Rocket.chat: Password is updated even if the password and confirm password are not equal
Description:
A user can update the password from Update Profile section even if the password and confirm password fields are not equal. It takes the newly updated password as the input password field ignoring the value of input confirm-password field.
Gif for the issue:
Steps to reproduce:
- Go to My accounts.
- Click on Profile
- Enter different values of password and confirm password.
- Click "Save Changes" button.
- Enter current password.
- Click Save.
- Boom. You get password updated toast message and your password is updated.
Expected behavior:
It should not be able to update profile if password and confirm mismatch occur.
Actual behavior:
It's updating the password even if the password and confirm password fields are not equal.
Server Setup Information:
- Version of Rocket.Chat Server: 3.0.0-develop
- Operating System: ubuntu
- Deployment Method: meteor
- NodeJS Version: 8.16.2 - x64
- MongoDB Version: 4.0.6
Additional context
I am working on it.
ashwaniYDV
All 5 comments
Hey @sampaiodiego ,Can i work on this issue?
yashrajbothra
on 28 Dec 2019
@yashrajbothra I have already made the pull request.
There's a suggestion mate, you can check the "Addittional context" of the issue to see if the person is working on that issue or not 馃槈
ashwaniYDV
on 28 Dec 2019
Okay @ashwaniYDV Thanks, I will keep that in mind.
yashrajbothra
on 28 Dec 2019
@sampaiodiego I have made the pull request for this issue.
https://github.com/RocketChat/Rocket.Chat/pull/16060
ashwaniYDV
on 28 Dec 2019
@gabriellsh Hello sir. I have already made the pull request. Would you please review this #16060.
ashwaniYDV
on 7 Jan 2020
Related issues
royalaid
路
3Comments
brendanheywood
路
3Comments
neha1deshmukh
路
3Comments
karlprieb
路
3Comments
danpospisil
路
3Comments