From 2043514aa9beeedb138aef6e2d89329fa812a370 Mon Sep 17 00:00:00 2001 From: Steven Masley Date: Wed, 9 Aug 2023 11:27:03 -0500 Subject: [PATCH] chore: do not allow resetting password of non password users --- coderd/users.go | 7 +++++++ site/src/components/UsersTable/UsersTable.stories.tsx | 8 ++++++++ site/src/components/UsersTable/UsersTableBody.tsx | 2 +- 3 files changed, 16 insertions(+), 1 deletion(-) diff --git a/coderd/users.go b/coderd/users.go index 017e20d408586..b34b447b8c456 100644 --- a/coderd/users.go +++ b/coderd/users.go @@ -733,6 +733,13 @@ func (api *API) putUserPassword(rw http.ResponseWriter, r *http.Request) { return } + if user.LoginType != database.LoginTypePassword { + httpapi.Write(ctx, rw, http.StatusBadRequest, codersdk.Response{ + Message: "Users without password login type cannot change their password.", + }) + return + } + err := userpassword.Validate(params.Password) if err != nil { httpapi.Write(ctx, rw, http.StatusBadRequest, codersdk.Response{ diff --git a/site/src/components/UsersTable/UsersTable.stories.tsx b/site/src/components/UsersTable/UsersTable.stories.tsx index ce019b4d3e72b..536c39253fa44 100644 --- a/site/src/components/UsersTable/UsersTable.stories.tsx +++ b/site/src/components/UsersTable/UsersTable.stories.tsx @@ -42,6 +42,14 @@ Editable.args = { roles: [], status: "suspended", }, + { + ...MockUser, + username: "OIDC User", + email: "oidc.user@coder.com", + roles: [], + status: "active", + login_type: "oidc", + }, ], roles: MockAssignableSiteRoles, canEditUsers: true, diff --git a/site/src/components/UsersTable/UsersTableBody.tsx b/site/src/components/UsersTable/UsersTableBody.tsx index ad25de524f3a8..82e154a3d0d0b 100644 --- a/site/src/components/UsersTable/UsersTableBody.tsx +++ b/site/src/components/UsersTable/UsersTableBody.tsx @@ -205,7 +205,7 @@ export const UsersTableBody: FC< { label: t("resetPasswordMenuItem"), onClick: onResetUserPassword, - disabled: false, + disabled: user.login_type !== "password", }, { label: t("listWorkspacesMenuItem"),