diff --git a/dashboard/src/translation/en.json b/dashboard/src/translation/en.json index 34d069d1b..4367dc03f 100644 --- a/dashboard/src/translation/en.json +++ b/dashboard/src/translation/en.json @@ -244,7 +244,8 @@ "bindPassword": "Bind Password (optional)", "errorSelfSignedCert": "Server is using an invalid or self-signed certificate.", "providerOther": "Other", - "providerDisabled": "Disabled" + "providerDisabled": "Disabled", + "disableWarning": "The authentication source of all existing users will be reset to authenticate against the local password database." }, "subscriptionDialog": { "title": "Subscription required", diff --git a/dashboard/src/views/user-settings.html b/dashboard/src/views/user-settings.html index 9a79dcc8a..ccbbc46b9 100644 --- a/dashboard/src/views/user-settings.html +++ b/dashboard/src/views/user-settings.html @@ -13,6 +13,10 @@ +

+ {{ 'users.externalLdap.disableWarning' | tr }} +

+
diff --git a/src/externalldap.js b/src/externalldap.js index 775fa335b..d1bdb575c 100644 --- a/src/externalldap.js +++ b/src/externalldap.js @@ -81,6 +81,8 @@ async function setConfig(newConfig) { if (error) throw error; await settings.setJson(settings.EXTERNAL_LDAP_KEY, newConfig); + + if (newConfig.provider === 'noop') await users.resetSource(); // otherwise, the owner could be 'ldap' source and lock themselves out } // performs service bind if required diff --git a/src/users.js b/src/users.js index b456fe9f5..4265dd51c 100644 --- a/src/users.js +++ b/src/users.js @@ -54,6 +54,8 @@ exports = module.exports = { getProfileConfig, setProfileConfig, + resetSource, + AP_MAIL: 'mail', AP_WEBADMIN: 'webadmin', @@ -972,3 +974,7 @@ async function setProfileConfig(profileConfig) { } } } + +async function resetSource() { + await database.query('UPDATE users SET source = ?', [ '' ]); +}