Umbraco-cms: Current password field should be hidden when changing passwords and not applicable

Created on 28 Sep 2018  ยท  5Comments  ยท  Source: umbraco/Umbraco-CMS

If allowManuallyChangingPassword is set to true the user provider in web.config - the current password is not used for validation when setting a new password. In the avatar 'change password' dialog we have removed this field since it isn't used.

When changing the password of your own user in the users section, this field however still shows up. It is however not used in any validation so it should simply be removed from the UI like it is in the other 'change password' functionality.

communitpr releas7.13.0 typbug
Source
picture clausjensen

Most helpful comment

๐Ÿ›‘ โœ‹ Reserved - don't fix please

Note: Please don't pick this one up. It's reserved for the upcoming Hacktoberfest as it's a fairly easy issue for a new contributor to get a feel for their first ever contribution. ๐Ÿ‘

picture nul800sebastiaan on 28 Sep 2018
🎉31 👍1

All 5 comments

๐Ÿ›‘ โœ‹ Reserved - don't fix please

Note: Please don't pick this one up. It's reserved for the upcoming Hacktoberfest as it's a fairly easy issue for a new contributor to get a feel for their first ever contribution. ๐Ÿ‘

nul800sebastiaan picture nul800sebastiaan on 28 Sep 2018
🎉31 👍1

@clausjensen @nul800sebastiaan I'm working on this :)

mptap picture mptap on 1 Oct 2018
🎉2

@clausjensen @nul800sebastiaan here's my PR https://github.com/umbraco/Umbraco-CMS/pull/3165
Let me know if any changes are needed. I'm happy to volunteer for Hacktoberfest 2018!

mptap picture mptap on 5 Oct 2018

Thanks @mptap!

Did you read the big warning above not to fix this issue yet? We're reserving it for a special event. ๐Ÿ™‚

In any case, the fix is currently incorrect, we don't want to remove the whole input field, we want to make sure it is shown only when allowManuallyChangingPassword is set to true in the web.config at which point validation should also kick in.

nul800sebastiaan picture nul800sebastiaan on 8 Oct 2018

@nul800sebastiaan I did, it said reserved for Hacktoberfest, which has started. I see the field is wrapped in ng-if="$parent.showOldPass()" which checks forallowManuallyChangingPassword. Closing PR for now.

mptap picture mptap on 8 Oct 2018
Was this page helpful?
0 / 5 - 0 ratings

Related issues

pralthom picture pralthom  ยท  3Comments
jesperordrup picture jesperordrup  ยท  3Comments
vonbv picture vonbv  ยท  4Comments
Luksor picture Luksor  ยท  3Comments
HannesWinston picture HannesWinston  ยท  3Comments