From c2d22c84cfe61cadb529aa1583e5f196570256f8 Mon Sep 17 00:00:00 2001
From: yemkareems <yemkareems@gmail.com>
Date: Wed, 30 Oct 2024 11:29:52 +0530
Subject: [PATCH 1/2] fix: add PasswordConfirmationRequired to
 saveGlobalCredentials

Co-authored-by: yemkareems <yemkareems@gmail.com>

Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>

[skip ci]
---
 apps/files_external/js/settings.js | 27 +++++++++++++++++----------
 1 file changed, 17 insertions(+), 10 deletions(-)

diff --git a/apps/files_external/js/settings.js b/apps/files_external/js/settings.js
index 6e83cd1bac8c3..24fbd234119ec 100644
--- a/apps/files_external/js/settings.js
+++ b/apps/files_external/js/settings.js
@@ -1492,30 +1492,37 @@ window.addEventListener('DOMContentLoaded', function() {
 		}
 	});
 
-	$('#global_credentials').on('submit', function() {
-		var $form = $(this);
+	function _submitCredentials(success) {
 		var uid = $form.find('[name=uid]').val();
 		var user = $form.find('[name=username]').val();
 		var password = $form.find('[name=password]').val();
-		var $submit = $form.find('[type=submit]');
-		$submit.val(t('files_external', 'Saving …'));
 		$.ajax({
 			type: 'POST',
 			contentType: 'application/json',
 			data: JSON.stringify({
-					uid: uid,
-					user: user,
-				password: password
+				uid,
+				user,
+				password,
 			}),
 				url: OC.generateUrl('apps/files_external/globalcredentials'),
 				dataType: 'json',
-			success: function() {
+				success,
+		});
+	}
+
+	$('#global_credentials').on('submit', function() {
+		var $form = $(this);
+		var $submit = $form.find('[type=submit]');
+		$submit.val(t('files_external', 'Saving …'));
+
+		window.OC.PasswordConfirmation
+			.requirePasswordConfirmation(() => _submitCredentials(function() {
 				$submit.val(t('files_external', 'Saved'));
 				setTimeout(function(){
 					$submit.val(t('files_external', 'Save'));
 				}, 2500);
-			}
-		});
+			}));
+
 		return false;
 	});
 

From c481f20e95573fbc653e4d86c7f70070cbaac7d6 Mon Sep 17 00:00:00 2001
From: yemkareems <yemkareems@gmail.com>
Date: Wed, 30 Oct 2024 17:15:11 +0530
Subject: [PATCH 2/2] fix: resolve conflict add PasswordConfirmationRequired to
 saveGlobalCredentials

Signed-off-by: yemkareems <yemkareems@gmail.com>
---
 apps/files_external/lib/Controller/AjaxController.php | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/apps/files_external/lib/Controller/AjaxController.php b/apps/files_external/lib/Controller/AjaxController.php
index 0e43ea38eecd7..7c36e17592d35 100644
--- a/apps/files_external/lib/Controller/AjaxController.php
+++ b/apps/files_external/lib/Controller/AjaxController.php
@@ -31,6 +31,8 @@
 use OCA\Files_External\Lib\Auth\Password\GlobalAuth;
 use OCA\Files_External\Lib\Auth\PublicKey\RSA;
 use OCP\AppFramework\Controller;
+use OCP\AppFramework\Http\Attribute\NoAdminRequired;
+use OCP\AppFramework\Http\Attribute\PasswordConfirmationRequired;
 use OCP\AppFramework\Http\JSONResponse;
 use OCP\IGroupManager;
 use OCP\IRequest;
@@ -97,13 +99,13 @@ public function getSshKeys($keyLength = 1024) {
 	}
 
 	/**
-	 * @NoAdminRequired
-	 *
 	 * @param string $uid
 	 * @param string $user
 	 * @param string $password
 	 * @return bool
 	 */
+	#[NoAdminRequired]
+	#[PasswordConfirmationRequired]
 	public function saveGlobalCredentials($uid, $user, $password) {
 		$currentUser = $this->userSession->getUser();
 		if ($currentUser === null) {