Skip to content

Commit 15390ad

Browse files
committed
fix(admin): add restriction about admin modify their password
1 parent 66510fc commit 15390ad

3 files changed

Lines changed: 7 additions & 0 deletions

File tree

i18n/en_US.yaml

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -35,6 +35,8 @@ backend:
3535
other: Email and password do not match.
3636
error:
3737
admin:
38+
cannot_update_their_password:
39+
other: You cannot modify your password.
3840
email_or_password_wrong:
3941
other: Email and password do not match.
4042
answer:

internal/base/reason/reason.go

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -64,4 +64,5 @@ const (
6464
TagCannotSetSynonymAsItself = "error.tag.cannot_set_synonym_as_itself"
6565
NotAllowedRegistration = "error.user.not_allowed_registration"
6666
SMTPConfigFromNameCannotBeEmail = "error.smtp.config_from_name_cannot_be_email"
67+
AdminCannotUpdateTheirPassword = "error.admin.cannot_update_their_password"
6768
)

internal/service/user_admin/user_backyard.go

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -153,6 +153,10 @@ func (us *UserAdminService) AddUser(ctx context.Context, req *schema.AddUserReq)
153153

154154
// UpdateUserPassword update user password
155155
func (us *UserAdminService) UpdateUserPassword(ctx context.Context, req *schema.UpdateUserPasswordReq) (err error) {
156+
// Users cannot modify their password
157+
if req.UserID == req.LoginUserID {
158+
return errors.BadRequest(reason.AdminCannotUpdateTheirPassword)
159+
}
156160
userInfo, exist, err := us.userRepo.GetUserInfo(ctx, req.UserID)
157161
if err != nil {
158162
return err

0 commit comments

Comments
 (0)