The UPDATE_CREDENTIAL_BY_ADMIN events are triggered even when a non admin user(end user) updates the credentials

[tharakawijekoon]

Describe the issue: The UPDATE_CREDENTIAL_BY_ADMIN events are triggered even when a non-admin user updates the credentials. For the following scenarios

• End user set password via forgot password feature
• End user set password via SCIM /Me PATCH

The PRE_UPDATE_CREDENTIAL_BY_ADMIN event gets triggered

How to reproduce:

• Reset the password using forget password[1], the PRE and POST UPDATE_CREDENTIAL_BY_ADMIN events are triggered.
• Reset the password using scim2/Me PATCH, again the PRE and POST UPDATE_CREDENTIAL_BY_ADMIN events are triggered.

  curl --location --request PATCH 'https://localhost:9443/scim2/Me' \
  --header 'Content-Type: application/scim+json' \
  --header 'Authorization: Basic dGhhcmFrYToxMjNhYmNk' \
  --data-raw '{
  "Operations":[
    {
       "op":"add",
       "value":{
          "password":"123abcd"
       }
    }
  ],
  "schemas":[
    "urn:ietf:params:scim:api:messages:2.0:PatchOp"
  ]
  }'

  In the audit log the following is recorded. The Action=Change-Password-by-Administrator is wrong for the case of password update from SCIM2/Me endpoint.

  TID: [-1234] [2021-04-23 11:00:04,331] [bc8626f3-c538-4bd0-a6a9-5361f3050278]  INFO {AUDIT_LOG} - Initiator=tharaka@carbon.super Action=Change-Password-by-Administrator Target=tharaka Data={"UserName":"tharaka"} Outcome=Success

Expected behavior: For the above two scenarios, the normal UPDATE_CREDENTIAL events should get triggered.

• PRE_UPDATE_CREDENTIAL
• POST_UPDATE_CREDENTIAL

Environment information :

• Product Version: [IS 5.10.0]

[isharak]

This issue is being closed due to extended inactivity. Please feel free to reopen it if further attention is needed. Thank you for helping us keep the issue list relevant and focused!