From b518447b31108d94d6453c5e79af35dcc0031787 Mon Sep 17 00:00:00 2001
From: Victor Vrantchan <vrancean+github@gmail.com>
Date: Thu, 3 Nov 2016 12:50:32 -0400
Subject: [PATCH] correctly save user properties during ModifyUser call. (#395)

fixes #351

because RequestPasswordReset does it's own db query/save,
call it at the end, after all properties have already been saved.
---
 server/service/service_users.go | 21 ++++++++++-----------
 1 file changed, 10 insertions(+), 11 deletions(-)

diff --git a/server/service/service_users.go b/server/service/service_users.go
index 61586de363..7dd8b8b04f 100644
--- a/server/service/service_users.go
+++ b/server/service/service_users.go
@@ -71,15 +71,6 @@ func (svc service) ModifyUser(ctx context.Context, userID uint, p kolide.UserPay
 		user.GravatarURL = *p.GravatarURL
 	}
 
-	if p.AdminForcedPasswordReset != nil {
-		if *p.AdminForcedPasswordReset {
-			err = svc.RequestPasswordReset(ctx, user.Email)
-			if err != nil {
-				return nil, err
-			}
-		}
-	}
-
 	if p.Password != nil {
 		err := user.SetPassword(
 			*p.Password,
@@ -97,8 +88,16 @@ func (svc service) ModifyUser(ctx context.Context, userID uint, p kolide.UserPay
 		return nil, err
 	}
 
-	return user, nil
-
+	// https://github.com/kolide/kolide-ose/issues/351
+	// Calling this action last, because svc.RequestPasswordReset saves the
+	// user separately and we don't want to override the value set there
+	if p.AdminForcedPasswordReset != nil && *p.AdminForcedPasswordReset {
+		err = svc.RequestPasswordReset(ctx, user.Email)
+		if err != nil {
+			return nil, err
+		}
+	}
+	return svc.User(ctx, userID)
 }
 
 func (svc service) User(ctx context.Context, id uint) (*kolide.User, error) {