Comments (4)
sushifrick
commented on May 26, 2024
Same problem here,
we are sending users to a separate webinterface to manage their passwords using the lost_password_link configuration-option. When this option is set the guest will see the mentioned error message when she tries to set up her account.
As guests always use local (DB) accounts, they should circumvent the lost_password_link in my opinion.
Kind regards,
Sascha
from guests.
ChristophWurst
commented on May 26, 2024
The logic is in https://github.com/nextcloud/server/blob/master/core/Controller/LostController.php. We have the user ID there, so it should be possible to somehow determine if password reset should still be possibly. The question is how. We should likely not check for the guests app directly but ask the user back-end if password reset is allowed or not.
from guests.
blizzz
commented on May 26, 2024
In LostController::resetform() and LostController::setPassword() we might move it behind the token verification check. These methods are not the entry point for the password reset mechanism, so it is even considerable to remove them. Otherwise, we "reset is disabled" page can be shown when no token is present. This should be good enough to cater for special cases like these. This has to be done in server though, so not specific to the guests app.
from guests.
blizzz
commented on May 26, 2024
Proposed fix at nextcloud/server#28794
from guests.
Related Issues (20)
- Auto generated virtual guest user group can't share
- Guests created via Talk don't receive a welcome mail HOT 6
- Allow guests to add Collaborative tags to shared files
- Guest user is a able to rename Groupfolders HOT 1
- Lack of upload permissions for guests breaks some apps HOT 2
- Email not sending when I create new Guests HOT 3
- Guests can't acces files HOT 5
- Guest can't access shared files if a "share_folder" is set HOT 1
- "New" button not disabled for guests HOT 4
- Hide Guest users from other registered users in Search contacts dropdown HOT 1
- Guests needs application system folders
- Guests App will not be compatible with NC29 in its current state
- `occ guests:list` execute return type exception
- Guests have no access to shared folders in NC28 HOT 4
- Guests cannot invite other guests inside their circle to planned meetings
- Unable to create and add files and folders HOT 12
- App restrictions in the admin UI don't wrap
- Deleted files do not show up in trashbin of guest users
- Guest users cannot upload files in their root folders even if they have quota HOT 1
- Shared Calenders for Guest Users
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from guests.