Merge pull request #59812 from nextcloud/backport/59788/stable31

[stable31] fix: Add missing PasswordConfirmationRequired attributes

Author: sorbaugh

apps/oauth2/lib/Controller/SettingsController.php

@@ -13,6 +13,7 @@
 use OCA\OAuth2\Db\ClientMapper;
 use OCP\AppFramework\Controller;
 use OCP\AppFramework\Http;
+use OCP\AppFramework\Http\Attribute\PasswordConfirmationRequired;
 use OCP\AppFramework\Http\JSONResponse;
 use OCP\Authentication\Token\IProvider as IAuthTokenProvider;
 use OCP\IL10N;
@@ -40,6 +41,7 @@ public function __construct(
 		parent::__construct($appName, $request);
 	}
 
+	#[PasswordConfirmationRequired(strict: true)]
 	public function addClient(string $name,
 		string $redirectUri): JSONResponse {
 		if (filter_var($redirectUri, FILTER_VALIDATE_URL) === false) {
@@ -66,6 +68,7 @@ public function addClient(string $name,
 		return new JSONResponse($result);
 	}
 
+	#[PasswordConfirmationRequired]
 	public function deleteClient(int $id): JSONResponse {
 		$client = $this->clientMapper->getByUid($id);
 

apps/oauth2/src/App.vue

@@ -73,6 +73,7 @@ import NcButton from '@nextcloud/vue/dist/Components/NcButton.js'
 import NcNoteCard from '@nextcloud/vue/dist/Components/NcNoteCard.js'
 import { loadState } from '@nextcloud/initial-state'
 import NcTextField from '@nextcloud/vue/dist/Components/NcTextField.js'
+import { PwdConfirmationMode } from '@nextcloud/password-confirmation'
 
 export default {
 	name: 'App',
@@ -123,6 +124,7 @@ export default {
 					name: this.newClient.name,
 					redirectUri: this.newClient.redirectUri,
 				},
+				{ confirmPassword: PwdConfirmationMode.Strict },
 			).then(response => {
 				// eslint-disable-next-line vue/no-mutating-props
 				this.clients.push(response.data)

apps/oauth2/src/main.js

@@ -3,13 +3,17 @@
  * SPDX-License-Identifier: AGPL-3.0-or-later
  */
 
+import axios from '@nextcloud/axios'
 import Vue from 'vue'
 import App from './App.vue'
 import { loadState } from '@nextcloud/initial-state'
+import { addPasswordConfirmationInterceptors } from '@nextcloud/password-confirmation'
 
 Vue.prototype.t = t
 Vue.prototype.OC = OC
 
+addPasswordConfirmationInterceptors(axios)
+
 const clients = loadState('oauth2', 'clients')
 
 const View = Vue.extend(App)

apps/provisioning_api/lib/Controller/AppsController.php

@@ -88,7 +88,7 @@ public function getAppInfo(string $app): DataResponse {
 	 *
 	 * 200: App enabled successfully
 	 */
-	#[PasswordConfirmationRequired]
+	#[PasswordConfirmationRequired(strict: true)]
 	public function enable(string $app): DataResponse {
 		try {
 			$this->appManager->enableApp($app);

apps/settings/lib/Controller/AppSettingsController.php

@@ -564,7 +564,7 @@ public function enableApp(string $appId, array $groups = []): JSONResponse {
 	 * @param array $groups
 	 * @return JSONResponse
 	 */
-	#[PasswordConfirmationRequired]
+	#[PasswordConfirmationRequired(strict: true)]
 	public function enableApps(array $appIds, array $groups = []): JSONResponse {
 		try {
 			$updateRequired = false;

