diff --git a/src/main/java/ch/ethz/seb/sebserver/webservice/weblayer/api/UserAccountController.java b/src/main/java/ch/ethz/seb/sebserver/webservice/weblayer/api/UserAccountController.java index bc96ec4b..a52326f8 100644 --- a/src/main/java/ch/ethz/seb/sebserver/webservice/weblayer/api/UserAccountController.java +++ b/src/main/java/ch/ethz/seb/sebserver/webservice/weblayer/api/UserAccountController.java @@ -117,7 +117,8 @@ public class UserAccountController extends ActivatableEntityController validForCreate(final UserMod userInfo) { return super.validForCreate(userInfo) - .flatMap(this::additionalConsistencyChecks); + .flatMap(this::additionalConsistencyChecks) + .flatMap(this::passwordMatch); } @Override @@ -151,6 +152,18 @@ public class UserAccountController extends ActivatableEntityController Result passwordMatch(final UserMod userInfo) { + if (!userInfo.newPasswordMatch()) { + throw new APIMessageException(APIMessage.fieldValidationError( + new FieldError( + "passwordChange", + PasswordChange.ATTR_NAME_CONFIRM_NEW_PASSWORD, + "user:confirmNewPassword:password.mismatch"))); + } + + return Result.of(userInfo); + } + /** Additional consistency checks that has to be checked before create and save actions */ private Result additionalConsistencyChecks(final T userInfo) { return Result.tryCatch(() -> { @@ -217,7 +230,7 @@ public class UserAccountController extends ActivatableEntityController