From cbe213710d61b16be52a8497c22dee9bcb34538b Mon Sep 17 00:00:00 2001 From: viown <48097677+viown@users.noreply.github.com> Date: Sun, 16 Mar 2025 22:49:31 +0300 Subject: [PATCH 1/2] Require password before setting as admin --- src/apps/dashboard/routes/users/profile.tsx | 8 ++++++++ src/strings/en-us.json | 1 + 2 files changed, 9 insertions(+) diff --git a/src/apps/dashboard/routes/users/profile.tsx b/src/apps/dashboard/routes/users/profile.tsx index 2f98d67bd3..3ed20b293a 100644 --- a/src/apps/dashboard/routes/users/profile.tsx +++ b/src/apps/dashboard/routes/users/profile.tsx @@ -199,6 +199,8 @@ const UserEdit = () => { throw new Error('Unexpected null user id or policy'); } + const isPreviouslyAdmin = user.Policy.IsAdministrator; + user.Name = (page.querySelector('#txtUserName') as HTMLInputElement).value.trim(); user.Policy.IsAdministrator = (page.querySelector('.chkIsAdmin') as HTMLInputElement).checked; user.Policy.IsHidden = (page.querySelector('.chkIsHidden') as HTMLInputElement).checked; @@ -225,6 +227,12 @@ const UserEdit = () => { user.Policy.EnableContentDeletionFromFolders = user.Policy.EnableContentDeletion ? [] : getCheckedElementDataIds(page.querySelectorAll('.chkFolder')); user.Policy.SyncPlayAccess = (page.querySelector('#selectSyncPlayAccess') as HTMLSelectElement).value as SyncPlayUserAccessType; + if (!user.HasPassword && user.Policy.IsAdministrator && !isPreviouslyAdmin) { + toast(globalize.translate('PasswordAdminRequired')); + loading.hide(); + return; + } + window.ApiClient.updateUser(user).then(() => ( window.ApiClient.updateUserPolicy(user.Id || '', user.Policy || { PasswordResetProviderId: '', AuthenticationProviderId: '' }) )).then(() => { diff --git a/src/strings/en-us.json b/src/strings/en-us.json index bb5f9cf80a..a292061469 100644 --- a/src/strings/en-us.json +++ b/src/strings/en-us.json @@ -1318,6 +1318,7 @@ "PackageInstallFailed": "{0} (version {1}) installation failed.", "PageNotFound": "This is not the page you are looking for.", "ParentalRating": "Parental rating", + "PasswordAdminRequired": "The user must have a password set before marking them as admin.", "PasswordMatchError": "Password and password confirmation must match.", "PasswordRequiredForAdmin": "A password is required for admin accounts.", "PasswordResetComplete": "The password has been reset.", From 7743e4509c57d66210630b90e187ae496696d417 Mon Sep 17 00:00:00 2001 From: viown <48097677+viown@users.noreply.github.com> Date: Sun, 16 Mar 2025 23:00:38 +0300 Subject: [PATCH 2/2] Remove isPreviouslyAdmin check --- src/apps/dashboard/routes/users/profile.tsx | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/src/apps/dashboard/routes/users/profile.tsx b/src/apps/dashboard/routes/users/profile.tsx index 3ed20b293a..e385d6cb74 100644 --- a/src/apps/dashboard/routes/users/profile.tsx +++ b/src/apps/dashboard/routes/users/profile.tsx @@ -199,8 +199,6 @@ const UserEdit = () => { throw new Error('Unexpected null user id or policy'); } - const isPreviouslyAdmin = user.Policy.IsAdministrator; - user.Name = (page.querySelector('#txtUserName') as HTMLInputElement).value.trim(); user.Policy.IsAdministrator = (page.querySelector('.chkIsAdmin') as HTMLInputElement).checked; user.Policy.IsHidden = (page.querySelector('.chkIsHidden') as HTMLInputElement).checked; @@ -227,7 +225,7 @@ const UserEdit = () => { user.Policy.EnableContentDeletionFromFolders = user.Policy.EnableContentDeletion ? [] : getCheckedElementDataIds(page.querySelectorAll('.chkFolder')); user.Policy.SyncPlayAccess = (page.querySelector('#selectSyncPlayAccess') as HTMLSelectElement).value as SyncPlayUserAccessType; - if (!user.HasPassword && user.Policy.IsAdministrator && !isPreviouslyAdmin) { + if (!user.HasPassword && user.Policy.IsAdministrator) { toast(globalize.translate('PasswordAdminRequired')); loading.hide(); return;