prevent global only user to reset password aces#1391

MontrealSergiy · Oct 16, 2024 · db86ba8 · db86ba8
1 parent eafabe2
commit db86ba8
Showing 1 changed file with 8 additions and 1 deletion.
diff --git a/BrainPortal/app/controllers/users_controller.rb b/BrainPortal/app/controllers/users_controller.rb
@@ -384,8 +384,15 @@ def request_password #:nodoc:
 
   def send_password #:nodoc:
     @user = User.where( :login  => params[:login], :email  => params[:email] ).first
-
     if @user
+      if user_must_link_to_globus?(@user)
+        cb_error "Your account can only authenticate with Globus identities.", :redirect => user_path(current_user)
+        respond_to do |format|
+          format.html { redirect_to :controller => :sessions, :action  => :mandatory_globus }
+          format.any { head :unauthorized }
+        end
+        return
+      end
       if @user.account_locked?
         contact = RemoteResource.current_resource.support_email.presence || User.admin.email.presence || "the support staff"
         flash[:error] = "This account is locked, please write to #{contact} to get this account unlocked."