Check that user actually can validate password for js

Signed-off-by: zorn-v <zorn7@yandex.ru>
2025-01-27 22:48:58 +07:00 · 2025-01-27 22:48:58 +07:00 · d0658e85ea
parent 85d2ee5262
commit d0658e85ea
1 changed files with 1 additions and 1 deletions
--- a/lib/private/Template/JSConfigHelper.php
+++ b/lib/private/Template/JSConfigHelper.php
@ -67,7 +67,7 @@ class JSConfigHelper {

 			$backend = $this->currentUser->getBackend();
 			if ($backend instanceof IPasswordConfirmationBackend) {
-				$userBackendAllowsPasswordConfirmation = $backend->canConfirmPassword($uid);
+				$userBackendAllowsPasswordConfirmation = $backend->canConfirmPassword($uid) && $this->canUserValidatePassword();
 			} elseif (isset($this->excludedUserBackEnds[$this->currentUser->getBackendClassName()])) {
 				$userBackendAllowsPasswordConfirmation = false;
 			}