From b92d9c60ca50732405a8bc0aae32dff7443198e1 Mon Sep 17 00:00:00 2001 From: Rory Powell Date: Wed, 8 Mar 2023 12:00:02 +0000 Subject: [PATCH] Don't require password on update if user doesn't have one (#9941) --- .../src/api/routes/global/tests/users.spec.ts | 15 +++++++++++++++ packages/worker/src/sdk/users/users.ts | 5 +++++ 2 files changed, 20 insertions(+) diff --git a/packages/worker/src/api/routes/global/tests/users.spec.ts b/packages/worker/src/api/routes/global/tests/users.spec.ts index 085c976649..d1afa0191e 100644 --- a/packages/worker/src/api/routes/global/tests/users.spec.ts +++ b/packages/worker/src/api/routes/global/tests/users.spec.ts @@ -4,6 +4,7 @@ jest.mock("nodemailer") import { TestConfiguration, mocks, structures } from "../../../../tests" const sendMailMock = mocks.email.mock() import { events, tenancy, accounts as _accounts } from "@budibase/backend-core" +import * as userSdk from "../../../../sdk/users" const accounts = jest.mocked(_accounts) @@ -468,6 +469,20 @@ describe("/api/global/users", () => { config.authHeaders(nonAdmin) ) }) + + describe("sso users", () => { + function createSSOUser() { + return config.doInTenant(() => { + const user = structures.users.ssoUser() + return userSdk.save(user, { requirePassword: false }) + }) + } + + it("should be able to update an sso user that has no password", async () => { + const user = await createSSOUser() + await config.api.users.saveUser(user) + }) + }) }) describe("POST /api/global/users/bulk (delete)", () => { diff --git a/packages/worker/src/sdk/users/users.ts b/packages/worker/src/sdk/users/users.ts index c686690367..135128d816 100644 --- a/packages/worker/src/sdk/users/users.ts +++ b/packages/worker/src/sdk/users/users.ts @@ -131,6 +131,11 @@ const buildUser = async ( ): Promise => { let { password, _id } = user + // don't require a password if the db user doesn't already have one + if (dbUser && !dbUser.password) { + opts.requirePassword = false + } + let hashedPassword if (password) { if (await isPreventPasswordActions(user)) {