From b4cbe603fd006db69d81b6ac3965c24891b73ab3 Mon Sep 17 00:00:00 2001
From: rkorytkowski <rafal.korytkowski@gmail.com>
Date: Thu, 25 Apr 2024 14:07:57 +0200
Subject: [PATCH] TRUNK-6228 Protect admin credentials not working if username
 not set to admin

---
 api/src/main/java/org/openmrs/api/impl/UserServiceImpl.java | 2 +-
 api/src/test/java/org/openmrs/api/UserServiceTest.java      | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/api/src/main/java/org/openmrs/api/impl/UserServiceImpl.java b/api/src/main/java/org/openmrs/api/impl/UserServiceImpl.java
index 202135a91c93..c63b1a3dde73 100644
--- a/api/src/main/java/org/openmrs/api/impl/UserServiceImpl.java
+++ b/api/src/main/java/org/openmrs/api/impl/UserServiceImpl.java
@@ -652,7 +652,7 @@ public void changePassword(User user, String oldPassword, String newPassword) th
 			throw new APIException("new.password.equal.to.old", (Object[]) null);
 		}
 		
-		if ("admin".equals(user.getUsername()) && Boolean.parseBoolean(
+		if ("admin".equals(user.getSystemId()) && Boolean.parseBoolean(
 			Context.getRuntimeProperties().getProperty(ADMIN_PASSWORD_LOCKED_PROPERTY, "false"))) {
 			throw new APIException("admin.password.is.locked");
 		}
diff --git a/api/src/test/java/org/openmrs/api/UserServiceTest.java b/api/src/test/java/org/openmrs/api/UserServiceTest.java
index 1b3b1bc61263..f876fc3b80ed 100644
--- a/api/src/test/java/org/openmrs/api/UserServiceTest.java
+++ b/api/src/test/java/org/openmrs/api/UserServiceTest.java
@@ -399,7 +399,7 @@ public void changePassword_shouldRespectLockingViaRuntimeProperty() {
 		assertThat("admin", is(Context.getAuthenticatedUser().getUsername()));
 		User u = userService.getUserByUsername(ADMIN_USERNAME);
 		
-		assertThat(u.isSuperUser(), is(true));
+		assertThat(u.getSystemId(), is("admin"));
 
 		Properties props = Context.getRuntimeProperties();
 		props.setProperty(UserService.ADMIN_PASSWORD_LOCKED_PROPERTY, "true");