chore: do not allow resetting password of non password users (#9003)

2023-08-09 13:56:13 -05:00 · 2023-08-09 13:56:13 -05:00 · f334b66178
parent 919f5c6fe9
commit f334b66178
3 changed files with 16 additions and 1 deletions
--- a/coderd/users.go
+++ b/coderd/users.go
@ -733,6 +733,13 @@ func (api *API) putUserPassword(rw http.ResponseWriter, r *http.Request) {
 		return
 	}

+	if user.LoginType != database.LoginTypePassword {
+		httpapi.Write(ctx, rw, http.StatusBadRequest, codersdk.Response{
+			Message: "Users without password login type cannot change their password.",
+		})
+		return
+	}
+
 	err := userpassword.Validate(params.Password)
 	if err != nil {
 		httpapi.Write(ctx, rw, http.StatusBadRequest, codersdk.Response{
--- a/site/src/components/UsersTable/UsersTable.stories.tsx
+++ b/site/src/components/UsersTable/UsersTable.stories.tsx
@ -42,6 +42,14 @@ Editable.args = {
      roles: [],
      status: "suspended",
    },
+    {
+      ...MockUser,
+      username: "OIDC User",
+      email: "oidc.user@coder.com",
+      roles: [],
+      status: "active",
+      login_type: "oidc",
+    },
  ],
  roles: MockAssignableSiteRoles,
  canEditUsers: true,
--- a/site/src/components/UsersTable/UsersTableBody.tsx
+++ b/site/src/components/UsersTable/UsersTableBody.tsx
@ -205,7 +205,7 @@ export const UsersTableBody: FC<
                            {
                              label: t("resetPasswordMenuItem"),
                              onClick: onResetUserPassword,
-                              disabled: false,
+                              disabled: user.login_type !== "password",
                            },
                            {
                              label: t("listWorkspacesMenuItem"),