Disallow Updating of Federated User's Passwords (#444)

* Disallow editing passwords for federated users.

classes/XDUser.php

@@ -7,6 +7,7 @@
 use Models\Acl;
 use Models\Services\Acls;
 use User\aRole;
+use DataWarehouse\Query\Exceptions\AccessDeniedException;
 
 /**
  * XDMoD Portal User
@@ -544,9 +545,11 @@ public static function getUserByID($uid, &$targetInstance = NULL)
 
     public function setPassword($raw_password)
     {
+        if ($this->getUserType() === FEDERATED_USER_TYPE) {
+            throw new AccessDeniedException("Permission Denied. Only local accounts may have their passwords modified.");
+        }
 
         return $this->_password = $raw_password;
-
     }//setPassword
 
     // ---------------------------