Commit d38daedd authored by Daniel Gerhardt's avatar Daniel Gerhardt

Forbid password changing for CAS users

parent 361c0d4a
......@@ -5,6 +5,7 @@ class PasswordsController < Devise::PasswordsController
before_action :resource_from_email, only: [:create]
before_action :check_password_authentication_available, only: [:create]
before_action :prevent_cas_reset, only: [:create]
before_action :throttle_reset, only: [:create]
# rubocop: disable CodeReuse/ActiveRecord
......@@ -55,6 +56,13 @@ class PasswordsController < Devise::PasswordsController
alert: "Password authentication is unavailable."
end
def prevent_cas_reset
return unless resource && resource.cas_user?
redirect_to after_sending_reset_password_instructions_path_for(resource_name),
alert: "Cannot reset password for CAS user."
end
def throttle_reset
return unless resource && resource.recently_sent_password_reset?
......
......@@ -72,7 +72,7 @@
= link_to profile_emails_path do
%strong.fly-out-top-item-name
= _('Emails')
- if current_user.allow_password_authentication?
- if current_user.allow_password_authentication? && !current_user.cas_user?
= nav_link(controller: :passwords) do
= link_to edit_profile_password_path do
.nav-icon-container
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment