mirror of
https://github.com/coder/coder.git
synced 2025-07-09 11:45:56 +00:00
chore: do not allow resetting password of non password users (#9003)
This commit is contained in:
@ -733,6 +733,13 @@ func (api *API) putUserPassword(rw http.ResponseWriter, r *http.Request) {
|
|||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if user.LoginType != database.LoginTypePassword {
|
||||||
|
httpapi.Write(ctx, rw, http.StatusBadRequest, codersdk.Response{
|
||||||
|
Message: "Users without password login type cannot change their password.",
|
||||||
|
})
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
err := userpassword.Validate(params.Password)
|
err := userpassword.Validate(params.Password)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
httpapi.Write(ctx, rw, http.StatusBadRequest, codersdk.Response{
|
httpapi.Write(ctx, rw, http.StatusBadRequest, codersdk.Response{
|
||||||
|
@ -42,6 +42,14 @@ Editable.args = {
|
|||||||
roles: [],
|
roles: [],
|
||||||
status: "suspended",
|
status: "suspended",
|
||||||
},
|
},
|
||||||
|
{
|
||||||
|
...MockUser,
|
||||||
|
username: "OIDC User",
|
||||||
|
email: "oidc.user@coder.com",
|
||||||
|
roles: [],
|
||||||
|
status: "active",
|
||||||
|
login_type: "oidc",
|
||||||
|
},
|
||||||
],
|
],
|
||||||
roles: MockAssignableSiteRoles,
|
roles: MockAssignableSiteRoles,
|
||||||
canEditUsers: true,
|
canEditUsers: true,
|
||||||
|
@ -205,7 +205,7 @@ export const UsersTableBody: FC<
|
|||||||
{
|
{
|
||||||
label: t("resetPasswordMenuItem"),
|
label: t("resetPasswordMenuItem"),
|
||||||
onClick: onResetUserPassword,
|
onClick: onResetUserPassword,
|
||||||
disabled: false,
|
disabled: user.login_type !== "password",
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
label: t("listWorkspacesMenuItem"),
|
label: t("listWorkspacesMenuItem"),
|
||||||
|
Reference in New Issue
Block a user