Commit 2ec5db6b authored by Daniel Gerhardt's avatar Daniel Gerhardt

Forbid password changing for CAS users

parent 411d5e22
class PasswordsController < Devise::PasswordsController
before_action :resource_from_email, only: [:create]
before_action :prevent_ldap_reset, only: [:create]
before_action :prevent_cas_reset, only: [:create]
before_action :throttle_reset, only: [:create]
def edit
......@@ -45,6 +46,13 @@ def prevent_ldap_reset
alert: "Cannot reset password for LDAP user."
end
def prevent_cas_reset
return unless resource && resource.cas_user?
redirect_to after_sending_reset_password_instructions_path_for(resource_name),
alert: "Cannot reset password for CAS user."
end
def throttle_reset
return unless resource && resource.recently_sent_password_reset?
......
......@@ -75,7 +75,7 @@ def determine_layout
end
def authorize_change_password!
return render_404 if @user.ldap_user?
return render_404 if @user.ldap_user? || @user.cas_user?
end
def user_params
......
......@@ -29,7 +29,7 @@
= link_to profile_emails_path, title: 'Emails' do
%span
Emails
- unless current_user.ldap_user?
- unless current_user.ldap_user? || current_user.cas_user?
= nav_link(controller: :passwords) do
= link_to edit_profile_password_path, title: 'Password' do
%span
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment