Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: "Allow Password Change for OAuth Users" setting is not honored in the "Forgot Password" flow #32398

Merged
merged 8 commits into from
May 20, 2024
Merged

fix: "Allow Password Change for OAuth Users" setting is not honored in the "Forgot Password" flow #32398

merged 8 commits into from
May 20, 2024

Conversation

matheusbsilva137
Copy link
Member

@matheusbsilva137 matheusbsilva137 commented May 9, 2024
edited by jira bot
Loading

Proposed changes (including videos or screenshots)

  • Correctly check for the Accounts_AllowPasswordChangeForOAuthUsers in the users.forgotPassword endpoint.

Issue(s)

Steps to test or reproduce

  1. Go to Settings > Accounts > Allow Password Change for OAuth Users and disable this setting.
  2. Create a user via LDAP or OAuth;
  3. Log out and use the "Forgot your password?" option to reset the password of the user that has just been created;
    Current behavior: the reset password e-mail is sent (even to LDAP/OAuth users that didn't have a password before);
    Expected behavior: the reset password e-mail should not be sent.

Further comments

CORE-439

@dionisio-bot dionisio-bot
Copy link
Contributor

dionisio-bot bot commented May 9, 2024
edited
Loading

Looks like this PR is ready to merge! 🎉
If you have any trouble, please check the PR guidelines

@changeset-bot changeset-bot
Copy link

changeset-bot bot commented May 9, 2024
edited
Loading

🦋 Changeset detected

Latest commit: 1df6f70

The changes in this PR will be included in the next version bump.

This PR includes changesets to release 32 packages
Name Type
@rocket.chat/meteor Patch
@rocket.chat/core-typings Patch
@rocket.chat/rest-typings Patch
@rocket.chat/apps Patch
@rocket.chat/core-services Patch
@rocket.chat/cron Patch
@rocket.chat/fuselage-ui-kit Patch
@rocket.chat/gazzodown Patch
@rocket.chat/livechat Patch
@rocket.chat/model-typings Patch
@rocket.chat/ui-contexts Patch
@rocket.chat/account-service Patch
@rocket.chat/authorization-service Patch
@rocket.chat/ddp-streamer Patch
@rocket.chat/omnichannel-transcript Patch
@rocket.chat/presence-service Patch
@rocket.chat/queue-worker Patch
@rocket.chat/stream-hub-service Patch
@rocket.chat/api-client Patch
@rocket.chat/license Patch
@rocket.chat/omnichannel-services Patch
@rocket.chat/pdf-worker Patch
@rocket.chat/presence Patch
rocketchat-services Patch
@rocket.chat/ddp-client Patch
@rocket.chat/uikit-playground Patch
@rocket.chat/models Patch
@rocket.chat/ui-avatar Patch
@rocket.chat/ui-client Patch
@rocket.chat/ui-video-conf Patch
@rocket.chat/web-ui-registration Patch
@rocket.chat/instance-status Patch

Not sure what this means? Click here to learn what changesets are.

Click here if you're a maintainer who wants to add another changeset to this PR

@matheusbsilva137 matheusbsilva137 added this to the 6.9 milestone May 9, 2024
@codecov Codecov
Copy link

codecov bot commented May 9, 2024
edited
Loading

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 55.86%. Comparing base (61e31aa) to head (1df6f70).

Additional details and impacted files

Impacted file tree graph

@@             Coverage Diff             @@
##           develop   #32398      +/-   ##
===========================================
- Coverage    55.86%   55.86%   -0.01%     
===========================================
  Files         2432     2432              
  Lines        53480    53480              
  Branches     10993    10993              
===========================================
- Hits         29877    29874       -3     
- Misses       20965    20966       +1     
- Partials      2638     2640       +2
Flag Coverage Δ
e2e 55.19% <ø> (-0.02%) ⬇️
unit 72.74% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

@matheusbsilva137 matheusbsilva137 marked this pull request as ready for review May 10, 2024 21:00
@matheusbsilva137 matheusbsilva137 requested review from a team as code owners May 10, 2024 21:00
KevLehman
KevLehman previously approved these changes May 13, 2024
View reviewed changes
dougfabris
dougfabris previously approved these changes May 14, 2024
View reviewed changes
Copy link
Member

@dougfabris dougfabris left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Approving it on behalf of frontend team!

@matheusbsilva137 matheusbsilva137 dismissed stale reviews from dougfabris and KevLehman via a2feeaa May 16, 2024 12:58
@jessicaschelly jessicaschelly added the stat: QA assured Means it has been tested and approved by a company insider label May 20, 2024
@dionisio-bot dionisio-bot bot added the stat: ready to merge PR tested and approved waiting for merge label May 20, 2024
@kodiakhq kodiakhq bot merged commit 6ac3607 into develop May 20, 2024
42 of 45 checks passed
@kodiakhq kodiakhq bot deleted the fix/password-change-oauth branch May 20, 2024 19:19
@rocketchat-github-ci rocketchat-github-ci mentioned this pull request May 21, 2024
Merged
gabriellsh added a commit that referenced this pull request May 28, 2024
@gabriellsh
Merge branch 'develop' of github.com:RocketChat/Rocket.Chat into imp/…
db22715 
…retention

* 'develop' of github.com:RocketChat/Rocket.Chat: (36 commits)
  refactor: IntegrationHistory out of DB Watcher (#32502)
  fix: Message update being broadcasted without updated values (#32472)
  test: make api teams test fully independent (#31756)
  test: Fix test name (#32490)
  fix: streams being called with no logged user (#32489)
  feat: Un-encrypted messages not allowed in E2EE rooms (#32040)
  feat(UiKit): Users select (#31455)
  fix: Re-login same browser tab issues (#32479)
  chore: move all webclient code out of the COSS folders (#32273)
  chore(deps): bump thehanimo/pr-title-checker from 1.3.7 to 1.4.1 (#30619)
  fix: Don't show join default channels option for edit user form  (#31750)
  fix: CAS user merge not working (#32444)
  fix: Overriding Retention Policy not working (#32454)
  fix: `rooms.export` endpoint generates an empty export when given an invalid date (#32364)
  fix: "Allow Password Change for OAuth Users" setting is not honored in the "Forgot Password" flow (#32398)
  fix: Bypass trash when removing OTR system messages and read receipts (#32269)
  fix: Monitors dissapearing from Unit upon edit (#32393)
  fix: Link image preview not opening in gallery (#32391)
  feat: Allow visitors & integrations to access downloaded files after a room has closed (#32439)
  regression: Users tab misaligned (#32451)
  ...
@daniel-q daniel-q mentioned this pull request May 30, 2024
Open
matheusbsilva137 added a commit that referenced this pull request May 31, 2024
@matheusbsilva137
fix: "Allow Password Change for OAuth Users" setting is not honored i…
3701be9 
…n the "Forgot Password" flow (#32398)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@MarcosSpessatto MarcosSpessatto MarcosSpessatto left review comments

@dougfabris dougfabris dougfabris approved these changes

@KevLehman KevLehman KevLehman approved these changes

Assignees
No one assigned
Labels
stat: QA assured Means it has been tested and approved by a company insider stat: ready to merge PR tested and approved waiting for merge
Projects
None yet
Milestone
6.9
Development

Successfully merging this pull request may close these issues.
5 participants
@matheusbsilva137 @KevLehman @MarcosSpessatto @dougfabris @jessicaschelly