From ee379d20037c0729e343b2d688c3b501a1e1b2af Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?C=C3=B4me=20Chilliet?= Date: Tue, 17 Mar 2026 16:58:34 +0100 Subject: [PATCH] fix: Add missing Attribute and fix parameter type in renewpassword route MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Côme Chilliet [skip ci] --- apps/user_ldap/lib/Controller/RenewPasswordController.php | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/apps/user_ldap/lib/Controller/RenewPasswordController.php b/apps/user_ldap/lib/Controller/RenewPasswordController.php index 275e2671bf764..7376c95a65fe6 100644 --- a/apps/user_ldap/lib/Controller/RenewPasswordController.php +++ b/apps/user_ldap/lib/Controller/RenewPasswordController.php @@ -6,6 +6,7 @@ namespace OCA\User_LDAP\Controller; use OCP\AppFramework\Controller; +use OCP\AppFramework\Http\Attribute\BruteForceProtection; use OCP\AppFramework\Http\Attribute\NoCSRFRequired; use OCP\AppFramework\Http\Attribute\OpenAPI; use OCP\AppFramework\Http\Attribute\PublicPage; @@ -106,13 +107,15 @@ public function tryRenewPassword($user, $oldPassword, $newPassword) { if ($this->config->getUserValue($user, 'user_ldap', 'needsPasswordReset') !== 'true') { return new RedirectResponse($this->urlGenerator->linkToRouteAbsolute('core.login.showLoginForm')); } - $args = !is_null($user) ? ['user' => $user] : []; + $args = ['user' => $user]; $loginResult = $this->userManager->checkPassword($user, $oldPassword); if ($loginResult === false) { $this->session->set('renewPasswordMessages', [ ['invalidpassword'], [] ]); - return new RedirectResponse($this->urlGenerator->linkToRoute('user_ldap.renewPassword.showRenewPasswordForm', $args)); + $response = new RedirectResponse($this->urlGenerator->linkToRoute('user_ldap.renewPassword.showRenewPasswordForm', $args)); + $response->throttle(['user' => $user]); + return $response; } try {