GitLab steht wegen Wartungsarbeiten am Montag, den 10. Mai, zwischen 17:00 und 19:00 Uhr nicht zur Verfügung.

Commit cca1bd0d authored by Daniel Gerhardt's avatar Daniel Gerhardt

Forbid password changing for CAS users

parent bfbe1458
class PasswordsController < Devise::PasswordsController
before_action :resource_from_email, only: [:create]
before_action :prevent_ldap_reset, only: [:create]
before_action :prevent_cas_reset, only: [:create]
before_action :throttle_reset, only: [:create]
def edit
......@@ -45,6 +46,13 @@ def prevent_ldap_reset
alert: "Cannot reset password for LDAP user."
def prevent_cas_reset
return unless resource && resource.cas_user?
redirect_to after_sending_reset_password_instructions_path_for(resource_name),
alert: "Cannot reset password for CAS user."
def throttle_reset
return unless resource && resource.recently_sent_password_reset?
......@@ -75,7 +75,7 @@ def determine_layout
def authorize_change_password!
return render_404 if @user.ldap_user?
return render_404 if @user.ldap_user? || @user.cas_user?
def user_params
......@@ -25,7 +25,7 @@
= link_to profile_emails_path, title: 'Emails' do
- unless current_user.ldap_user?
- unless current_user.ldap_user? || current_user.cas_user?
= nav_link(controller: :passwords) do
= link_to edit_profile_password_path, title: 'Password' do
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment