gitea/cmd/admin_user_change_password.go

// Copyright 2023 The Gitea Authors. All rights reserved.
// SPDX-License-Identifier: MIT

package cmd

import (
	"errors"
	"fmt"

	user_model "code.gitea.io/gitea/models/user"
	"code.gitea.io/gitea/modules/auth/password"
	"code.gitea.io/gitea/modules/optional"
	"code.gitea.io/gitea/modules/setting"
	user_service "code.gitea.io/gitea/services/user"

	"github.com/urfave/cli/v2"
)

var microcmdUserChangePassword = &cli.Command{
	Name:   "change-password",
	Usage:  "Change a user's password",
	Action: runChangePassword,
	Flags: []cli.Flag{
		&cli.StringFlag{
			Name:    "username",
			Aliases: []string{"u"},
			Value:   "",
			Usage:   "The user to change password for",
		},
		&cli.StringFlag{
			Name:    "password",
			Aliases: []string{"p"},
			Value:   "",
			Usage:   "New password to set for user",
		},
		&cli.BoolFlag{
			Name:  "must-change-password",
			Usage: "User must change password (can be disabled by --must-change-password=false)",
			Value: true,
		},
	},
}

func runChangePassword(c *cli.Context) error {
	if err := argsSet(c, "username", "password"); err != nil {
		return err
	}

	ctx, cancel := installSignals()
	defer cancel()

	if err := initDB(ctx); err != nil {
		return err
	}

	user, err := user_model.GetUserByName(ctx, c.String("username"))
	if err != nil {
		return err
	}

	opts := &user_service.UpdateAuthOptions{
		Password:           optional.Some(c.String("password")),
		MustChangePassword: optional.Some(c.Bool("must-change-password")),
	}
	if err := user_service.UpdateAuth(ctx, user, opts); err != nil {
		switch {
		case errors.Is(err, password.ErrMinLength):
			return fmt.Errorf("password is not long enough, needs to be at least %d characters", setting.MinPasswordLength)
		case errors.Is(err, password.ErrComplexity):
			return errors.New("password does not meet complexity requirements")
		case errors.Is(err, password.ErrIsPwned):
			return errors.New("the password is in a list of stolen passwords previously exposed in public data breaches, please try again with a different password, to see more details: https://haveibeenpwned.com/Passwords")
		default:
			return err
		}
	}

	fmt.Printf("%s's password has been successfully updated!\n", user.Name)
	return nil
}
Add command to bulk set must-change-password (#22823) As part of administration sometimes it is appropriate to forcibly tell users to update their passwords. This PR creates a new command `gitea admin user must-change-password` which will set the `MustChangePassword` flag on the provided users. Signed-off-by: Andrew Thornton <art27@cantab.net> 2 years ago			`// Copyright 2023 The Gitea Authors. All rights reserved.`
			`// SPDX-License-Identifier: MIT`

