From ca68a5303b6890cc4d8f6136132bde1dc1a0e6df Mon Sep 17 00:00:00 2001
From: neil_a_wilson <neil_a_wilson@localhost>
Date: Mon, 30 Oct 2006 23:14:29 +0000
Subject: [PATCH] Update the modify operation to fix two problems:

---
 opends/src/server/org/opends/server/core/ModifyOperation.java |   22 +++++++++++++++++++++-
 1 files changed, 21 insertions(+), 1 deletions(-)

diff --git a/opends/src/server/org/opends/server/core/ModifyOperation.java b/opends/src/server/org/opends/server/core/ModifyOperation.java
index 7c5669c..4767e51 100644
--- a/opends/src/server/org/opends/server/core/ModifyOperation.java
+++ b/opends/src/server/org/opends/server/core/ModifyOperation.java
@@ -836,6 +836,25 @@
       }
 
 
+      // If the user must change their password before doing anything else, and
+      // if the target of the modify operation isn't the user's own entry, then
+      // reject the request.
+      if (clientConnection.mustChangePassword())
+      {
+        DN authzDN = getAuthorizationDN();
+        if ((authzDN != null) && (! authzDN.equals(entryDN)))
+        {
+          // The user will not be allowed to do anything else before
+          // the password gets changed.
+          setResultCode(ResultCode.UNWILLING_TO_PERFORM);
+
+          int msgID = MSGID_MODIFY_MUST_CHANGE_PASSWORD;
+          appendErrorMessage(getMessage(msgID));
+          break modifyProcessing;
+        }
+      }
+
+
       // Check for and handle a request to cancel this operation.
       if (cancelRequest != null)
       {
@@ -1283,7 +1302,8 @@
             pwPolicyState.clearGraceLoginTimes();
             pwPolicyState.clearWarnedTime();
 
-            if (pwPolicyState.forceChangeOnReset())
+            if (pwPolicyState.forceChangeOnAdd() ||
+                pwPolicyState.forceChangeOnReset())
             {
               pwPolicyState.setMustChangePassword(! selfChange);
             }

--
Gitblit v1.10.0