From 3ac58fb142e3b17987ac6b075a523fb2a09aa51f Mon Sep 17 00:00:00 2001
From: David Siegfried <david.siegfried@uni-vechta.de>
Date: Thu, 12 May 2022 13:12:26 +0000
Subject: [PATCH] fix editing passwordadmission, closes #1045

Closes #1045

Merge request studip/studip!613
---
 app/controllers/admission/rule.php                |  6 +++---
 app/views/admission/rule/configure.php            |  8 +++++++-
 .../passwordadmission/PasswordAdmission.class.php | 15 +++++++++------
 .../passwordadmission/templates/configure.php     |  7 ++++---
 4 files changed, 23 insertions(+), 13 deletions(-)

diff --git a/app/controllers/admission/rule.php b/app/controllers/admission/rule.php
index bc5a88a96ec..205e1a02d70 100644
--- a/app/controllers/admission/rule.php
+++ b/app/controllers/admission/rule.php
@@ -116,12 +116,12 @@ class Admission_RuleController extends AuthenticatedController
      * configure a rule of the given type.
      *
      * @param String $ruleType Class name of the rule to check.
+     * @param String $ruleId   ID of the rule to save, or empty if this is a new rule.
      */
-    public function validate_action($ruleType)
+    public function validate_action($ruleType, $ruleId = '')
     {
         $rules = AdmissionRule::getAvailableAdmissionRules();
-        $rule = new $ruleType();
+        $rule = new $ruleType($ruleId);
         $this->errors = $rule->validate(Request::getInstance());
     }
-
 }
diff --git a/app/views/admission/rule/configure.php b/app/views/admission/rule/configure.php
index 17914dab90f..028b45508dd 100644
--- a/app/views/admission/rule/configure.php
+++ b/app/views/admission/rule/configure.php
@@ -4,7 +4,13 @@ use Studip\Button, Studip\LinkButton;
 <div id="errormessage"></div>
 <form action="<?= $controller->url_for('admission/rule/save', get_class($rule), $rule->getId()) ?>"
       id="ruleform" class="default"
-      onsubmit="return STUDIP.Admission.checkAndSaveRule('<?= $rule->getId() ?>', 'errormessage', '<?= $controller->url_for('admission/rule/validate', get_class($rule)) ?>', 'rules', '<?= $controller->url_for('admission/rule/save', get_class($rule), $rule->getId()) ?>')">
+      onsubmit="return STUDIP.Admission.checkAndSaveRule(
+          '<?= $rule->getId() ?>',
+              'errormessage',
+              '<?= $controller->url_for('admission/rule/validate', get_class($rule), $rule->getId()) ?>',
+              'rules',
+              '<?= $controller->url_for('admission/rule/save', get_class($rule), $rule->getId()) ?>'
+          )">
     <?= $ruleTemplate ?>
     <footer data-dialog-button>
         <input type="hidden" id="action" name="action" value="">
diff --git a/lib/admissionrules/passwordadmission/PasswordAdmission.class.php b/lib/admissionrules/passwordadmission/PasswordAdmission.class.php
index c0aa97070a7..6a99066faf9 100644
--- a/lib/admissionrules/passwordadmission/PasswordAdmission.class.php
+++ b/lib/admissionrules/passwordadmission/PasswordAdmission.class.php
@@ -19,20 +19,20 @@ require_once 'vendor/phpass/PasswordHash.php';
 
 class PasswordAdmission extends AdmissionRule
 {
-
     // --- ATTRIBUTES ---
     /*
      * Password hasher (phpass library)
      */
-    var $hasher = null;
+    public $hasher = null;
 
     /*
      * Crypted password.
      */
-    var $password = '';
+    public $password = '';
 
     // --- OPERATIONS ---
 
+    public $new = false;
     /**
      * Standard constructor.
      *
@@ -48,6 +48,7 @@ class PasswordAdmission extends AdmissionRule
             $this->load();
         } else {
             $this->id = $this->generateId('passwordadmissions');
+            $this->new = true;
         }
     }
 
@@ -173,7 +174,9 @@ class PasswordAdmission extends AdmissionRule
      */
     public function setAllData($data) {
         parent::setAllData($data);
-        $this->setPassword($data['password1']);
+        if ($this->new || $data['password1'] !== '') {
+            $this->setPassword($data['password1']);
+        }
         return $this;
     }
 
@@ -227,10 +230,10 @@ class PasswordAdmission extends AdmissionRule
     public function validate($data)
     {
         $errors = parent::validate($data);
-        if (!$data['password1']) {
+        if ($data['password1'] === '' && $this->new) {
             $errors[] = _('Das Passwort darf nicht leer sein.');
         }
-        if ($data['password1'] != $data['password2']) {
+        if ($data['password1'] !== $data['password2']) {
             $errors[] = _('Das Passwort stimmt nicht mit der Wiederholung Ã¼berein.');
         }
         return $errors;
diff --git a/lib/admissionrules/passwordadmission/templates/configure.php b/lib/admissionrules/passwordadmission/templates/configure.php
index e9ccac1618f..4642dec2805 100644
--- a/lib/admissionrules/passwordadmission/templates/configure.php
+++ b/lib/admissionrules/passwordadmission/templates/configure.php
@@ -5,10 +5,11 @@
 </label>
 <label>
     <?= _('Zugangspasswort') ?>:
-    <input type="password" name="password1" size="25" max="40" value="<?= htmlReady($rule->getPassword()) ?>" required>
+    <input type="password" name="password1" size="25" max="40"
+       value="<?= htmlReady(Request::get('password1')) ?>" <?= $rule->new ? 'required' : ''?>>
 </label>
-<br/>
 <label>
     <?= _('Passwort wiederholen') ?>:
-    <input type="password" name="password2" size="25" max="40" value="<?= htmlReady($rule->getPassword()) ?>" required>
+    <input type="password" name="password2" size="25" max="40"
+           value="<?= htmlReady(Request::get('password2')) ?>" <?= $rule->new ? 'required' : ''?>>
 </label>
-- 
GitLab