SAK-23737 - Bypass password validation when editing user details if u…

…ser password is externally managed - Committing patch provided by Chris Maurer git-svn-id: https://source.sakaiproject.org/svn/user/trunk@126569 66ffb92e-73f9-0310-93c1-f5514f145a0a
fk-snyk · Jul 1, 2013 · a456df9 · a456df9
1 parent ae0def6
commit a456df9
Showing 1 changed file with 35 additions and 16 deletions.
diff --git a/user/user-tool/tool/src/java/org/sakaiproject/user/tool/UsersAction.java b/user/user-tool/tool/src/java/org/sakaiproject/user/tool/UsersAction.java
@@ -23,6 +23,7 @@
 
 import java.io.InputStreamReader;
 import java.util.ArrayList;
+import java.util.Arrays;
 import java.util.Iterator;
 import java.util.LinkedHashMap;
 import java.util.List;
@@ -1285,23 +1286,27 @@ else if ((mode != null) && (mode.equalsIgnoreCase("edit")) && (!singleUser))
 				}
 			}
 
-      // make sure the old password matches, but don't check for super users
-      if (!SecurityService.isSuperUser()) {
-            if (!user.checkPassword(pwcur)) {
-              addAlert(state, rb.getString("usecre.curpass"));
-                      return false;
-            }
-      }
-
-			if (mode == null || !mode.equalsIgnoreCase("remove")) {
-				// make sure we have matching password fields
-				if (StringUtil.different(pw, pwConfirm))
-				{
-					addAlert(state, rb.getString("usecre.pass"));
-					return false;
+			//validate the password only for local users
+			if (!isProvidedType(user.getType())) {
+
+				// make sure the old password matches, but don't check for super users
+				if (!SecurityService.isSuperUser()) {
+					if (!user.checkPassword(pwcur)) {
+						addAlert(state, rb.getString("usecre.curpass"));
+						return false;
+					}
 				}
+
+				if (mode == null || !mode.equalsIgnoreCase("remove")) {
+					// make sure we have matching password fields
+					if (StringUtil.different(pw, pwConfirm))
+					{
+						addAlert(state, rb.getString("usecre.pass"));
+						return false;
+					}
 
-				if (pw != null) user.setPassword(pw);
+					if (pw != null) user.setPassword(pw);
+				}
 			}
 		}
 
@@ -1681,5 +1686,19 @@ private ImportedUser mapLine(String[] line, Map<Integer,String> mapping){
 		return u;
 	}
 
-
+	/**
+	 * Check to see if the type is in the list of known provided types
+	 * @param userType User's type
+	 * @return
+	 */
+	private boolean isProvidedType(String userType) {
+		boolean provided = false;
+		String[] providedTypes = ServerConfigurationService.getStrings("user.type.provided");
+		if (providedTypes != null && providedTypes.length > 0) {
+			List<String> typeList = Arrays.asList(providedTypes);
+			if (typeList.contains(userType))
+				provided = true;
+		}
+		return provided;
+	}
 }