Strolch
/
strolch
mirror of https://github.com/strolch-li/strolch.git
1
1
Fork 0
Code Issues Packages Projects Releases Wiki Activity

[Fix] don't persist set password if don't have privilege

This commit is contained in:
Robert von Burg 2018-03-29 16:56:24 +02:00
parent 9038042f34
commit 5b6183319c
1 changed files with 7 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
li.strolch.service/src/main/java/li/strolch/service/privilege/users/PrivilegeSetUserPasswordService.java
View File

@ -46,9 +46,14 @@ public class PrivilegeSetUserPasswordService extends AbstractService<PrivilegeSe
li.strolch.runtime.privilege.PrivilegeHandler strolchPrivilegeHandler = getContainer().getPrivilegeHandler();
PrivilegeHandler privilegeHandler = strolchPrivilegeHandler.getPrivilegeHandler();
privilegeHandler.setUserPassword(getCertificate(), arg.username, arg.password);
privilegeHandler.persist(getCertificate());
// only persist if not setting own password
if (!getCertificate().getUsername().equals(arg.username) && getPrivilegeContext().getPrivilegeNames()
.contains(PrivilegeHandler.PRIVILEGE_ACTION_PERSIST)) {
privilegeHandler.persist(getCertificate());
}
try (StrolchTransaction tx = openArgOrUserTx(arg, PrivilegeHandler.PRIVILEGE_SET_USER_PASSWORD)) {
tx.setSuppressAudits(true);