Only login and password are required (case when we update the password).
If the password changes and the user has an old token_auth (legacy MD5 format) associated,
the token will be regenerated. This could break a user's API calls.
public updateUser ( $userLogin, $password = false, $email = false, $alias = false, $_isPasswordHashed = false ) |
protected function execute(InputInterface $input, OutputInterface $output) { $login = $input->getArgument('login'); $user = $this->usersManagerApi->getUser($login); if (!UserMapper::isUserLdapUser($user)) { throw new Exception("User '{$login}' is not an LDAP user. To regenerate this user's token_auth, change the user's password."); } if (!$this->userMapper->isRandomTokenAuthGenerationEnabled()) { throw new Exception("Random token_auth generation is disabled in [LoginLdap] config. This means any changes made by this " . "command will be overwritten when the user logs in. Aborting."); } $newPassword = $this->userMapper->generateRandomPassword(); $this->usersManagerApi->updateUser($login, $newPassword, $email = false, $alias = false, $isPasswordHash = true); $user = $this->usersManagerApi->getUser($login); $this->writeSuccessMessage($output, array("token_auth for '{$login}' regenerated successfully, new token_auth = '{$user['token_auth']}'")); }
/** * normal case, reused in other tests */ public function testUpdateUser() { $login = "******"; $user = array('login' => $login, 'password' => "geqgeagae", 'email' => "*****@*****.**", 'alias' => "alias"); $this->api->addUser($user['login'], $user['password'], $user['email'], $user['alias']); $this->api->updateUser($login, "passowordOK", "*****@*****.**", "NEW ALIAS"); $this->_checkUserHasNotChanged($user, "passowordOK", "*****@*****.**", "NEW ALIAS"); }
public function test_updateUser() { $this->api->updateUser($this->login, 'newPassword', '*****@*****.**', 'newAlias', false); $user = $this->api->getUser($this->login); $this->assertSame('14a88b9d2f52c55b5fbcf9c5d9c11875', $user['password']); $this->assertSame('*****@*****.**', $user['email']); $this->assertSame('newAlias', $user['alias']); }
/** * Decrypts the password (if encrypted) and calls the original function on * the decrypted value. * * @see the parent class function for parameters and return value */ public function updateUser($userLogin, $password = false, $email = false, $alias = false, $_isPasswordHashed = false, $directCall = false) { // check if this function is called directly // Reason: updateUser() is called in following situations: // 1. With an already decrypted password by: // * Piwik\Plugins\Login\PasswordResetter::confirmNewPassword() // on password change via the form before login // * Controller::processPasswordChange() when any user changes // their own password in their account settings // 2. With an encrypted password when called directly by (so, // decryption is needed in this case): // * /plugins/UsersManagerEncrypted/javascripts/usersManager.js::sendUpdateUserAJAX() // when a super user changes someone's password in Piwik user administration. if ($directCall == 'true') { $password = Crypto::decrypt($password); } return parent::updateUser($userLogin, $password, $email, $alias, $_isPasswordHashed); }