Web UI lostpassword.php is not calling warning message when encryption app is enabled #11438
Comments
|
@LukasReschke seems like this fits into the mail settings pr you are working on - right? |
|
Mhm. This is again in another file but it can be fairly easily solved. Assigning to myself and trying to find some time end of the week. That said: I still believe that the encryption app should use a per-instance key and not a per-user one. So many problems would go away… |
|
Just as a note: There was a warning on the old password reset page. It was removed because it was considered to be to alarming, if I remember correctly. Maybe it makes sense to include @jancborchardt into the discussion to make sure that we don't add, remove, add,... stuff and have one consistent opinion. |
|
Sounds like a note is in order here when people are about to lose their data. |
|
I just experienced this confusion and I think a note is definitely necessary. This notification should be different in 2 cases:
My point is that a different message should be sent / displayed in each case. And that in case 2, he should be notified that he won't get access to his files without contacting the admin. I was confused in #11661 and @schiesbn explained me this clearly (thank you ;) ). Once this notification is integrated, I can modifiy the documentation to explain this if you want. And just to complete the information, @jancborchardt and @VicDeo are managing a modification in the password recovery process in #10353 . The objective is to integrate a:
Still, I think (and it's my opinion) that the password recovery should be possible by email. Why not with a 2-step verification process like in Gmail? I know it's difficult to integrate a verification with SMS, but the second step could be an email automatically sent to the admin. The admin can then decide to use the recovery key. |
This patch wil warn the user of the consequences when resetting the password and requires checking a checkbox (as we had in the past) to reset a password. Furthermore I updated the code to use our new classes and added some unit tests for it 👯 Fixes #11438
This patch wil warn the user of the consequences when resetting the password and requires checking a checkbox (as we had in the past) to reset a password. Furthermore I updated the code to use our new classes and added some unit tests for it 👯 Fixes #11438
This patch wil warn the user of the consequences when resetting the password and requires checking a checkbox (as we had in the past) to reset a password. Furthermore I updated the code to use our new classes and added some unit tests for it 👯 Fixes #11438
|
cc @owncloud/support-triagers |
|
Will be fixed with ownCloud 8: #11696 |
Expected behavior
When a user with encryption enabled goes to reset the password, the lostpassword.php file should be executed and the user is warned about the recovery key and losing all his/her data.
Actual behavior
The standard reset message is displayed, and the email notification message is displayed.
Steps to reproduce
Server configuration
Ubuntu 14
MySql
OC7 beta2
Browser Firefox
The text was updated successfully, but these errors were encountered: