From 0c73e6737204d689db84e01724f46a578ca015ec Mon Sep 17 00:00:00 2001 From: gerbermichi Date: Mon, 5 Jan 2015 14:07:03 +0100 Subject: [PATCH] a disabled user should not receive an email to reset the password --- .../keycloak/services/resources/LoginActionsService.java | 5 ++++- .../keycloak/services/resources/admin/UsersResource.java | 6 +++++- 2 files changed, 9 insertions(+), 2 deletions(-) diff --git a/services/src/main/java/org/keycloak/services/resources/LoginActionsService.java b/services/src/main/java/org/keycloak/services/resources/LoginActionsService.java index b9704717b1..94268c828d 100755 --- a/services/src/main/java/org/keycloak/services/resources/LoginActionsService.java +++ b/services/src/main/java/org/keycloak/services/resources/LoginActionsService.java @@ -816,7 +816,10 @@ public class LoginActionsService { if (user == null) { event.error(Errors.USER_NOT_FOUND); - } else { + } + else if(!user.isEnabled()) { + event.error(Errors.USER_DISABLED); + }else{ UserSessionModel userSession = session.sessions().createUserSession(realm, user, username, clientConnection.getRemoteAddr(), "form", false); event.session(userSession); TokenManager.attachClientSession(userSession, clientSession); diff --git a/services/src/main/java/org/keycloak/services/resources/admin/UsersResource.java b/services/src/main/java/org/keycloak/services/resources/admin/UsersResource.java index 23147421bc..810f3d7519 100755 --- a/services/src/main/java/org/keycloak/services/resources/admin/UsersResource.java +++ b/services/src/main/java/org/keycloak/services/resources/admin/UsersResource.java @@ -686,7 +686,11 @@ public class UsersResource { UserModel user = session.users().getUserByUsername(username, realm); if (user == null) { - throw new NotFoundException("User not found"); + return Flows.errors().error("User not found", Response.Status.NOT_FOUND); + } + + if (!user.isEnabled()) { + return Flows.errors().error("User is disabled", Response.Status.BAD_REQUEST); } if (user.getEmail() == null) {