Commit 27658fdf authored by Daniel Gerhardt's avatar Daniel Gerhardt
Browse files

Forbid password changing for CAS users

parent 7731eea9
......@@ -5,6 +5,7 @@ class PasswordsController < Devise::PasswordsController
before_action :resource_from_email, only: [:create]
before_action :check_password_authentication_available, only: [:create]
before_action :prevent_cas_reset, only: [:create]
before_action :throttle_reset, only: [:create]
# rubocop: disable CodeReuse/ActiveRecord
......@@ -55,6 +56,13 @@ def check_password_authentication_available
alert: "Password authentication is unavailable."
def prevent_cas_reset
return unless resource && resource.cas_user?
redirect_to after_sending_reset_password_instructions_path_for(resource_name),
alert: "Cannot reset password for CAS user."
def throttle_reset
return unless resource && resource.recently_sent_password_reset?
......@@ -72,7 +72,7 @@
= link_to profile_emails_path do
= _('Emails')
- if current_user.allow_password_authentication?
- if current_user.allow_password_authentication? && !current_user.cas_user?
= nav_link(controller: :passwords) do
= link_to edit_profile_password_path do
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment