@ -5,7 +5,7 @@ import React from 'react';
import { defineMessages , useIntl } from 'react-intl' ;
import { defineMessages , useIntl } from 'react-intl' ;
import { useToasts } from 'react-toast-notifications' ;
import { useToasts } from 'react-toast-notifications' ;
import useSWR from 'swr' ;
import useSWR from 'swr' ;
import { useUser } from '../../../../hooks/useUser' ;
import { Permission, useUser } from '../../../../hooks/useUser' ;
import Error from '../../../../pages/_error' ;
import Error from '../../../../pages/_error' ;
import Alert from '../../../Common/Alert' ;
import Alert from '../../../Common/Alert' ;
import Button from '../../../Common/Button' ;
import Button from '../../../Common/Button' ;
@ -33,6 +33,9 @@ const messages = defineMessages({
nopasswordsetDescription :
nopasswordsetDescription :
' This user account currently does not have a password specifically for { applicationTitle } . \
' This user account currently does not have a password specifically for { applicationTitle } . \
Configure a password below to enable this account to sign in as a "local user." ' ,
Configure a password below to enable this account to sign in as a "local user." ' ,
nopermission : 'No Permission' ,
nopermissionDescription :
"You do not have permission to modify this user's password." ,
} ) ;
} ) ;
const UserPasswordChange : React.FC = ( ) = > {
const UserPasswordChange : React.FC = ( ) = > {
@ -41,14 +44,14 @@ const UserPasswordChange: React.FC = () => {
const { addToast } = useToasts ( ) ;
const { addToast } = useToasts ( ) ;
const router = useRouter ( ) ;
const router = useRouter ( ) ;
const { user : currentUser } = useUser ( ) ;
const { user : currentUser } = useUser ( ) ;
const { user } = useUser ( { id : Number ( router . query . userId ) } ) ;
const { user , hasPermission } = useUser ( { id : Number ( router . query . userId ) } ) ;
const { data , error , revalidate } = useSWR < { hasPassword : boolean } > (
const { data , error , revalidate } = useSWR < { hasPassword : boolean } > (
user ? ` /api/v1/user/ ${ user ? . id } /settings/password ` : null
user ? ` /api/v1/user/ ${ user ? . id } /settings/password ` : null
) ;
) ;
const PasswordChangeSchema = Yup . object ( ) . shape ( {
const PasswordChangeSchema = Yup . object ( ) . shape ( {
currentPassword : Yup.lazy ( ( ) = >
currentPassword : Yup.lazy ( ( ) = >
data ? . hasPassword
data ? . hasPassword && currentUser ? . id === user ? . id
? Yup . string ( ) . required (
? Yup . string ( ) . required (
intl . formatMessage ( messages . validationCurrentPassword )
intl . formatMessage ( messages . validationCurrentPassword )
)
)
@ -73,6 +76,23 @@ const UserPasswordChange: React.FC = () => {
return < Error statusCode = { 500 } / > ;
return < Error statusCode = { 500 } / > ;
}
}
if (
currentUser ? . id !== user ? . id &&
hasPermission ( Permission . ADMIN ) &&
currentUser ? . id !== 1
) {
return (
< >
< div className = "mb-6" >
< h3 className = "heading" > { intl . formatMessage ( messages . password ) } < / h3 >
< / div >
< Alert title = { intl . formatMessage ( messages . nopermission ) } type = "error" >
{ intl . formatMessage ( messages . nopermissionDescription ) }
< / Alert >
< / >
) ;
}
return (
return (
< >
< >
< div className = "mb-6" >
< div className = "mb-6" >