Added password reset via admin panel

2019-08-28 16:13:56 -04:00 · 2019-08-28 16:13:56 -04:00 · 30c30c696a
commit 30c30c696a
parent 3b1cfd4253
5 changed files with 46 additions and 2 deletions
--- a/app/controllers/admin/accounts_controller.rb
+++ b/app/controllers/admin/accounts_controller.rb
@ -2,7 +2,7 @@

 module Admin
  class AccountsController < BaseController
-    before_action :set_account, only: [:show, :subscribe, :unsubscribe, :redownload, :remove_avatar, :remove_header, :enable, :unsilence, :unsuspend, :memorialize, :approve, :reject, :verify, :unverify, :add_donor_badge, :remove_donor_badge, :add_investor_badge, :remove_investor_badge, :edit_pro, :save_pro]
+    before_action :set_account, only: [:show, :subscribe, :unsubscribe, :redownload, :remove_avatar, :remove_header, :enable, :unsilence, :unsuspend, :memorialize, :approve, :reject, :verify, :unverify, :add_donor_badge, :remove_donor_badge, :add_investor_badge, :remove_investor_badge, :edit_pro, :save_pro, :edit, :update]
    before_action :require_remote_account!, only: [:subscribe, :unsubscribe, :redownload]
    before_action :require_local_account!, only: [:enable, :memorialize, :approve, :reject]

@ -173,6 +173,22 @@ module Admin
      redirect_to edit_pro_admin_account_path(@account.id)
    end

+    def edit
+      redirect_to admin_account_path(@account.id) unless @account.local?
+      @user = @account.user
+    end
+
+    def update
+      redirect_to admin_account_path(@account.id) unless @account.local?
+      @user = @account.user
+      if @user.update(credentials_params)
+        redirect_to admin_account_path(@account.id), notice: I18n.t('generic.changes_saved_msg')
+      else
+        render action: :edit
+      end
+    end
+
+
    private

    def set_account
@ -211,5 +227,14 @@ module Admin
    def pro_params
      params.require(:account).permit(:is_pro, :pro_expires_at)
    end
+
+    def credentials_params
+      new_params = params.require(:user).permit(:email, :password, :password_confirmation)
+      if new_params[:password].blank? && new_params[:password_confirmation].blank?
+        new_params.delete(:password)
+        new_params.delete(:password_confirmation)
+      end
+      new_params
+    end
  end
 end
--- a/app/views/admin/accounts/edit.html.haml
+++ b/app/views/admin/accounts/edit.html.haml
@ -0,0 +1,12 @@
+- content_for :page_title do
+  = t('admin.accounts.change_password.title', username: @account.acct)
+
+= simple_form_for(@user, url: admin_account_path(@account.id), html: { method: :put }) do |f|
+  = render 'shared/error_messages', object: @user
+
+  = f.input :email, placeholder: t('simple_form.labels.defaults.email'), input_html: { 'aria-label' => t('simple_form.labels.defaults.email') }
+  = f.input :password, autocomplete: "off", placeholder: t('simple_form.labels.defaults.new_password'), input_html: { 'aria-label' => t('simple_form.labels.defaults.new_password') }
+  = f.input :password_confirmation, autocomplete: "off", placeholder: t('simple_form.labels.defaults.confirm_new_password'), input_html: { 'aria-label' => t('simple_form.labels.defaults.confirm_new_password') }
+
+  .actions
+    = f.button :button, t('admin.accounts.set_new_password'), type: :submit
--- a/app/views/admin/accounts/show.html.haml
+++ b/app/views/admin/accounts/show.html.haml
@ -221,6 +221,9 @@
      - elsif !@account.local? || @account.user_approved?
        = link_to t('admin.accounts.perform_full_suspension'), new_admin_account_action_path(@account.id, type: 'suspend'), class: 'button button--destructive' if can?(:suspend, @account)

+      - if @account.local?
+        = link_to t('admin.accounts.change_password.button'), edit_admin_account_path(@account.id), class: 'button'
+
      - unless @account.local?
        - if DomainBlock.where(domain: @account.domain).exists?
          = link_to t('admin.domain_blocks.undo'), admin_instance_path(@account.domain), class: 'button'
--- a/config/locales/en.yml
+++ b/config/locales/en.yml
@ -92,6 +92,10 @@ en:
        new_email: New email
        submit: Change email
        title: Change email for %{username}
+      change_password:
+        button: Change Password
+        title: Change password for %{username}
+      set_new_password: Update
      confirm: Confirm
      confirmed: Confirmed
      confirming: Confirming
--- a/config/routes.rb
+++ b/config/routes.rb
@ -182,7 +182,7 @@ Rails.application.routes.draw do

    resources :report_notes, only: [:create, :destroy]

-    resources :accounts, only: [:index, :show] do
+    resources :accounts, only: [:index, :show, :edit, :update] do
      member do
        post :subscribe
        post :unsubscribe