Allow admin toggle forcing a password change for newly created users (#4563)

author: Lanre Adelowo <adelowomailbox@gmail.com> 2018-09-13 17:34:36 +0100
committer: techknowlogick <techknowlogick@users.noreply.github.com> 2018-09-13 12:34:36 -0400
commit: 2a6d3ba058ef855340ea0092a0e06781d067ad74 (patch)
tree: 3f9da2ea007d5ccc8359f1497d296bf8a1f5e9c3
parent: f98040ad5007a3f1f8a80d2ec82f0333b4c684b7 (diff)
download: gitea-2a6d3ba058ef855340ea0092a0e06781d067ad74.tar.gz
gitea-2a6d3ba058ef855340ea0092a0e06781d067ad74.zip
5 files changed, 60 insertions, 13 deletions
diff --git a/modules/auth/admin.go b/modules/auth/admin.go
index 0bb7d355c4..fb86a04764 100644
--- a/modules/auth/admin.go
+++ b/modules/auth/admin.go
@@ -12,12 +12,13 @@ import (
 
 // AdminCreateUserForm form for admin to create user
 type AdminCreateUserForm struct {
-	LoginType  string `binding:"Required"`
-	LoginName  string
-	UserName   string `binding:"Required;AlphaDashDot;MaxSize(35)"`
-	Email      string `binding:"Required;Email;MaxSize(254)"`
-	Password   string `binding:"MaxSize(255)"`
-	SendNotify bool
+	LoginType          string `binding:"Required"`
+	LoginName          string
+	UserName           string `binding:"Required;AlphaDashDot;MaxSize(35)"`
+	Email              string `binding:"Required;Email;MaxSize(254)"`
+	Password           string `binding:"MaxSize(255)"`
+	SendNotify         bool
+	MustChangePassword bool
 }
 
 // Validate validates form fields
diff --git a/options/locale/locale_en-US.ini b/options/locale/locale_en-US.ini
index e163a7e46d..bbb8a6c8c4 100644
--- a/options/locale/locale_en-US.ini
+++ b/options/locale/locale_en-US.ini
@@ -206,6 +206,7 @@ sign_up_now = Need an account? Register now.
 sign_up_successful = Account was successfully created.
 confirmation_mail_sent_prompt = A new confirmation email has been sent to <b>%s</b>. Please check your inbox within the next %s to complete the registration process.
 must_change_password = Update your password
+allow_password_change = Require user to change password (recommended)
 reset_password_mail_sent_prompt = A confirmation email has been sent to <b>%s</b>. Please check your inbox within the next %s to complete the password reset process.
 active_your_account = Activate Your Account
 account_activated = Account has been activated
diff --git a/routers/admin/users.go b/routers/admin/users.go
index ae8882ac12..8a99de01c2 100644
--- a/routers/admin/users.go
+++ b/routers/admin/users.go
@@ -82,7 +82,7 @@ func NewUserPost(ctx *context.Context, form auth.AdminCreateUserForm) {
 		Passwd:             form.Password,
 		IsActive:           true,
 		LoginType:          models.LoginPlain,
-		MustChangePassword: true,
+		MustChangePassword: form.MustChangePassword,
 	}
 
 	if len(form.LoginType) > 0 {
diff --git a/routers/admin/users_test.go b/routers/admin/users_test.go
index 8f6859940d..17eadd1336 100644
--- a/routers/admin/users_test.go
+++ b/routers/admin/users_test.go
@@ -29,12 +29,13 @@ func TestNewUserPost_MustChangePassword(t *testing.T) {
 	email := "gitea@gitea.io"
 
 	form := auth.AdminCreateUserForm{
-		LoginType:  "local",
-		LoginName:  "local",
-		UserName:   username,
-		Email:      email,
-		Password:   "xxxxxxxx",
-		SendNotify: false,
+		LoginType:          "local",
+		LoginName:          "local",
+		UserName:           username,
+		Email:              email,
+		Password:           "xxxxxxxx",
+		SendNotify:         false,
+		MustChangePassword: true,
 	}
 
 	NewUserPost(ctx, form)
@@ -48,3 +49,40 @@ func TestNewUserPost_MustChangePassword(t *testing.T) {
 	assert.Equal(t, email, u.Email)
 	assert.True(t, u.MustChangePassword)
 }
+
+func TestNewUserPost_MustChangePasswordFalse(t *testing.T) {
+
+	models.PrepareTestEnv(t)
+	ctx := test.MockContext(t, "admin/users/new")
+
+	u := models.AssertExistsAndLoadBean(t, &models.User{
+		IsAdmin: true,
+		ID:      2,
+	}).(*models.User)
+
+	ctx.User = u
+
+	username := "gitea"
+	email := "gitea@gitea.io"
+
+	form := auth.AdminCreateUserForm{
+		LoginType:          "local",
+		LoginName:          "local",
+		UserName:           username,
+		Email:              email,
+		Password:           "xxxxxxxx",
+		SendNotify:         false,
+		MustChangePassword: false,
+	}
+
+	NewUserPost(ctx, form)
+
+	assert.NotEmpty(t, ctx.Flash.SuccessMsg)
+
+	u, err := models.GetUserByName(username)
+
+	assert.NoError(t, err)
+	assert.Equal(t, username, u.Name)
+	assert.Equal(t, email, u.Email)
+	assert.False(t, u.MustChangePassword)
+}
diff --git a/templates/admin/user/new.tmpl b/templates/admin/user/new.tmpl
index 14e1d74292..b9e326e734 100644
--- a/templates/admin/user/new.tmpl
+++ b/templates/admin/user/new.tmpl
@@ -42,6 +42,13 @@
 					<input id="password" name="password" type="password" value="{{.password}}" {{if eq .login_type "0-0"}}required{{end}}>
 				</div>
 
+				<div class="inline field">
+					<div class="ui checkbox">
+						<label><strong>{{.i18n.Tr "auth.allow_password_change" }}</strong></label>
+						<input name="must_change_password" type="checkbox" checked>
+					</div>
+				</div>
+
 				<!-- Send register notify e-mail -->
 				{{if .CanSendEmail}}
 					<div class="inline field">
author	Lanre Adelowo <adelowomailbox@gmail.com>	2018-09-13 17:34:36 +0100
committer	techknowlogick <techknowlogick@users.noreply.github.com>	2018-09-13 12:34:36 -0400
commit	2a6d3ba058ef855340ea0092a0e06781d067ad74 (patch)
tree	3f9da2ea007d5ccc8359f1497d296bf8a1f5e9c3
parent	f98040ad5007a3f1f8a80d2ec82f0333b4c684b7 (diff)
download	gitea-2a6d3ba058ef855340ea0092a0e06781d067ad74.tar.gz gitea-2a6d3ba058ef855340ea0092a0e06781d067ad74.zip