->read();
+		$user = $this->User->read();
+		$oldKey = $this->User->data['User']['authkey'];
 		if ('me' == $id ) $id = $this->Auth->user('id');
 		else if (!$this->_isSiteAdmin() && !($this->_isAdmin() && $this->Auth->user('org') == $this->User->data['User']['org']) && ($this->Auth->user('id') != $id)) throw new MethodNotAllowedException();
 		$newkey = $this->User->generateAuthKey();
 		$this->User->saveField('authkey', $newkey);
+		$this->__extralog(
+				'reset_auth_key', 
+				'Authentication key for user ' . $user['User']['id'] . ' (' . $user['User']['email'] . ')', 
+				$fieldsResult = 'authkey(' . $oldKey . ') => (' . $newkey . ')'
+		);
 		$this->Session->setFlash(__('New authkey generated.', true));
 		$this->_refreshAuth();
 		$this->redirect($this->referer());
--- a/app/Model/Log.php
+++ b/app/Model/Log.php
@ -32,7 +32,8 @@ class Log extends AppModel {
 							'update_database',
 							'version_warning',
 							'auth',
-							'auth_fail'
+							'auth_fail',
+							'reset_auth_key'
 						)),
 			'message' => 'Options : ...'
 		)
--- a/app/Model/User.php
+++ b/app/Model/User.php
@ -218,7 +218,8 @@ class User extends AppModel {
 		'SysLogLogable.SysLogLogable' => array(	// TODO Audit, logable
 			'userModel' => 'User',
 			'userKey' => 'user_id',
-			'change' => 'full'
+			'change' => 'full',
+			'ignore' => array('password')
 		),
 		'Trim',
 		'Containable'