Merge pull request #508 from elixir-luxembourg/hot-fix/contact-oidc

verify that users cannot change the oidc of a contact
elixir-luxembourg · May 23, 2024 · 2499b90 · 2499b90
2 parents 5b3f164 + 53384ed
commit 2499b90
Showing 1 changed file with 7 additions and 2 deletions.
diff --git a/core/forms/contact.py b/core/forms/contact.py
@@ -1,4 +1,4 @@
-from django.forms import ModelForm, ChoiceField, Form
+from django.forms import ModelForm, ChoiceField, Form, ValidationError
 
 from core.models import Contact
 
@@ -7,7 +7,7 @@ class ContactForm(ModelForm):
     class Meta:
         model = Contact
         fields = "__all__"
-        exclude = []
+        exclude = ["oidc_id"]
 
     def __init__(self, *args, **kwargs):
         super().__init__(*args, **kwargs)
@@ -22,6 +22,11 @@ def __init__(self, *args, **kwargs):
         "phone",
     ]
 
+    def clean_oidc_id(self):
+        # if the user is trying to change the oidc_id, raise an error
+        if self.cleaned_data["oidc_id"]:
+            raise ValidationError("You cannot set the OIDC ID of a contact.")
+
 
 class PickContactForm(Form):
     def __init__(self, *args, **kwargs):