[gnome-control-center/gnome-3-8] user-accounts: When enterprise account disabled, join as admin
- From: Stefan Walter <stefw src gnome org>
- To: commits-list gnome org
- Cc:
- Subject: [gnome-control-center/gnome-3-8] user-accounts: When enterprise account disabled, join as admin
- Date: Mon, 6 May 2013 12:31:01 +0000 (UTC)
commit 2271a780ab0c49f31d4e7dcb8efd108fedc5ea2a
Author: Stef Walter <stefw gnome org>
Date: Tue Apr 30 11:11:33 2013 +0200
user-accounts: When enterprise account disabled, join as admin
When an enterprise login user account is disabled, or needs to have
its password change, just prompt for the administrator to do the join
to the domain. This is exactly the same fall through as if the user
does not have permission to join a machine to a domain.
https://bugzilla.gnome.org/show_bug.cgi?id=699293
panels/user-accounts/um-account-dialog.c | 15 +++++++++++++--
panels/user-accounts/um-realm-manager.c | 12 +++++++++---
panels/user-accounts/um-realm-manager.h | 1 +
3 files changed, 23 insertions(+), 5 deletions(-)
---
diff --git a/panels/user-accounts/um-account-dialog.c b/panels/user-accounts/um-account-dialog.c
index 082e7a3..469a833 100644
--- a/panels/user-accounts/um-account-dialog.c
+++ b/panels/user-accounts/um-account-dialog.c
@@ -648,9 +648,19 @@ on_realm_login (GObject *source,
{
UmAccountDialog *self = UM_ACCOUNT_DIALOG (user_data);
GError *error = NULL;
- GBytes *creds;
+ GBytes *creds = NULL;
um_realm_login_finish (result, &creds, &error);
+
+ /*
+ * User login is valid, but cannot authenticate right now (eg: user needs
+ * to change password at next login etc.)
+ */
+ if (g_error_matches (error, UM_REALM_ERROR, UM_REALM_ERROR_CANNOT_AUTH)) {
+ g_clear_error (&error);
+ creds = NULL;
+ }
+
if (error == NULL) {
/* Already joined to the domain, just register this user */
@@ -659,7 +669,8 @@ on_realm_login (GObject *source,
enterprise_permit_user_login (self);
/* Join the domain, try using the user's creds */
- } else if (!um_realm_join_as_user (self->selected_realm,
+ } else if (creds == NULL ||
+ !um_realm_join_as_user (self->selected_realm,
gtk_entry_get_text (self->enterprise_login),
gtk_entry_get_text (self->enterprise_password),
creds, self->cancellable,
diff --git a/panels/user-accounts/um-realm-manager.c b/panels/user-accounts/um-realm-manager.c
index e20fba0..1fd41ad 100644
--- a/panels/user-accounts/um-realm-manager.c
+++ b/panels/user-accounts/um-realm-manager.c
@@ -809,10 +809,7 @@ kinit_thread_func (GSimpleAsyncResult *async,
break;
case KRB5KDC_ERR_C_PRINCIPAL_UNKNOWN:
- case KRB5KDC_ERR_CLIENT_REVOKED:
- case KRB5KDC_ERR_KEY_EXP:
case KRB5KDC_ERR_POLICY:
- case KRB5KDC_ERR_ETYPE_NOSUPP:
g_simple_async_result_set_error (async, UM_REALM_ERROR, UM_REALM_ERROR_BAD_LOGIN,
_("Cannot log in as %s at the %s domain"),
login->user, login->domain);
@@ -822,6 +819,15 @@ kinit_thread_func (GSimpleAsyncResult *async,
g_simple_async_result_set_error (async, UM_REALM_ERROR, UM_REALM_ERROR_BAD_PASSWORD,
_("Invalid password, please try again"));
break;
+ case KRB5_PREAUTH_FAILED:
+ case KRB5KDC_ERR_KEY_EXP:
+ case KRB5KDC_ERR_CLIENT_REVOKED:
+ case KRB5KDC_ERR_ETYPE_NOSUPP:
+ case KRB5_PROG_ETYPE_NOSUPP:
+ g_simple_async_result_set_error (async, UM_REALM_ERROR, UM_REALM_ERROR_CANNOT_AUTH,
+ _("Cannot log in as %s at the %s domain"),
+ login->user, login->domain);
+ break;
default:
g_simple_async_result_set_error (async, UM_REALM_ERROR, UM_REALM_ERROR_GENERIC,
_("Couldn't connect to the %s domain: %s"),
diff --git a/panels/user-accounts/um-realm-manager.h b/panels/user-accounts/um-realm-manager.h
index 6f04c2f..2841dff 100644
--- a/panels/user-accounts/um-realm-manager.h
+++ b/panels/user-accounts/um-realm-manager.h
@@ -29,6 +29,7 @@ G_BEGIN_DECLS
typedef enum {
UM_REALM_ERROR_BAD_LOGIN,
UM_REALM_ERROR_BAD_PASSWORD,
+ UM_REALM_ERROR_CANNOT_AUTH,
UM_REALM_ERROR_GENERIC,
} UmRealmErrors;
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
