Consistently check whether a password may be set for a user. (#9636)

2025-05-05 02:05:00 -04:00 · 2021-03-18 17:54:08 +01:00 · 2021-03-18 17:54:08 +01:00 · 8dd2ea65a9
commit 8dd2ea65a9
parent dd71eb0f8a
5 changed files with 133 additions and 68 deletions
--- a/synapse/handlers/set_password.py
+++ b/synapse/handlers/set_password.py
@ -41,7 +41,7 @@ class SetPasswordHandler(BaseHandler):
        logout_devices: bool,
        requester: Optional[Requester] = None,
    ) -> None:
-        if not self.hs.config.password_localdb_enabled:
+        if not self._auth_handler.can_change_password():
            raise SynapseError(403, "Password change disabled", errcode=Codes.FORBIDDEN)

        try: