From dfb056d200fbe139837d8044ae016700787c9342 Mon Sep 17 00:00:00 2001
From: Matthew Jones <mat@matburt.net>
Date: Mon, 16 Nov 2015 10:07:20 -0500
Subject: [PATCH] Disallow changing a users password for social auth

---
 awx/api/serializers.py | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/awx/api/serializers.py b/awx/api/serializers.py
index 3157081193..1ab055d8af 100644
--- a/awx/api/serializers.py
+++ b/awx/api/serializers.py
@@ -630,6 +630,12 @@ class UserSerializer(BaseSerializer):
                     new_password = None
             except AttributeError:
                 pass
+        if (getattr(settings, 'SOCIAL_AUTH_GOOGLE_OAUTH2_KEY', None) or
+                getattr(settings, 'SOCIAL_AUTH_GITHUB_KEY', None) or
+                getattr(settings, 'SOCIAL_AUTH_GITHUB_ORG_KEY', None) or
+                getattr(settings, 'SOCIAL_AUTH_GITHUB_TEAM_KEY', None) or
+                getattr(settings, 'SOCIAL_AUTH_SAML_ENABLED_IDPS', None)) and obj.social_auth.all():
+            new_password = None
         if new_password:
             obj.set_password(new_password)
         if not obj.password: