refactor: admin users must have a non-empty password

author: cvium <clausvium@gmail.com> 2023-05-26 19:52:27 +0200
committer: cvium <clausvium@gmail.com> 2023-05-26 19:52:27 +0200
commit: 57d8452e2a093c733d25d662e72f43a4c4c55eea (patch)
tree: 788cd1bc025610160e24dedde00a9b44dc68d0bc /Jellyfin.Server.Implementations/Users/UserManager.cs
parent: 4a9bcbd626b6e7842902a77d4160fa300e6441f6 (diff)
1 files changed, 4 insertions, 0 deletions
diff --git a/Jellyfin.Server.Implementations/Users/UserManager.cs b/Jellyfin.Server.Implementations/Users/UserManager.cs
index c4756433e..04c3d8a70 100644
--- a/Jellyfin.Server.Implementations/Users/UserManager.cs
+++ b/Jellyfin.Server.Implementations/Users/UserManager.cs
@@ -278,6 +278,10 @@ namespace Jellyfin.Server.Implementations.Users
         public async Task ChangePassword(User user, string newPassword)
         {
             ArgumentNullException.ThrowIfNull(user);
+            if (user.HasPermission(PermissionKind.IsAdministrator) && string.IsNullOrWhiteSpace(newPassword))
+            {
+                throw new ArgumentException("Admin user passwords must not be empty", nameof(newPassword));
+            }
 
             await GetAuthenticationProvider(user).ChangePassword(user, newPassword).ConfigureAwait(false);
             await UpdateUserAsync(user).ConfigureAwait(false);
author	cvium <clausvium@gmail.com>	2023-05-26 19:52:27 +0200
committer	cvium <clausvium@gmail.com>	2023-05-26 19:52:27 +0200
commit	57d8452e2a093c733d25d662e72f43a4c4c55eea (patch)
tree	788cd1bc025610160e24dedde00a9b44dc68d0bc /Jellyfin.Server.Implementations/Users/UserManager.cs
parent	4a9bcbd626b6e7842902a77d4160fa300e6441f6 (diff)