Add-on Disable Lost/Reset Password By Usergroup

[feldon30]

I imported a bunch of posts from ProBoards (PM me if you need this service) and my scraper script created actual users in the process. Unfortunately, people are trying to login to those imported user accounts and/or get a lost/reset password sent.

I need to disable Lost/Reset Password for a usergroup or this group of users.
There may be an obvious solution to this just by changing a usergroup parameter or a parameter for each user, but otherwise, if a template mod or addon will help, let me know!

 

[Akinak]

I do not think that this addon will be usefull, but You can do some custom work.

step 1. Go to admin panel and create new permission in general group like can_lost_password ( admin.php?permissions/permission/add )
step2. Go to admin panel and create some phrase, like this_group_cannot_lost_passw and put You text in this phrase
step3. Open \library\XenForo\ControllerPublic\LostPassword.php and add this code

        //Add this code
        $permissions=$this->getModelFromCache('XenForo_Model_Permission')->getPermissionCombinationById($user['permission_combination_id']);
        $permissions=unserialize($permissions['cache_value']);
        if ((isset($permissions['general']['can_lost_password']))
            AND ($permissions['general']['can_lost_password']===false))
        {
            return $this->responseError(new XenForo_Phrase('this_group_cannot_lost_passw'));
        }
        //End adding code

before

$confirmationModel->sendPasswordResetRequest($user);

step4. Go to grop permissions (/admin.php?user-group-permissions/) and allow can_lost_password to this group, which must use this function. Another group cannot use lost password.

But if you want this in the form of add-on, then let me know. But it will be a fee.

 

[feldon30]

Thank you for the detailed response. This looks like it would solve my problem.

 

[Dan Allen]

I do not think that this addon will be useful

This addon looks like it would have been useful to me today, for essentially the same scenario.

What is the reason that the addon looks useful to the thread starter and me, when in reality it would not be useful?

The only explanation I can think of is he and I have the same lack of knowledge.

****

I thought of another possible explanation. Maybe the add on would be useful to us, because the knowledge we lack could be provided in a working form, i.e., an addon, sort of like the whole product does in a number of areas, but from the perspective of a developer who is familiar with the system, the addon has little appeal.

Is it possible for an addon to be useful to some people and not others? I hope not, absolutes are so much easier and the truth always is the easier answer when it comes right down as a result of thermodynamic laws of entropy.

 

[tyteen4a03]

In this scenario, you are supposed to let the users reset the passwords themselves. This way, passwords will never be sent via (insecure) emails.

 

[feldon30]

In this scenario, you are supposed to let the users reset the passwords themselves. This way, passwords will never be sent via (insecure) emails.

Not on disabled guest accounts.

 

[tyteen4a03]

Not on disabled guest accounts.

Guest accounts should be deleted (that's how guest posting works)