From cc32bfd5cfa0b1c8a11fd0daaee9ed9ab7ca76b3 Mon Sep 17 00:00:00 2001
From: Sachin Maheshwari <sachin.maheshwari@topcoder.com>
Date: Thu, 8 Oct 2020 17:00:20 +0530
Subject: [PATCH] restricting sso user to reset password

---
 .../tech/core/service/identity/resource/UserResource.java    | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/src/main/java/com/appirio/tech/core/service/identity/resource/UserResource.java b/src/main/java/com/appirio/tech/core/service/identity/resource/UserResource.java
index b4f7fcf..d1fbf0b 100644
--- a/src/main/java/com/appirio/tech/core/service/identity/resource/UserResource.java
+++ b/src/main/java/com/appirio/tech/core/service/identity/resource/UserResource.java
@@ -820,6 +820,11 @@ public ApiResponse changePassword(
           throw new APIRuntimeException(SC_UNAUTHORIZED, "Credentials are incorrect.");
       }
 
+      // SSO users can't reset their password.
+      List<UserProfile> ssoProfiles = userDao.getSSOProfiles(Utils.toLongValue(user.getId()));
+      if(ssoProfiles!=null && ssoProfiles.size()>0)
+          throw new APIRuntimeException(HttpURLConnection.HTTP_FORBIDDEN, MSG_TEMPLATE_NOT_ALLOWED_TO_RESET_PASSWORD);
+
       String error = user.validatePassoword();
       if (error != null) {
           throw new APIRuntimeException(SC_BAD_REQUEST, error);