public function __construct($controllerId, $moduleId, UserPasswordForm $userForm) { parent::__construct(2, 1); $this->setView(new ActionBarForUserEditAndDetailsView($controllerId, $moduleId, $userForm->getModel(), 'ChangePasswordMenu'), 0, 0); $title = strval($userForm) . ': ' . Zurmo::t('UsersModule', 'Change Password'); $this->setView(new UserChangePasswordView($controllerId, $moduleId, $userForm, $title), 1, 0); }
/** * Execute the action. * @param array command line parameters specific for this command */ public function actionIndex($username, $password) { // we want to change password and while doing so it would be better to assume // a root-level system user. Yii::app()->user->userModel = BaseControlUserConfigUtil::getUserToRunAs(true); if (!isset($username)) { $this->usageError('A username must be specified.'); } if (!isset($password)) { $this->usageError('You must specify the new password.'); } try { $user = User::getByUsername($username); } catch (NotFoundException $e) { $this->usageError('The specified username does not exist.'); } $user->setScenario('changePassword'); $userPasswordForm = new UserPasswordForm($user); $userPasswordForm->setScenario('changePassword'); $userPasswordForm->newPassword = $password; $userPasswordForm->newPassword_repeat = $password; if (!$userPasswordForm->validate()) { $this->addErrorsAsUsageErrors($userPasswordForm->getErrors()); } if (!$user->validate()) { $this->addErrorsAsUsageErrors($user->getErrors()); } if (!$user->save()) { throw new FailedToSaveModelException(); } echo 'Updated Password' . "\n"; }
public function testIsAttributeSafe() { $user = UserTestHelper::createBasicUser('Steven'); $userPasswordForm = new UserPasswordForm($user); $userPasswordForm->setScenario('createUser'); $this->assertTrue($userPasswordForm->isAttributeSafe('username')); $this->assertFalse($userPasswordForm->isAttributeSafe('usernameee')); }
/** * @param UserPasswordForm $form */ public function formSubmitted(UserPasswordForm $form) { $values = $form->getValues(); try { $this->authenticator->authenticate(array($this->user->getModel()->getEmail(), $values->oldPassword)); $this->userManager->changePassword($values); $form->presenter->flashMessage('Password was changed.', 'success'); } catch (\Exception $ex) { $form->addError($ex->getMessage()); } }
public function actionChangePassword($id) { UserAccessUtil::resolveCanCurrentUserAccessAction(intval($id)); $user = User::getById(intval($id)); UserAccessUtil::resolveCanCurrentUserAccessRootUser($user); UserAccessUtil::resolveAccessingASystemUser($user); $title = Zurmo::t('UsersModule', 'Change Password'); $breadCrumbLinks = array(strval($user) => array('default/details', 'id' => $id), $title); $user->setScenario('changePassword'); $userPasswordForm = new UserPasswordForm($user); $userPasswordForm->setScenario('changePassword'); $this->attemptToValidateAjaxFromPost($userPasswordForm, 'UserPasswordForm'); $view = new UsersPageView($this->resolveZurmoDefaultOrAdminView($this->makeTitleBarAndEditView($this->attemptToSaveModelFromPost($userPasswordForm), 'UserActionBarAndChangePasswordView'), $breadCrumbLinks, 'UserBreadCrumbView')); echo $view->render(); }
/** * @depends testCreateAndGetUserById */ public function testPasswordUserNamePolicyChangesValidationAndLogin() { $bill = User::getByUsername('bill'); $bill->setScenario('changePassword'); $billPasswordForm = new UserPasswordForm($bill); $billPasswordForm->setScenario('changePassword'); $this->assertEquals(null, $bill->getEffectivePolicy('UsersModule', UsersModule::POLICY_ENFORCE_STRONG_PASSWORDS)); $this->assertEquals(5, $bill->getEffectivePolicy('UsersModule', UsersModule::POLICY_MINIMUM_PASSWORD_LENGTH)); $this->assertEquals(3, $bill->getEffectivePolicy('UsersModule', UsersModule::POLICY_MINIMUM_USERNAME_LENGTH)); $_FAKEPOST = array('UserPasswordForm' => array('username' => 'ab', 'newPassword' => 'ab', 'newPassword_repeat' => 'ab')); $billPasswordForm->setAttributes($_FAKEPOST['UserPasswordForm']); $this->assertFalse($billPasswordForm->save()); $errors = array('newPassword' => array('The password is too short. Minimum length is 5.')); $this->assertEquals($errors, $billPasswordForm->getErrors()); $_FAKEPOST = array('UserPasswordForm' => array('username' => 'abcdefg', 'newPassword' => 'abcdefg', 'newPassword_repeat' => 'abcdefg')); $billPasswordForm->setAttributes($_FAKEPOST['UserPasswordForm']); $this->assertEquals('abcdefg', $billPasswordForm->username); $this->assertEquals('abcdefg', $billPasswordForm->newPassword); $validated = $billPasswordForm->validate(); $this->assertTrue($validated); $saved = $billPasswordForm->save(); $this->assertTrue($saved); $bill->setPolicy('UsersModule', UsersModule::POLICY_ENFORCE_STRONG_PASSWORDS, Policy::YES); // If security is optimized the optimization will see the policy value in the database // and so wont use it in validating, so the non-strong password wont be validated as // invalid until the next save. $this->assertEquals(SECURITY_OPTIMIZED, $billPasswordForm->save()); $_FAKEPOST = array('UserPasswordForm' => array('newPassword' => 'abcdefg', 'newPassword_repeat' => 'abcdefg')); $billPasswordForm->setAttributes($_FAKEPOST['UserPasswordForm']); $this->assertFalse($billPasswordForm->save()); $this->assertEquals(md5('abcdefg'), $bill->hash); $errors = array('newPassword' => array('The password must have at least one uppercase letter', 'The password must have at least one number and one letter')); $this->assertEquals($errors, $billPasswordForm->getErrors()); $_FAKEPOST = array('UserPasswordForm' => array('newPassword' => 'abcdefgN', 'newPassword_repeat' => 'abcdefgN')); $billPasswordForm->setAttributes($_FAKEPOST['UserPasswordForm']); $this->assertFalse($billPasswordForm->save()); $errors = array('newPassword' => array('The password must have at least one number and one letter')); $this->assertEquals($errors, $billPasswordForm->getErrors()); $_FAKEPOST = array('UserPasswordForm' => array('newPassword' => 'ABCDEFGH', 'newPassword_repeat' => 'ABCDEFGH')); $billPasswordForm->setAttributes($_FAKEPOST['UserPasswordForm']); $this->assertFalse($billPasswordForm->save()); $errors = array('newPassword' => array('The password must have at least one lowercase letter', 'The password must have at least one number and one letter')); $this->assertEquals($errors, $billPasswordForm->getErrors()); $_FAKEPOST = array('UserPasswordForm' => array('newPassword' => 'abcdefgN4', 'newPassword_repeat' => 'abcdefgN4')); $billPasswordForm->setAttributes($_FAKEPOST['UserPasswordForm']); $this->assertTrue($billPasswordForm->save()); $bill->setRight('UsersModule', UsersModule::RIGHT_LOGIN_VIA_WEB); $this->assertTrue($billPasswordForm->save()); $this->assertEquals(Right::ALLOW, $bill->getEffectiveRight('UsersModule', UsersModule::RIGHT_LOGIN_VIA_WEB)); //Now attempt to login as bill $bill->forget(); $bill = User::getByUsername('abcdefg'); $this->assertEquals(md5('abcdefgN4'), $bill->hash); $identity = new UserIdentity('abcdefg', 'abcdefgN4'); $authenticated = $identity->authenticate(); $this->assertEquals(0, $identity->errorCode); $this->assertTrue($authenticated); //Now turn off login via web for bill Yii::app()->user->userModel = User::getByUsername('super'); $bill = User::getByUsername('abcdefg'); $bill->setRight('UsersModule', UsersModule::RIGHT_LOGIN_VIA_WEB, RIGHT::DENY); $this->assertTrue($bill->save()); $identity = new UserIdentity('abcdefg', 'abcdefgN4'); $this->assertFalse($identity->authenticate()); $this->assertEquals(UserIdentity::ERROR_NO_RIGHT_WEB_LOGIN, $identity->errorCode); }