Added change password ability to admin > edit user view, #1446

pkg/api/admin_users.go

@@ -5,6 +5,7 @@ import (
 	"github.com/grafana/grafana/pkg/bus"
 	"github.com/grafana/grafana/pkg/middleware"
 	m "github.com/grafana/grafana/pkg/models"
+	"github.com/grafana/grafana/pkg/util"
 )
 
 func AdminSearchUsers(c *middleware.Context) {
@@ -91,6 +92,36 @@ func AdminUpdateUser(c *middleware.Context, form dtos.AdminUpdateUserForm) {
 	c.JsonOK("User updated")
 }
 
+func AdminUpdateUserPassword(c *middleware.Context, form dtos.AdminUpdateUserPasswordForm) {
+	userId := c.ParamsInt64(":id")
+
+	if len(form.Password) < 4 {
+		c.JsonApiErr(400, "New password too short", nil)
+		return
+	}
+
+	userQuery := m.GetUserByIdQuery{Id: userId}
+
+	if err := bus.Dispatch(&userQuery); err != nil {
+		c.JsonApiErr(500, "Could not read user from database", err)
+		return
+	}
+
+	passwordHashed := util.EncodePassword(form.Password, userQuery.Result.Salt)
+
+	cmd := m.ChangeUserPasswordCommand{
+		UserId:      userId,
+		NewPassword: passwordHashed,
+	}
+
+	if err := bus.Dispatch(&cmd); err != nil {
+		c.JsonApiErr(500, "Failed to update user password", err)
+		return
+	}
+
+	c.JsonOK("User password updated")
+}
+
 func AdminDeleteUser(c *middleware.Context) {
 	userId := c.ParamsInt64(":id")
 

pkg/api/api.go

@@ -102,7 +102,8 @@ func Register(r *macaron.Macaron) {
 		r.Get("/users", AdminSearchUsers)
 		r.Get("/users/:id", AdminGetUser)
 		r.Post("/users", bind(dtos.AdminCreateUserForm{}), AdminCreateUser)
-		r.Put("/users/:id", bind(dtos.AdminUpdateUserForm{}), AdminUpdateUser)
+		r.Put("/users/:id/details", bind(dtos.AdminUpdateUserForm{}), AdminUpdateUser)
+		r.Put("/users/:id/password", bind(dtos.AdminUpdateUserPasswordForm{}), AdminUpdateUserPassword)
 		r.Delete("/users/:id", AdminDeleteUser)
 	}, reqGrafanaAdmin)
 

pkg/api/dtos/user.go

@@ -12,3 +12,7 @@ type AdminUpdateUserForm struct {
 	Login string `json:"login"`
 	Name  string `json:"name"`
 }
+
+type AdminUpdateUserPasswordForm struct {
+	Password string `json:"password" binding:"Required"`
+}

src/app/features/admin/adminEditUserCtrl.js

@@ -11,10 +11,7 @@ function (angular) {
 
     $scope.init = function() {
       if ($routeParams.id) {
-        $scope.createMode = false;
         $scope.getUser($routeParams.id);
-      } else {
-        $scope.createMode = true;
       }
     };
 
@@ -25,17 +22,29 @@ function (angular) {
       });
     };
 
+    $scope.setPassword = function () {
+      if (!$scope.passwordForm.$valid) { return; }
+
+      var payload = { password: $scope.password };
+      backendSrv.put('/api/admin/users/' + $scope.user_id + '/password', payload).then(function() {
+        $location.path('/admin/users');
+      });
+    };
+
+    $scope.create = function() {
+      if (!$scope.userForm.$valid) { return; }
+
+      backendSrv.post('/api/admin/users', $scope.user).then(function() {
+        $location.path('/admin/users');
+      });
+    };
+
     $scope.update = function() {
       if (!$scope.userForm.$valid) { return; }
-      if ($scope.createMode) {
-        backendSrv.post('/api/admin/users', $scope.user).then(function() {
-          $location.path('/admin/users');
-        });
-      } else {
-        backendSrv.put('/api/admin/users/' + $scope.user_id, $scope.user).then(function() {
-          $location.path('/admin/users');
-        });
-      }
+
+      backendSrv.put('/api/admin/users/' + $scope.user_id + '/details', $scope.user).then(function() {
+        $location.path('/admin/users');
+      });
     };
 
     $scope.init();

src/app/features/admin/partials/edit_user.html

@@ -2,18 +2,14 @@
 	<ul class="nav">
 		<li><a href="admin/settings">Settings</a></li>
 		<li><a href="admin/users">Users</a></li>
-		<li ng-class="{active: createMode}"><a href="admin/users/create">Create user</a></li>
-		<li class="active" ng-show="!createMode"><a href="admin/users/edit/{{user_id}}">Edit user</a></li>
+		<li><a href="admin/users/create">Create user</a></li>
+		<li class="active"><a href="admin/users/edit/{{user_id}}">Edit user</a></li>
 	</ul>
 </topnav>
 
 <div class="page-container">
 	<div class="page">
-		<h2 ng-show="createMode">
-			Create a new user
-		</h2>
-
-		<h2 ng-show="!createMode">
+		<h2>
 			Edit user
 		</h2>
 
@@ -52,14 +48,25 @@
 					</ul>
 					<div class="clearfix"></div>
 				</div>
+			</div>
+
+			<br>
+			<button type="submit" class="pull-right btn btn-success" ng-click="update()" ng-show="!createMode">Update</button>
+		</form>
 
-				<div class="tight-form" style="margin-top: 5px" ng-if="createMode">
+		<h2>
+			Change password
+		</h2>
+
+		<form name="passwordForm">
+			<div>
+				<div class="tight-form">
 					<ul class="tight-form-list">
 						<li class="tight-form-item" style="width: 100px">
-							<strong>Password</strong>
+							<strong>New password</strong>
 						</li>
 						<li>
-							<input type="password" required ng-model="user.password" class="input-xxlarge tight-form-input last" >
+							<input type="password" required ng-minlength="4" ng-model="password" class="input-xxlarge tight-form-input last">
 						</li>
 					</ul>
 					<div class="clearfix"></div>
@@ -67,8 +74,8 @@
 			</div>
 
 			<br>
-			<button type="submit" class="pull-right btn btn-success" ng-click="update()" ng-show="createMode">Create</button>
-			<button type="submit" class="pull-right btn btn-success" ng-click="update()" ng-show="!createMode">Update</button>
+			<button type="submit" class="pull-right btn btn-success" ng-click="setPassword()">Change password</button>
 		</form>
 	</div>
+
 </div>

src/app/features/admin/partials/users.html

@@ -18,7 +18,7 @@
 				<th>Name</th>
 				<th>Login</th>
 				<th>Email</th>
-				<th>Admin</th>
+				<th>Grafana Admin</th>
 				<th></th>
 			</tr>
 			<tr ng-repeat="user in users">

src/app/routes/backend/all.js

@@ -75,7 +75,7 @@ define([
         controller : 'AdminUsersCtrl',
       })
       .when('/admin/users/create', {
-        templateUrl: 'app/features/admin/partials/edit_user.html',
+        templateUrl: 'app/features/admin/partials/new_user.html',
         controller : 'AdminEditUserCtrl',
       })
       .when('/admin/users/edit/:id', {