#714 ✓resolved
theohiobloke

Feature Request - Option for User account (cannot change password)

Reported by theohiobloke | September 12th, 2012 @ 12:22 PM | in 2.1.1 (closed)

I have some schools who want a generic login for their site which will give staff access to to pages that the public cannot see.

Problem is that in the current system anyone can change the password of the generic account and render it useless. Perhaps a checkbox in the user profile that suppresses the change password links in the login flyout and hides the slingbar would work.

Comments and changes to this ticket

  • dleffler

    dleffler September 12th, 2012 @ 01:20 PM

    • Tag set to login, users

    Your easiest fix is to create custom views for your theme by copying the following into the theme and removing the 'password' link.

    • /framework/modules/users/views/login/showlogin.tpl line #39 (main login view)
    • /framework/modules/users/views/login/showlogin_flyoutYUI.tpl line #38
    • /framework/modules/users/views/login/showlogin_expanded.tpl lines #30 & #47
    • /framework/modules/users/views/users/edituser.tpl lines #30 & #47

    or better yet, add an {if $user->is_admin || $user->acting_admin} ... {/if} around those lines so they're only displayed for admins.

    Not sure if it's worth it to add a system setting to disable user password changing?

  • dleffler

    dleffler September 12th, 2012 @ 02:22 PM

    For the slingbar menu, add a /modules/administraiton/menus/user.php file to the theme folder with this

    <?php

##################################################
#
# Copyright (c) 2004-2012 OIC Group, Inc.
#
# This file is part of Exponent
#
# Exponent is free software; you can redistribute
# it and/or modify it under the terms of the GNU
# General Public License as published by the Free
# Software Foundation; either version 2 of the
# License, or (at your option) any later version.
#
# GPL: http://www.gnu.org/licenses/gpl.txt
#
##################################################

if (!defined('EXPONENT')) exit('');

global $user;

/////////////////////////////////////////////////////////////////////////
// FIGURE OUT IF WE"RE IN PREVIEW MODE OR NOT
/////////////////////////////////////////////////////////////////////////
$level = 99;
if (expSession::is_set('uilevel')) {
    $level = expSession::get('uilevel');
}   

//if ($level == UILEVEL_PREVIEW) {
//    $preview_url = makeLink(array('module'=>'previewmodule','action'=>'normal'));
//    $preview_class = 'preview_on';
//} else {
//    $preview_url = makeLink(array('module'=>'previewmodule','action'=>'preview'));
//    $preview_class = 'preview_off';
//}
/////////////////////////////////////////////////////////////////////////
// BUILD THE MENU
/////////////////////////////////////////////////////////////////////////

if ($user->isAdmin()) {
return array(
    'text'=>$user->firstname.' '.$user->lastname,
    'classname'=>'quicklink user',
    'submenu'=>array(
        'id'=>'user',
        'itemdata'=>array(
            array(
                'text'=>gt("Edit My Profile"),
                'url'=>makeLink(array('controller'=>'users','action'=>'edituser','id'=>$user->id)),
                'classname'=>'edit',
            ),
            array(
                'text'=>gt("Change My Password"),
                'url'=>makeLink(array('controller'=>'users','action'=>'change_password')),
                'classname'=>'password',
            ),
            array(
                'text'=>gt("Log Out"),
                'url'=>makeLink(array('controller'=>'login','action'=>'logout')),
                'classname'=>'logout',
            ),
            array(
                'text' => ($level == UILEVEL_PREVIEW)?gt('Turn Preview Mode off'):gt('Turn Preview Mode on'),
                'classname' => ($level == UILEVEL_PREVIEW)?'preview_on':'preview_off',
                'url' => makeLink(array('controller' => 'administration','action' => 'toggle_preview'))
            ),
        ),
    )
);
} else {
return array(
    'text'=>$user->firstname.' '.$user->lastname,
    'classname'=>'quicklink user',
    'submenu'=>array(
        'id'=>'user',
        'itemdata'=>array(
            array(
                'text'=>gt("Edit My Profile"),
                'url'=>makeLink(array('controller'=>'users','action'=>'edituser','id'=>$user->id)),
                'classname'=>'edit',
            ),
            array(
                'text'=>gt("Log Out"),
                'url'=>makeLink(array('controller'=>'login','action'=>'logout')),
                'classname'=>'logout',
            ),
            array(
                'text' => ($level == UILEVEL_PREVIEW)?gt('Turn Preview Mode off'):gt('Turn Preview Mode on'),
                'classname' => ($level == UILEVEL_PREVIEW)?'preview_on':'preview_off',
                'url' => makeLink(array('controller' => 'administration','action' => 'toggle_preview'))
            ),
        ),
    )
);
}

?>
  • expNinja

    expNinja January 14th, 2013 @ 07:12 PM

    • State changed from “new” to “resolved”
    • Milestone set to 2.1.1

    (from [1ddeef760cbf5b6700fccbd0057218a1ab86518b]) Adds new site configuration option to disable User request to change password (removes link) [#714 state:resolved responsible:dleffler milestone:2.1.1] https://github.com/exponentcms/exponent-cms/commit/1ddeef760cbf5b67...

Please Sign in or create a free account to add a new ticket.

With your very own profile, you can contribute to projects, track your activity, watch tickets, receive and update tickets through your email and much more.

New-ticket Create new ticket

Create your profile

Help contribute to this project by taking a few moments to create your personal profile. Create your profile ยป

Bug Tracker for Exponent CMS

Shared Ticket Bins

People watching this ticket

Tags

Pages