[BUGFIX] Prevent accidental change of a LDAP user password

xperseguers · xperseguers · commit aea6e5b04bb1 · 2017-11-09T08:04:15.000+01:00
In order to prevent TYPO3 administrators from accidentally setting an arbitrary password for Backend/Frontend LDAP users, the "password" field is hidden in TCA. Resolves: #82028 Related: #58933 Change-Id: I6ca859f60db15a4babf7f4ea15a023a54ee66517 Reviewed-on: https://review.typo3.org/54158 Reviewed-by: Xavier Perseguers <xavier@typo3.org> Tested-by: Xavier Perseguers <xavier@typo3.org>
diff --git a/Configuration/TCA/Overrides/be_users.php b/Configuration/TCA/Overrides/be_users.php
@@ -12,5 +12,8 @@
     ],
 ];
 
+// Remove password field for LDAP users
+$GLOBALS['TCA']['be_users']['columns']['password']['displayCond'] = 'FIELD:tx_igldapssoauth_dn:REQ:false';
+
 \TYPO3\CMS\Core\Utility\ExtensionManagementUtility::addTCAcolumns('be_users', $tempColumns);
 \TYPO3\CMS\Core\Utility\ExtensionManagementUtility::addToAllTCAtypes('be_users', 'tx_igldapssoauth_dn;;;;1-1-1');
diff --git a/Configuration/TCA/Overrides/fe_users.php b/Configuration/TCA/Overrides/fe_users.php
@@ -12,5 +12,8 @@
     ],
 ];
 
+// Remove password field for LDAP users
+$GLOBALS['TCA']['fe_users']['columns']['password']['displayCond'] = 'FIELD:tx_igldapssoauth_dn:REQ:false';
+
 \TYPO3\CMS\Core\Utility\ExtensionManagementUtility::addTCAcolumns('fe_users', $tempColumns);
 \TYPO3\CMS\Core\Utility\ExtensionManagementUtility::addToAllTCAtypes('fe_users', 'tx_igldapssoauth_dn;;;;1-1-1');
