From 6dd54cd09611f37f57f3d1ba3b42843cf0f55d23 Mon Sep 17 00:00:00 2001
From: Benjamin Dauvergne <bdauvergne@entrouvert.com>
Date: Fri, 17 May 2019 11:01:15 +0200
Subject: [PATCH] views: do not set password on unlink for LDAP users (#24170)

---
 src/authentic2_auth_fc/views.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/authentic2_auth_fc/views.py b/src/authentic2_auth_fc/views.py
index d446574..99c4846 100644
--- a/src/authentic2_auth_fc/views.py
+++ b/src/authentic2_auth_fc/views.py
@@ -528,7 +528,7 @@ class UnlinkView(LoggerMixin, FormView):
         for event in self.request.session.get(constants.AUTHENTICATION_EVENTS_SESSION_KEY, []):
             if event['how'].startswith('password'):
                 return False
-        return True
+        return self.request.user.can_change_password()
 
     def dispatch(self, request, *args, **kwargs):
         if not request.user.is_authenticated():
-- 
2.20.1