fix #337 reset user password (#340)

dshao · web-flow · commit dbb02e6bc4e3 · 2025-02-25T14:19:46.000-05:00
diff --git a/pegr/grails-app/controllers/pegr/admin/UserAdminController.groovy b/pegr/grails-app/controllers/pegr/admin/UserAdminController.groovy
@@ -9,6 +9,7 @@ import pegr.UserException
 import grails.converters.*
 import grails.util.Holders
 import groovy.json.*
+import pegr.PasswordRegistrationCommand
 
 class UserAdminController {
 	public static AdminCategory category = AdminCategory.OTHER
@@ -255,6 +256,35 @@ class UserAdminController {
         outs.close()
 
     }
+    
+    def updateUserPassword(Long userId) {
+        def user = User.get(userId)
+        render(view: "updateUserPassword", model: [user: user])
+    }
+    
+    def saveUserPassword() {
+        if(request.method=='POST') {
+            withForm {
+                def userId = params.userId as Long
+                def user = User.get(userId)
+                
+                if (user == null) {
+                    flash.message = "User not found!"
+                    redirect(controller: "userAdmin", action: "index")
+                }
+                
+                try {
+                    def urc = new PasswordRegistrationCommand(password: params.password, passwordRepeat: params.passwordRepeat) 
+                    userService.updatePassword(user, urc)
+                    flash.message = "The password for ${user.username} has been changed."
+                    redirect(controller: "userAdmin", action: "index")
+                } catch (Exception e) {
+                    request.message = e.message
+                    render(view: "updateUserPassword", model: [user: user])
+                }
+            }
+        } 
+    }
 }
 
 class CreateUserCommand implements grails.validation.Validateable {
diff --git a/pegr/grails-app/services/pegr/UserService.groovy b/pegr/grails-app/services/pegr/UserService.groovy
@@ -186,7 +186,7 @@ class UserService {
     def updatePassword(User user, PasswordRegistrationCommand urc) {
         urc.validate()
         if (urc.hasErrors()) {
-            throw new UserException(message: "Invalid input!")
+            throw new UserException(message: "Invalid password!")
         } else {                                   
             user.password = springSecurityService.encodePassword(urc.password)
             user.save()
diff --git a/pegr/grails-app/views/userAdmin/index.gsp b/pegr/grails-app/views/userAdmin/index.gsp
@@ -66,6 +66,7 @@
                             <th>Group</th>
                             <th>Status</th>
                             <th>Edit</th>
+                            <th>Reset password</th>
                         </tr>
                     </thead>
                     <tbody>
@@ -85,6 +86,7 @@
                                     </g:else>
                                 </td>
                                 <td><g:link action="edit" params="[userId:it.id]">Edit</g:link></td>
+                                <td><g:link action="updateUserPassword" params="[userId:it.id]">Reset password</g:link></td>
                             </tr>
                         </g:each>
                     </tbody>
diff --git a/pegr/grails-app/views/userAdmin/updateUserPassword.gsp b/pegr/grails-app/views/userAdmin/updateUserPassword.gsp
@@ -0,0 +1,35 @@
+<html>
+    <head>
+        <title>PEGR Admin - User</title>
+        <meta name="layout" content="admin"/>
+    </head>
+    <body>
+        <div class="container-fluid">
+            <g:if test="${request.message}">
+                <div class="alert alert-danger">${request.message}</div>
+            </g:if>
+            <h3>Reset password for username ${user.username}</h3>
+            <p>The password should have</p>
+            <ol>
+                <li>minimum eight characters</li>
+                <li>at least one upper case English letter</li>
+                <li>at least one lower case English letter</li>
+                <li>at least one digit</li>
+                <li>at least one special character, such as #?!@$%^&amp;*-_</li>
+            </ol>  
+            <g:form controller="userAdmin" action="saveUserPassword" class="fields" useToken="true">
+                <input type="hidden" name="userId" value="${user.id}">
+                <div>
+                    <label>New Password</label>
+                    <g:passwordField name="password"></g:passwordField>
+                </div>
+                <div>
+                    <label>Re-enter Password</label>
+                    <g:passwordField name="passwordRepeat"></g:passwordField>
+                </div>
+                <g:submitButton name="submit" value="Reset" class="btn btn-primary"></g:submitButton>
+                <g:link controller="userAdmin" action="index" class="btn btn-default">Cancel</g:link>
+            </g:form>
+        </div>        
+    </body>
+</html>
