Update:Guest user accounts cannot change the account password #537

2025-01-03 00:06:46 +01:00 · 2022-04-29 18:38:13 -05:00 · 2022-04-29 18:38:13 -05:00 · 049ae73d74
commit 049ae73d74
parent 729fdd5c9f
3 changed files with 12 additions and 2 deletions
--- a/client/pages/account.vue
+++ b/client/pages/account.vue
@ -15,8 +15,8 @@
        <div class="w-full h-px bg-primary my-4" />
-        <p class="mb-4 text-lg">Change Password</p>
+        <p v-if="!isGuest" class="mb-4 text-lg">Change Password</p>
-        <form @submit.prevent="submitChangePassword">
+        <form v-if="!isGuest" @submit.prevent="submitChangePassword">
          <ui-text-input-with-label v-model="password" :disabled="changingPassword" type="password" label="Password" class="my-2" />
          <ui-text-input-with-label v-model="newPassword" :disabled="changingPassword" type="password" label="New Password" class="my-2" />
          <ui-text-input-with-label v-model="confirmPassword" :disabled="changingPassword" type="password" label="Confirm Password" class="my-2" />
@ -60,6 +60,9 @@ export default {
    },
    isRoot() {
      return this.usertype === 'root'
    },
    isGuest() {
      return this.usertype === 'guest'
    }
  },
  methods: {
--- a/server/controllers/MeController.js
+++ b/server/controllers/MeController.js
@ -133,6 +133,10 @@ class MeController {
  // PATCH: api/me/password
  updatePassword(req, res) {
    if (req.user.isGuest) {
      Logger.error(`[MeController] Guest user attempted to change password`, req.user.username)
      return res.sendStatus(500)
    }
    this.auth.userChangePassword(req, res)
  }
--- a/server/objects/user/User.js
+++ b/server/objects/user/User.js
@ -33,6 +33,9 @@ class User {
  get isAdmin() {
    return this.type === 'admin'
  }
  get isGuest() {
    return this.type === 'guest'
  }
  get isAdminOrUp() {
    return this.isAdmin || this.isRoot
  }