Commit 637da6cc authored by Daniel Gerhardt's avatar Daniel Gerhardt

Forbid password changing for CAS users

parent a092e52e
...@@ -5,6 +5,7 @@ class PasswordsController < Devise::PasswordsController ...@@ -5,6 +5,7 @@ class PasswordsController < Devise::PasswordsController
before_action :resource_from_email, only: [:create] before_action :resource_from_email, only: [:create]
before_action :check_password_authentication_available, only: [:create] before_action :check_password_authentication_available, only: [:create]
before_action :prevent_cas_reset, only: [:create]
before_action :throttle_reset, only: [:create] before_action :throttle_reset, only: [:create]
# rubocop: disable CodeReuse/ActiveRecord # rubocop: disable CodeReuse/ActiveRecord
...@@ -55,6 +56,13 @@ class PasswordsController < Devise::PasswordsController ...@@ -55,6 +56,13 @@ class PasswordsController < Devise::PasswordsController
alert: "Password authentication is unavailable." alert: "Password authentication is unavailable."
end end
def prevent_cas_reset
return unless resource && resource.cas_user?
redirect_to after_sending_reset_password_instructions_path_for(resource_name),
alert: "Cannot reset password for CAS user."
end
def throttle_reset def throttle_reset
return unless resource && resource.recently_sent_password_reset? return unless resource && resource.recently_sent_password_reset?
......
...@@ -72,7 +72,7 @@ ...@@ -72,7 +72,7 @@
= link_to profile_emails_path do = link_to profile_emails_path do
%strong.fly-out-top-item-name %strong.fly-out-top-item-name
= _('Emails') = _('Emails')
- if current_user.allow_password_authentication? - if current_user.allow_password_authentication? && !current_user.cas_user?
= nav_link(controller: :passwords) do = nav_link(controller: :passwords) do
= link_to edit_profile_password_path do = link_to edit_profile_password_path do
.nav-icon-container .nav-icon-container
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment