Page MenuHomePhabricator

Allow passwords to be edited even if `account.editable` is `false`
ClosedPublic

Authored by epriestley on Aug 21 2014, 7:45 PM.
Tags
None
Referenced Files
Unknown Object (File)
Fri, Dec 13, 6:20 AM
Unknown Object (File)
Sun, Nov 24, 9:26 PM
Unknown Object (File)
Nov 10 2024, 9:19 PM
Unknown Object (File)
Nov 10 2024, 9:10 PM
Unknown Object (File)
Oct 28 2024, 5:36 PM
Unknown Object (File)
Oct 11 2024, 2:50 PM
Unknown Object (File)
Oct 3 2024, 11:58 AM
Unknown Object (File)
Sep 20 2024, 8:32 PM
Subscribers

Details

Summary

Fixes T5900. We have some very old code here which does not let you update your password if the account.editable flag is set.

This was approximately introduced in D890, and I think it was mostly copy/pasted at that point. I'm not sure this ever really made sense. The option is not documented as affecting this, for example. In the modern environment of auth providers, it definitely does not make sense.

Instead, always allow users to change passwords if the install has a password provider configured.

Test Plan
  • Set account.editable to false.
  • Used a password reset link.

Diff Detail

Repository
rP Phabricator
Lint
Lint Skipped
Unit
Tests Skipped

Event Timeline

epriestley retitled this revision from to Allow passwords to be edited even if `account.editable` is `false`.
epriestley updated this object.
epriestley edited the test plan for this revision. (Show Details)
epriestley added a reviewer: btrahan.
btrahan edited edge metadata.
This revision is now accepted and ready to land.Aug 21 2014, 10:26 PM
epriestley updated this revision to Diff 24875.

Closed by commit rP4a566f9e5d8d (authored by @epriestley).