fix: let WebAuthn user edit their name

thorsten · Sep 13, 2024 · 6fb0fa2 · 6fb0fa2
1 parent 641cd35
commit 6fb0fa2
Show file tree

Hide file tree

Showing 4 changed files with 18 additions and 11 deletions.
diff --git a/phpmyfaq/admin/assets/src/content/editor.js b/phpmyfaq/admin/assets/src/content/editor.js
@@ -13,7 +13,7 @@
  * @since     2022-01-31
  */
 
-// TinyMCE global which is used to init the editor
+// TinyMCE global, which is used to init the editor
 import tinymce from 'tinymce/tinymce';
 import 'tinymce/models/dom';
 
@@ -88,6 +88,7 @@ export const renderEditor = () => {
       extended_valid_elements: 'code[class],video[*],audio[*],source[*]',
       removeformat: [{ selector: '*', attributes: ['style'], split: false, expand: false, deep: true }],
       importcss_append: true,
+      sandbox_iframes: true,
 
       // Font handling
       fontsize_formats: '6pt 8pt 9pt 10pt 11pt 12pt 14pt 16pt 18pt 20pt 24pt 36pt 48pt',

diff --git a/phpmyfaq/assets/templates/default/ucp.twig b/phpmyfaq/assets/templates/default/ucp.twig
@@ -60,7 +60,6 @@
                   value="{{ realname|raw }}"
                   class="form-control"
                   required
-                  {{ readonly }}
                 />
               </div>
             </div>

diff --git a/phpmyfaq/src/phpMyFAQ/Controller/Frontend/UserController.php b/phpmyfaq/src/phpMyFAQ/Controller/Frontend/UserController.php
@@ -63,7 +63,7 @@ public function updateData(Request $request): JsonResponse
         $twoFactorEnabled = Filter::filterVar($data->twofactor_enabled ?? 'off', FILTER_SANITIZE_SPECIAL_CHARS);
 
         $isAzureAdUser = $user->getUserAuthSource() === 'azure';
-
+        $isWebAuthnUser = $user->getUserAuthSource() === 'webauthn';
 
         if ($userId !== $user->getUserId()) {
             return $this->json(['error' => 'User ID mismatch!'], Response::HTTP_BAD_REQUEST);
@@ -77,15 +77,22 @@ public function updateData(Request $request): JsonResponse
                 );
             }
 
-            if (strlen($password) <= 7 || strlen($confirm) <= 7) {
+            if ((strlen($password) <= 7 || strlen($confirm) <= 7) && !$isWebAuthnUser) {
                 return $this->json(['error' => Translation::get('ad_passwd_fail')], Response::HTTP_CONFLICT);
             } else {
-                $userData = [
-                    'display_name' => $userName,
-                    'email' => $email,
-                    'is_visible' => $isVisible === 'on' ? 1 : 0,
-                    'twofactor_enabled' => $twoFactorEnabled === 'on' ? 1 : 0
-                ];
+                if ($isWebAuthnUser) {
+                    $userData = [
+                        'display_name' => $userName,
+                        'is_visible' => $isVisible === 'on' ? 1 : 0,
+                    ];
+                } else {
+                    $userData = [
+                        'display_name' => $userName,
+                        'email' => $email,
+                        'is_visible' => $isVisible === 'on' ? 1 : 0,
+                        'twofactor_enabled' => $twoFactorEnabled === 'on' ? 1 : 0
+                    ];
+                }
 
                 $success = $user->setUserData($userData);
 

diff --git a/phpmyfaq/src/phpMyFAQ/Permission/BasicPermission.php b/phpmyfaq/src/phpMyFAQ/Permission/BasicPermission.php
@@ -225,7 +225,7 @@ public function getAllUserRights(int $userId): array
      */
     public function getUserRightsCount(CurrentUser $currentUser): int
     {
-        $userRights = $this->getAllUserRights($currentUser->getUserId());
+        $userRights = $this->getUserRights($currentUser->getUserId());
 
         return is_countable($userRights) ? count($userRights) : 0;
     }