Merge branch 'master' of git://github.com/gallery/gallery3

1 files changed, 33 insertions, 8 deletions

diff --git a/modules/gallery/controllers/reauthenticate.php b/modules/gallery/controllers/reauthenticate.php
index acb27f6a..0486c0fe 100644
--- a/modules/gallery/controllers/reauthenticate.php
+++ b/modules/gallery/controllers/reauthenticate.php
@@ -18,11 +18,21 @@
  * Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA  02110-1301, USA.
  */
 class Reauthenticate_Controller extends Controller {
-  public function index($share_translations_form=null) {
+  public function index() {
     if (!identity::active_user()->admin) {
       access::forbidden();
     }
-    return self::_show_form(self::_form());
+    // On redirects from the admin controller, the ajax request indicator is lost,
+    // so we store it in the session.
+    $is_ajax = Session::instance()->get_once("is_ajax_request", request::is_ajax());
+    if ($is_ajax) {
+      $v = new View("reauthenticate.html");
+      $v->form = self::_form();
+      $v->user_name = identity::active_user()->name;
+      print $v;
+    } else {
+      self::_show_form(self::_form());
+    }
   }
 
   public function auth() {
@@ -35,14 +45,23 @@ class Reauthenticate_Controller extends Controller {
     $valid = $form->validate();
     $user = identity::active_user();
     if ($valid) {
-      message::success(t("Successfully re-authenticated!"));
       module::event("user_auth", $user);
-      url::redirect($form->continue_url->value);
+      if (!request::is_ajax()) {
+        message::success(t("Successfully re-authenticated!"));
+      }
+      url::redirect(Session::instance()->get_once("continue_url"));
     } else {
       $name = $user->name;
       log::warning("user", t("Failed re-authentication for %name", array("name" => $name)));
       module::event("user_auth_failed", $name);
-      return self::_show_form($form);
+      if (request::is_ajax()) {
+        $v = new View("reauthenticate.html");
+        $v->form = $form;
+        $v->user_name = identity::active_user()->name;
+        json::reply(array("html" => (string)$v));
+      } else {
+        self::_show_form($form);
+      }
     }
   }
 
@@ -52,17 +71,17 @@ class Reauthenticate_Controller extends Controller {
     $view->content = new View("reauthenticate.html");
     $view->content->form = $form;
     $view->content->user_name = identity::active_user()->name;
+
     print $view;
   }
 
   private static function _form() {
     $form = new Forge("reauthenticate/auth", "", "post", array("id" => "g-reauthenticate-form"));
-    $form->set_attr('class', "g-narrow");
-    $form->hidden("continue_url")->value(Session::instance()->get("continue_url", "admin"));
+    $form->set_attr("class", "g-narrow");
     $group = $form->group("reauthenticate")->label(t("Re-authenticate"));
     $group->password("password")->label(t("Password"))->id("g-password")->class(null)
       ->callback("auth::validate_too_many_failed_auth_attempts")
-      ->callback("user::valid_password")
+      ->callback("Reauthenticate_Controller::valid_password")
       ->error_messages("invalid_password", t("Incorrect password"))
       ->error_messages(
         "too_many_failed_auth_attempts",
@@ -70,4 +89,10 @@ class Reauthenticate_Controller extends Controller {
     $group->submit("")->value(t("Submit"));
     return $form;
   }
+
+  static function valid_password($password_input) {
+    if (!identity::is_correct_password(identity::active_user(), $password_input->value)) {
+      $password_input->add_error("invalid_password", 1);
+    }
+  }
 }