Merge pull request #41525 from nextcloud/backport/41520/stable23

[stable23] Finish password confirmation
2026-06-13 10:40:40 -04:00 · 2023-11-16 09:55:44 +01:00 · 2023-11-16 09:55:44 +01:00 · 497c24ffc8
commit 497c24ffc8
parent c32b5af256 b44c655a21
5 changed files with 21 additions and 16 deletions
--- a/apps/workflowengine/js/workflowengine.js
+++ b/apps/workflowengine/js/workflowengine.js
--- a/apps/workflowengine/js/workflowengine.js.map
+++ b/apps/workflowengine/js/workflowengine.js.map
--- a/apps/workflowengine/lib/Controller/AWorkflowController.php
+++ b/apps/workflowengine/lib/Controller/AWorkflowController.php
@ -99,6 +99,7 @@ abstract class AWorkflowController extends OCSController {
 	}

 	/**
+	 * @PasswordConfirmationRequired
 	 * @throws OCSBadRequestException
 	 * @throws OCSForbiddenException
 	 * @throws OCSException
@ -127,6 +128,7 @@ abstract class AWorkflowController extends OCSController {
 	}

 	/**
+	 * @PasswordConfirmationRequired
 	 * @throws OCSBadRequestException
 	 * @throws OCSForbiddenException
 	 * @throws OCSException
@ -155,6 +157,7 @@ abstract class AWorkflowController extends OCSController {
 	}

 	/**
+	 * @PasswordConfirmationRequired
 	 * @throws OCSBadRequestException
 	 * @throws OCSForbiddenException
 	 * @throws OCSException
--- a/apps/workflowengine/lib/Controller/UserWorkflowsController.php
+++ b/apps/workflowengine/lib/Controller/UserWorkflowsController.php
@ -81,6 +81,7 @@ class UserWorkflowsController extends AWorkflowController {

 	/**
 	 * @NoAdminRequired
+	 * @PasswordConfirmationRequired
 	 * @throws OCSBadRequestException
 	 * @throws OCSForbiddenException
 	 */
@ -90,6 +91,7 @@ class UserWorkflowsController extends AWorkflowController {

 	/**
 	 * @NoAdminRequired
+	 * @PasswordConfirmationRequired
 	 * @throws OCSBadRequestException
 	 * @throws OCSForbiddenException
 	 */
@ -99,6 +101,7 @@ class UserWorkflowsController extends AWorkflowController {

 	/**
 	 * @NoAdminRequired
+	 * @PasswordConfirmationRequired
 	 * @throws OCSForbiddenException
 	 */
 	public function destroy(int $id): DataResponse {
--- a/apps/workflowengine/src/store.js
+++ b/apps/workflowengine/src/store.js
@ -88,7 +88,8 @@ const store = new Vuex.Store({
 				context.commit('addRule', rule)
 			})
 		},
-		createNewRule(context, rule) {
+		async createNewRule(context, rule) {
+			await confirmPassword()
 			let entity = null
 			let events = []
 			if (rule.isComplex === false && rule.fixedEntity === '') {
@ -119,9 +120,7 @@ const store = new Vuex.Store({
 			context.commit('removeRule', rule)
 		},
 		async pushUpdateRule(context, rule) {
-			if (context.state.scope === 0) {
-				await confirmPassword()
-			}
+			await confirmPassword()
 			let result
 			if (rule.id < 0) {
 				result = await axios.post(getApiUrl(''), rule)