change update profile API to bypass updation using client id and secr…

…et key (#532) Co-authored-by: Muhammad Faraz Maqsood <faraz.maqsood@A006-01130.local>
edly-io · Apr 17, 2024 · f14f115 · f14f115
1 parent b676d3c
commit f14f115
Showing 1 changed file with 3 additions and 2 deletions.
diff --git a/openedx/core/djangoapps/user_api/accounts/api.py b/openedx/core/djangoapps/user_api/accounts/api.py
@@ -136,8 +136,9 @@ def update_account_settings(requesting_user, update, username=None):
     # Get user
     if username is None:
         username = requesting_user.username
-    if requesting_user.username != username:
-        raise errors.UserNotAuthorized()
+    # For SDAIA, for the time being until SAML functionality is not implemented.
+    # if requesting_user.username != username:
+    #     raise errors.UserNotAuthorized()
     user, user_profile = _get_user_and_profile(username)
 
     # Validate fields to update