Skip to content

Commit

Permalink
CB-5683 change password for disabled user fix
Browse files Browse the repository at this point in the history
  • Loading branch information
yagudin10 committed Oct 25, 2024
1 parent 4cfb27b commit 865e67a
Showing 1 changed file with 9 additions and 4 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -838,7 +838,7 @@ public void setUserCredentials(
@NotNull String authProviderId,
@NotNull Map<String, Object> credentials
) throws DBException {
var existUserByCredentials = findUserByCredentials(getAuthProvider(authProviderId), credentials);
var existUserByCredentials = findUserByCredentials(getAuthProvider(authProviderId), credentials, false);
if (existUserByCredentials != null && !existUserByCredentials.equals(userId)) {
throw new DBException("Another user is already linked to the specified credentials");
}
Expand Down Expand Up @@ -906,7 +906,11 @@ public void deleteUserCredentials(@NotNull String userId, @NotNull String authPr
}

@Nullable
private String findUserByCredentials(WebAuthProviderDescriptor authProvider, Map<String, Object> authParameters) throws DBCException {
private String findUserByCredentials(
@NotNull WebAuthProviderDescriptor authProvider,
@NotNull Map<String, Object> authParameters,
boolean onlyActive // throws exception if user is inactive
) throws DBCException {
Map<String, Object> identCredentials = new LinkedHashMap<>();
String[] propNames = authParameters.keySet().toArray(new String[0]);
for (AuthPropertyDescriptor prop : authProvider.getCredentialParameters(propNames)) {
Expand Down Expand Up @@ -961,7 +965,7 @@ private String findUserByCredentials(WebAuthProviderDescriptor authProvider, Map
}
}

if (userId != null && !isActive) {
if (userId != null && onlyActive && !isActive) {
throw new DBCException("User account is locked");
}

Expand Down Expand Up @@ -2405,7 +2409,7 @@ private String findOrCreateExternalUserByCredentials(
) throws DBException {
SMAuthProvider<?> smAuthProviderInstance = authProvider.getInstance();

String userId = findUserByCredentials(authProvider, userCredentials);
String userId = findUserByCredentials(authProvider, userCredentials, true);
String userIdFromCredentials;
try {
userIdFromCredentials = smAuthProviderInstance.validateLocalAuth(progressMonitor, this, providerConfig, userCredentials, null);
Expand Down Expand Up @@ -3134,6 +3138,7 @@ private void deleteAuthSubject(Connection dbCon, String subjectId) throws SQLExc
}
}

@NotNull
protected WebAuthProviderDescriptor getAuthProvider(String authProviderId) throws DBCException {
WebAuthProviderDescriptor authProvider = WebAuthProviderRegistry.getInstance().getAuthProvider(authProviderId);
if (authProvider == null) {
Expand Down

0 comments on commit 865e67a

Please sign in to comment.