Merge pull request #29 from appirio-tech/dev

sachin-maheshwari · web-flow · commit a70458aed021 · 2020-10-09T12:14:39.000+05:30
New Auth Flow -  restricting SSO (Enterprise) user to reset password.
diff --git a/src/main/docker/Dockerfile b/src/main/docker/Dockerfile
@@ -1,4 +1,4 @@
-FROM appiriodevops/ap-microservice-base:0.0.1
+FROM appiriodevops/ap-microservice-base:0.0.2
 
 MAINTAINER devops@appirio.com
 
diff --git a/src/main/java/com/appirio/tech/core/service/identity/resource/UserResource.java b/src/main/java/com/appirio/tech/core/service/identity/resource/UserResource.java
@@ -820,6 +820,11 @@ public ApiResponse changePassword(
           throw new APIRuntimeException(SC_UNAUTHORIZED, "Credentials are incorrect.");
       }
 
+      // SSO users can't reset their password.
+      List<UserProfile> ssoProfiles = userDao.getSSOProfiles(Utils.toLongValue(user.getId()));
+      if(ssoProfiles!=null && ssoProfiles.size()>0)
+          throw new APIRuntimeException(HttpURLConnection.HTTP_FORBIDDEN, MSG_TEMPLATE_NOT_ALLOWED_TO_RESET_PASSWORD);
+
       String error = user.validatePassoword();
       if (error != null) {
           throw new APIRuntimeException(SC_BAD_REQUEST, error);

Original file line number	Diff line number	Diff line change
`@@ -1,4 +1,4 @@`
`1`		`-FROM appiriodevops/ap-microservice-base:0.0.1`
	`1`	`+FROM appiriodevops/ap-microservice-base:0.0.2`
`2`	`2`
`3`	`3`	`MAINTAINER devops@appirio.com`
`4`	`4`