* [FIX] Fixed issue when searching an user groupmembership to access to an account. Thanks to @basil-twisleton

* [FIX] Closes #157. Fixed issue when adding LDAP users that don't have any default group/profile set, they are disabled. Thanks to @CyrosX
* [FIX] Closes #154. Modified a string in the ldap template. Thanks to @tsener
* [MOD] Changed default behavior when creating a new account. Now a blank form is displayed. Thanks to @basil-twisleton
* [MOD] Closes #155. Extensions cannot contain other characters than "A-Z", "0-9", "_" and "-". Thanks to @tsener

CHANGELOG

@@ -1,3 +1,11 @@
+=== ** v1.2.0.07 ===
+
+* [FIX] Fixed issue when searching an user groupmembership to access to an account. Thanks to @basil-twisleton
+* [FIX] Closes #157. Fixed issue when adding LDAP users that don't have any default group/profile set, they are disabled. Thanks to @CyrosX
+* [FIX] Closes #154. Modified a string in the ldap template. Thanks to @tsener
+* [MOD] Changed default behavior when creating a new account. Now a blank form is displayed. Thanks to @basil-twisleton
+* [MOD] Closes #155. Extensions cannot contain other characters than "A-Z", "0-9", "_" and "-". Thanks to @tsener
+
 === ** v1.2.0.06 ===
 
 * [ADD] New language translation to Catalan. Thanks to @ferrergl

CHANGELOG-ES

@@ -1,3 +1,11 @@
+=== ** v1.2.0.07 ===
+
+* [FIX] Arreglado error cuando se obtenía la pertenencia a grupos de un usuario para acceder a una cuenta. Thanks to @basil-twisleton
+* [FIX] Closes #157. Arreglado error cuando se añaden usuarios desde LDAP que no tienen grupo o perfil por defecto, son deshabilitados. Thanks to @CyrosX
+* [FIX] Closes #154. Modificada cadena en la plantilla de LDAP. Thanks to @tsener
+* [MOD] Cambiado comportamiento al crear una nueva cuenta. Ahora se muestra un formularion en blanco. Thanks to @basil-twisleton
+* [MOD] Closes #155. Las extensiones sólo pueden contener los siguientes caracteres: "A-Z", "0-9", "_" and "-". Thanks to @tsener
+
 === ** v1.2.0.06 ===
 
 * [ADD] Nueva traducción al catalán. Gracias a @ferrergl

ajax/ajax_configSave.php

@@ -97,14 +97,24 @@ if ($actionId === SP\Controller\ActionsInterface::ACTION_CFG_GENERAL
         $filesAllowedSize = SP\Request::analyze('files_allowed_size', 1024);
         $filesAllowedExts = SP\Request::analyze('files_allowed_exts');
 
-        SP\Config::setCacheConfigValue('files_enabled', $filesEnabled);
-        SP\Config::setCacheConfigValue('files_allowed_size', $filesAllowedSize);
-        SP\Config::setCacheConfigValue('files_allowed_exts', $filesAllowedExts);
-
         if ($filesEnabled && $filesAllowedSize >= 16384) {
             SP\Response::printJSON(_('El tamaño máximo por archivo es de 16MB'));
         }
 
+        if (!empty($filesAllowedExts)){
+            $exts = explode(',', $filesAllowedExts);
+
+            array_walk($exts, function(&$value) {
+                if (preg_match('/[^a-z0-9_-]+/i', $value)) {
+                    SP\Response::printJSON(_('Extensión no permitida'));
+                }
+            });
+        }
+
+        SP\Config::setCacheConfigValue('files_enabled', $filesEnabled);
+        SP\Config::setCacheConfigValue('files_allowed_size', $filesAllowedSize);
+        SP\Config::setCacheConfigValue('files_allowed_exts', $filesAllowedExts);
+
         // Proxy
         $proxyEnabled = SP\Request::analyze('proxy_enabled', false, false, true);
         $proxyServer = SP\Request::analyze('proxy_server');

inc/Acl.class.php

@@ -176,13 +176,15 @@ class Acl implements Controller\ActionsInterface
         $userId = Session::getUserId();
         $userIsAdminApp = Session::getUserIsAdminApp();
         $userIsAdminAcc = Session::getUserIsAdminAcc();
-        $userToGroups = false;
+        $userToGroups = in_array($userGroupId,Groups::getUsersForGroup($accountData['group_id']));
 