apps/settings/lib/Controller/AuthorizedGroupController.php

@@ -10,6 +10,7 @@
 use OCA\Settings\Service\AuthorizedGroupService;
 use OCA\Settings\Service\NotFoundException;
 use OCP\AppFramework\Controller;
+use OCP\AppFramework\Http\Attribute\PasswordConfirmationRequired;
 use OCP\AppFramework\Http\DataResponse;
 use OCP\DB\Exception;
 use OCP\IRequest;
@@ -27,6 +28,7 @@ public function __construct(
 	 * @throws NotFoundException
 	 * @throws Exception
 	 */
+	#[PasswordConfirmationRequired(strict: true)]
 	public function saveSettings(array $newGroups, string $class): DataResponse {
 		$currentGroups = $this->authorizedGroupService->findExistingGroupsForClass($class);
 

apps/settings/lib/Controller/TwoFactorSettingsController.php

@@ -11,6 +11,7 @@
 use OC\Authentication\TwoFactorAuth\EnforcementState;
 use OC\Authentication\TwoFactorAuth\MandatoryTwoFactor;
 use OCP\AppFramework\Controller;
+use OCP\AppFramework\Http\Attribute\PasswordConfirmationRequired;
 use OCP\AppFramework\Http\JSONResponse;
 use OCP\IRequest;
 
@@ -31,6 +32,7 @@ public function index(): JSONResponse {
 		return new JSONResponse($this->mandatoryTwoFactor->getState());
 	}
 
+	#[PasswordConfirmationRequired(strict: true)]
 	public function update(bool $enforced, array $enforcedGroups = [], array $excludedGroups = []): JSONResponse {
 		$this->mandatoryTwoFactor->setState(
 			new EnforcementState($enforced, $enforcedGroups, $excludedGroups)

apps/settings/src/components/AdminDelegation/GroupSelect.vue

@@ -18,6 +18,7 @@ import NcSelect from '@nextcloud/vue/dist/Components/NcSelect.js'
 import { generateUrl } from '@nextcloud/router'
 import axios from '@nextcloud/axios'
 import { showError } from '@nextcloud/dialogs'
+import { PwdConfirmationMode } from '@nextcloud/password-confirmation'
 import logger from '../../logger.ts'
 
 export default {
@@ -59,7 +60,7 @@ export default {
 				class: this.setting.class,
 			}
 			try {
-				await axios.post(generateUrl('/apps/settings/') + '/settings/authorizedgroups/saveSettings', data)
+				await axios.post(generateUrl('/apps/settings/') + '/settings/authorizedgroups/saveSettings', data, { confirmPassword: PwdConfirmationMode.Strict })
 			} catch (e) {
 				showError(t('settings', 'Unable to modify setting'))
 				logger.error('Unable to modify setting', e)

apps/settings/src/components/AdminTwoFactor.vue

@@ -76,6 +76,7 @@ import NcButton from '@nextcloud/vue/dist/Components/NcButton.js'
 import NcCheckboxRadioSwitch from '@nextcloud/vue/dist/Components/NcCheckboxRadioSwitch.js'
 import NcSettingsSection from '@nextcloud/vue/dist/Components/NcSettingsSection.js'
 import { loadState } from '@nextcloud/initial-state'
+import { PwdConfirmationMode } from '@nextcloud/password-confirmation'
 
 import sortedUniq from 'lodash/sortedUniq.js'
 import uniq from 'lodash/uniq.js'
@@ -156,7 +157,7 @@ export default {
 				enforcedGroups: this.enforcedGroups,
 				excludedGroups: this.excludedGroups,
 			}
-			axios.put(generateUrl('/settings/api/admin/twofactorauth'), data)
+			axios.put(generateUrl('/settings/api/admin/twofactorauth'), data, { confirmPassword: PwdConfirmationMode.Strict })
 				.then(resp => resp.data)
 				.then(state => {
 					this.state = state

apps/settings/src/main-admin-delegation.js

@@ -3,9 +3,13 @@
  * SPDX-License-Identifier: AGPL-3.0-or-later
  */
 
+import axios from '@nextcloud/axios'
+import { addPasswordConfirmationInterceptors } from '@nextcloud/password-confirmation'
 import Vue from 'vue'
 import App from './components/AdminDelegating.vue'
 
+addPasswordConfirmationInterceptors(axios)
+
 // bind to window
 Vue.prototype.OC = OC
 Vue.prototype.t = t