From 4648661ce67c1072e752de0508871c61f418e1ca Mon Sep 17 00:00:00 2001
From: Jessica Lawshe <5312836+lawshe@users.noreply.github.com>
Date: Tue, 17 Jun 2025 09:26:26 -0500
Subject: [PATCH] Merge pull request #26449 from
 overleaf/jel-password-reset-err-msg

[web] Fix message check when managed user linked to SSO tries to reset password

GitOrigin-RevId: f271cd38484c48418f60c28eab2c4863d2984313
---
 .../src/Features/PasswordReset/PasswordResetController.mjs  | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/services/web/app/src/Features/PasswordReset/PasswordResetController.mjs b/services/web/app/src/Features/PasswordReset/PasswordResetController.mjs
index b7fc2da9c8..771782c302 100644
--- a/services/web/app/src/Features/PasswordReset/PasswordResetController.mjs
+++ b/services/web/app/src/Features/PasswordReset/PasswordResetController.mjs
@@ -119,7 +119,11 @@ async function requestReset(req, res, next) {
     OError.tag(err, 'failed to generate and email password reset token', {
       email,
     })
-    if (err.message === 'user does not have permission for change-password') {
+
+    if (
+      err.message ===
+      'user does not have one or more permissions within change-password'
+    ) {
       return res.status(403).json({
         message: {
           key: 'no-password-allowed-due-to-sso',