fix(admin): add restriction about admin modify their password

apache · Feb 23, 2023 · 15390ad · 15390ad
1 parent 66510fc
commit 15390ad
Show file tree

Hide file tree

Showing 3 changed files with 7 additions and 0 deletions.
diff --git a/i18n/en_US.yaml b/i18n/en_US.yaml
@@ -35,6 +35,8 @@ backend:
     other: Email and password do not match.
   error:
     admin:
+      cannot_update_their_password:
+        other: You cannot modify your password.
       email_or_password_wrong:
         other: Email and password do not match.
     answer:

diff --git a/internal/base/reason/reason.go b/internal/base/reason/reason.go
@@ -64,4 +64,5 @@ const (
 	TagCannotSetSynonymAsItself      = "error.tag.cannot_set_synonym_as_itself"
 	NotAllowedRegistration           = "error.user.not_allowed_registration"
 	SMTPConfigFromNameCannotBeEmail  = "error.smtp.config_from_name_cannot_be_email"
+	AdminCannotUpdateTheirPassword   = "error.admin.cannot_update_their_password"
 )
diff --git a/internal/service/user_admin/user_backyard.go b/internal/service/user_admin/user_backyard.go
@@ -153,6 +153,10 @@ func (us *UserAdminService) AddUser(ctx context.Context, req *schema.AddUserReq)
 
 // UpdateUserPassword update user password
 func (us *UserAdminService) UpdateUserPassword(ctx context.Context, req *schema.UpdateUserPasswordReq) (err error) {
+	// Users cannot modify their password
+	if req.UserID == req.LoginUserID {
+		return errors.BadRequest(reason.AdminCannotUpdateTheirPassword)
+	}
 	userInfo, exist, err := us.userRepo.GetUserInfo(ctx, req.UserID)
 	if err != nil {
 		return err