From d532060c50e1e13a86daea1720f5df045faeb3b7 Mon Sep 17 00:00:00 2001
From: Abhishek K <32607604+abhishek9686@users.noreply.github.com>
Date: Tue, 27 Aug 2024 13:36:53 +0530
Subject: [PATCH] Net 1227 v2 (#3075)

* add list roles to pro and ce

* if not pro set user role to admin

* validate update user

* add separate validation check for password on update
---
 logic/auth.go | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/logic/auth.go b/logic/auth.go
index 65e3a5d76..d0642cff0 100644
--- a/logic/auth.go
+++ b/logic/auth.go
@@ -282,6 +282,9 @@ func UpdateUser(userchange, user *models.User) (*models.User, error) {
 		user.UserName = userchange.UserName
 	}
 	if userchange.Password != "" {
+		if len(userchange.Password) < 5 {
+			return &models.User{}, errors.New("password requires min 5 characters")
+		}
 		// encrypt that password so we never see it again
 		hash, err := bcrypt.GenerateFromPassword([]byte(userchange.Password), 5)
 
@@ -306,8 +309,11 @@ func UpdateUser(userchange, user *models.User) (*models.User, error) {
 	}
 	user.UserGroups = userchange.UserGroups
 	user.NetworkRoles = userchange.NetworkRoles
-
-	if err := database.DeleteRecord(database.USERS_TABLE_NAME, queryUser); err != nil {
+	err = ValidateUser(user)
+	if err != nil {
+		return &models.User{}, err
+	}
+	if err = database.DeleteRecord(database.USERS_TABLE_NAME, queryUser); err != nil {
 		return &models.User{}, err
 	}
 	data, err := json.Marshal(&user)