Admin Ability to Set pass for new user

When creating a user you can now set the password manually or force the user to create one. Previously an email was the only option and hindered the creation of a user if the email settings were not configured at all or incorrectly.

Author: unplugged216

app/sprinkles/admin/assets/userfrosting/js/widgets/users.js

@@ -20,13 +20,51 @@ function attachUserForm() {
             validators: page.validators
         }).on("submitSuccess.ufForm", function() {
             // Reload page on success
-            window.location.reload();
+            //window.location.reload();
+        });
+		
+		toggleSetPasswordMode(modal, 'link');
+
+        // On submission, submit either the PUT request, or POST for a password reset, depending on the toggle state
+        modal.find("input[name='change_password_mode']").click(function() {
+            var changePasswordMode = $(this).val();
+            toggleSetPasswordMode(modal, changePasswordMode);
         });
     });
 }
 
 /**
  * Enable/disable password fields when switch is toggled
+ * Applies to 'creating' a user
+ */
+function toggleSetPasswordMode(el, changePasswordMode) {
+    var form = el.find("form");
+    if (changePasswordMode == 'link') {
+        $(".controls-password").find("input[type='password']").prop('disabled', true);
+        // Form submits password reset request
+
+        var validator = form.validate();
+        if (validator) {
+            //Iterate through named elements inside of the form, and mark them as error free
+            el.find("input[type='password']").each(function() {
+              validator.successList.push(this); //mark as error free
+            });
+            validator.resetForm();//remove error class on name elements and clear history
+            validator.reset();//remove all error and success data
+        }
+        el.find("input[type='password']").closest('.form-group')
+        .removeClass('has-error has-success');
+        el.find('.form-control-feedback').each(function () {
+            $(this).remove();
+        });
+    } else {
+        $(".controls-password").find("input[type='password']").prop('disabled', false);
+    }
+}
+
+/**
+ * Enable/disable password fields when switch is toggled
+ * Applies to 'reseting' a users password
  */
 function toggleChangePasswordMode(el, userName, changePasswordMode) {
     var form = el.find("form");

app/sprinkles/admin/schema/requests/user/create.yaml

@@ -70,3 +70,32 @@ group_id:
       label: "&GROUP"
       domain: server
       message: VALIDATE.INTEGER
+value:
+  validators:
+    required:
+      domain: client
+      label: "&PASSWORD"
+      message: VALIDATE.REQUIRED
+    length:
+      domain: client
+      label: "&PASSWORD"
+      min: 12
+      max: 100
+      message: VALIDATE.LENGTH_RANGE
+passwordc:
+  validators:
+    required:
+      domain: client
+      label: "&PASSWORD.CONFIRM"
+      message: VALIDATE.REQUIRED
+    matches:
+      domain: client
+      field: value
+      label: "&PASSWORD.CONFIRM"
+      message: VALIDATE.PASSWORD_MISMATCH
+    length:
+      domain: client
+      label: "&PASSWORD.CONFIRM"
+      min: 12
+      max: 100
+      message: VALIDATE.LENGTH_RANGE

app/sprinkles/admin/src/Controller/UserController.php

@@ -118,9 +118,13 @@ public function create($request, $response, $args)
         }
 
         $data['flag_verified'] = 1;
-        // Set password as empty on initial creation.  We will then send email so new user can set it themselves via a verification token
-        $data['password'] = '';
-
+		if(!isset($data['value'])){
+			// Set password as empty on initial creation.  We will then send email so new user can set it themselves via a verification token
+			$data['password'] = '';
+		}else{
+			$data['password'] = Password::hash($data['value']);
+		}
+		
         // All checks passed!  log events/activities, create user, and send verification email (if required)
         // Begin transaction - DB will be rolled back if an exception occurs
         Capsule::transaction( function() use ($classMapper, $data, $ms, $config, $currentUser) {
@@ -135,7 +139,7 @@ public function create($request, $response, $args)
                 'type' => 'account_create',
                 'user_id' => $currentUser->id
             ]);
-
+			
             // Load default roles
             $defaultRoleSlugs = $classMapper->staticMethod('role', 'getDefaultSlugs');
             $defaultRoles = $classMapper->staticMethod('role', 'whereIn', 'slug', $defaultRoleSlugs)->get();
@@ -147,19 +151,22 @@ public function create($request, $response, $args)
             // Try to generate a new password request
             $passwordRequest = $this->ci->repoPasswordReset->create($user, $config['password_reset.timeouts.create']);
 
-            // Create and send welcome email with password set link
-            $message = new TwigMailMessage($this->ci->view, 'mail/password-create.html.twig');
-
-            $message->from($config['address_book.admin'])
-                    ->addEmailRecipient(new EmailRecipient($user->email, $user->full_name))
-                    ->addParams([
-                        'user' => $user,
-                        'create_password_expiration' => $config['password_reset.timeouts.create'] / 3600 . ' hours',
-                        'token' => $passwordRequest->getToken()
-                    ]);
-
-            $this->ci->mailer->send($message);
-
+			// If the password_mode is manual, do not send an email to set it. Else, send the email.
+			if(!isset($data['value'])){
+				// Create and send welcome email with password set link
+				$message = new TwigMailMessage($this->ci->view, 'mail/password-create.html.twig');
+
+				$message->from($config['address_book.admin'])
+						->addEmailRecipient(new EmailRecipient($user->email, $user->full_name))
+						->addParams([
+							'user' => $user,
+							'create_password_expiration' => $config['password_reset.timeouts.create'] / 3600 . ' hours',
+							'token' => $passwordRequest->getToken()
+						]);
+
+				$this->ci->mailer->send($message);
+			}
+			
             $ms->addMessageTranslated('success', 'USER.CREATED', $data);
         });
 

app/sprinkles/admin/templates/forms/user.html.twig

@@ -108,6 +108,9 @@
                 </div>
             </div>
             {% endif %}
+            {% if 'password' not in form.fields.hidden %}
+				{% include "forms/partials/user-set-password.html.twig" %}
+            {% endif %}
         {% endblock %}
     </div><br>
     <div class="row">