-        foreach($accountData['groups_id'] as $groupId){
-            $users = Groups::getUsersForGroup($groupId);
+        if ($userToGroups === false) {
+            foreach ($accountData['groups_id'] as $groupId) {
+                $users = Groups::getUsersForGroup($groupId);
 
-            if ($userGroupId === $groupId || in_array($userId, $users)){
-                $userToGroups = true;
+                if ($userGroupId === $groupId || in_array($userId, $users)) {
+                    $userToGroups = true;
+                }
             }
         }
 

inc/UserLdap.class.php

@@ -65,10 +65,10 @@ class UserLdap
         $data['pass'] = $passdata['pass'];
         $data['hashSalt'] = $passdata['salt'];
         $data['email'] = $User->getUserEmail();
-        $data['notes'] = 'LDAP';
+        $data['notes'] = _('Usuario de LDAP');
         $data['groupId'] = $groupId;
         $data['profileId'] = $profileId;
-        $data['isDisabled'] = ($groupId && $profileId);
+        $data['isDisabled'] = (int)($groupId && $profileId);
 
         if (DB::getQuery($query, __FUNCTION__, $data) === false) {
             return false;

inc/Util.class.php

@@ -309,7 +309,7 @@ class Util
      */
     public static function getVersion($retBuild = false)
     {
-        $build = '06';
+        $build = '07';
         $version = array(1, 2, 0);
 
         if ($retBuild) {

inc/themes/material-blue/ldap.inc

@@ -83,7 +83,7 @@
                             <input id="ldap_binduser" name="ldap_binduser" type="text"
                                    class="mdl-textfield__input fg-blue100"
                                    maxlength="128" value="<?php echo $ldapBindUser; ?>" <?php echo $isDisabled; ?>/>
-                            <label class="mdl-textfield__label" for="ldap_binduser"><?php echo _('Servidor'); ?></label>
+                            <label class="mdl-textfield__label" for="ldap_binduser"><?php echo _('Usuario'); ?></label>
                         </div>
                     </td>
                 </tr>

inc/themes/material-blue/searchbox.inc

@@ -1,6 +1,6 @@
-<div id="searchbox">
+<div id="searchbox" class="round shadow">
     <form method="post" name="frmSearch" id="frmSearch" OnSubmit="return sysPassUtil.Common.accSearch(0);">
-        <div id="tblTools" class="round shadow">
+        <div id="tblTools">
             <div id="toolsLeft">
                 <i id="btnClear" class="material-icons" title="<?php echo _('Limpiar'); ?>">clear_all</i>
 

js/functions.js

@@ -473,6 +473,8 @@ sysPass.Util.Common = function () {
 
                     if (action && id) {
                         doAction(action, 1, id);
+                    } else if (action) {
+                        doAction(action, 1);
                     }
                 } else if (status === 10) {
                     doLogout();

web/AccountC.class.php

@@ -152,7 +152,7 @@ class AccountC extends Controller implements ActionsInterface
             )
         );
         $this->view->assign('showform', true);
-        $this->view->assign('nextaction', Acl::ACTION_ACC_SEARCH);
+        $this->view->assign('nextaction', Acl::ACTION_ACC_NEW);
 
         Session::setLastAcountId(0);
         $this->setCommonData();

web/UsersMgmtC.class.php

@@ -315,8 +315,8 @@ class UsersMgmtC extends Controller implements ActionsInterface
         $this->_module = self::ACTION_USR_USERS;
         $this->view->addTemplate('users');
 
-        $this->view->assign('isDisabled', ($this->view->isDemo || $this->view->actionId === self::ACTION_USR_USERS_VIEW) ? 'disabled' : '');
         $this->view->assign('user', UserUtil::getUserData($this->view->itemId));
+        $this->view->assign('isDisabled', (($this->view->user['user_login'] === 'demo' && $this->view->isDemo) || $this->view->actionId === self::ACTION_USR_USERS_VIEW) ? 'disabled' : '');
         $this->view->assign('groups', DB::getValuesForSelect('usrGroups', 'usergroup_id', 'usergroup_name'));
         $this->view->assign('profiles', DB::getValuesForSelect('usrProfiles', 'userprofile_id', 'userprofile_name'));
         $this->view->assign('ro', ($this->view->user['checks']['user_isLdap']) ? 'READONLY' : '');