			`package cmd`

			`import (`
			`"errors"`
			`"fmt"`

			`user_model "code.gitea.io/gitea/models/user"`
Unify user update methods (#28733) Fixes #28660 Fixes an admin api bug related to `user.LoginSource` Fixed `/user/emails` response not identical to GitHub api This PR unifies the user update methods. The goal is to keep the logic only at one place (having audit logs in mind). For example, do the password checks only in one method not everywhere a password is updated. After that PR is merged, the user creation should be next. 9 months ago			`"code.gitea.io/gitea/modules/auth/password"`
			`"code.gitea.io/gitea/modules/optional"`
Add command to bulk set must-change-password (#22823) As part of administration sometimes it is appropriate to forcibly tell users to update their passwords. This PR creates a new command `gitea admin user must-change-password` which will set the `MustChangePassword` flag on the provided users. Signed-off-by: Andrew Thornton <art27@cantab.net> 2 years ago			`"code.gitea.io/gitea/modules/setting"`
Unify user update methods (#28733) Fixes #28660 Fixes an admin api bug related to `user.LoginSource` Fixed `/user/emails` response not identical to GitHub api This PR unifies the user update methods. The goal is to keep the logic only at one place (having audit logs in mind). For example, do the password checks only in one method not everywhere a password is updated. After that PR is merged, the user creation should be next. 9 months ago			`user_service "code.gitea.io/gitea/services/user"`
Add command to bulk set must-change-password (#22823) As part of administration sometimes it is appropriate to forcibly tell users to update their passwords. This PR creates a new command `gitea admin user must-change-password` which will set the `MustChangePassword` flag on the provided users. Signed-off-by: Andrew Thornton <art27@cantab.net> 2 years ago
Refactor to use urfave/cli/v2 (#25959) Replace #10912 And there are many new tests to cover the CLI behavior There were some concerns about the "option order in hook scripts" (https://github.com/go-gitea/gitea/pull/10912#issuecomment-1137543314), it's not a problem now. Because the hook script uses `/gitea hook --config=/app.ini pre-receive` format. The "config" is a global option, it can appear anywhere. ---- ## ⚠️ BREAKING ⚠️ This PR does it best to avoid breaking anything. The major changes are: * `gitea` itself won't accept web's options: `--install-port` / `--pid` / `--port` / `--quiet` / `--verbose` .... They are `web` sub-command's options. * Use `./gitea web --pid ....` instead * `./gitea` can still run the `web` sub-command as shorthand, with default options * The sub-command's options must follow the sub-command * Before: `./gitea --sub-opt subcmd` might equal to `./gitea subcmd --sub-opt` (well, might not ...) * After: only `./gitea subcmd --sub-opt` could be used * The global options like `--config` are not affected 1 year ago			`"github.com/urfave/cli/v2"`
Add command to bulk set must-change-password (#22823) As part of administration sometimes it is appropriate to forcibly tell users to update their passwords. This PR creates a new command `gitea admin user must-change-password` which will set the `MustChangePassword` flag on the provided users. Signed-off-by: Andrew Thornton <art27@cantab.net> 2 years ago			`)`

Refactor to use urfave/cli/v2 (#25959) Replace #10912 And there are many new tests to cover the CLI behavior There were some concerns about the "option order in hook scripts" (https://github.com/go-gitea/gitea/pull/10912#issuecomment-1137543314), it's not a problem now. Because the hook script uses `/gitea hook --config=/app.ini pre-receive` format. The "config" is a global option, it can appear anywhere. ---- ## ⚠️ BREAKING ⚠️ This PR does it best to avoid breaking anything. The major changes are: * `gitea` itself won't accept web's options: `--install-port` / `--pid` / `--port` / `--quiet` / `--verbose` .... They are `web` sub-command's options. * Use `./gitea web --pid ....` instead * `./gitea` can still run the `web` sub-command as shorthand, with default options * The sub-command's options must follow the sub-command * Before: `./gitea --sub-opt subcmd` might equal to `./gitea subcmd --sub-opt` (well, might not ...) * After: only `./gitea subcmd --sub-opt` could be used * The global options like `--config` are not affected 1 year ago			`var microcmdUserChangePassword = &cli.Command{`
Add command to bulk set must-change-password (#22823) As part of administration sometimes it is appropriate to forcibly tell users to update their passwords. This PR creates a new command `gitea admin user must-change-password` which will set the `MustChangePassword` flag on the provided users. Signed-off-by: Andrew Thornton <art27@cantab.net> 2 years ago			`Name: "change-password",`
			`Usage: "Change a user's password",`
			`Action: runChangePassword,`
			`Flags: []cli.Flag{`
Refactor to use urfave/cli/v2 (#25959) Replace #10912 And there are many new tests to cover the CLI behavior There were some concerns about the "option order in hook scripts" (https://github.com/go-gitea/gitea/pull/10912#issuecomment-1137543314), it's not a problem now. Because the hook script uses `/gitea hook --config=/app.ini pre-receive` format. The "config" is a global option, it can appear anywhere. ---- ## ⚠️ BREAKING ⚠️ This PR does it best to avoid breaking anything. The major changes are: * `gitea` itself won't accept web's options: `--install-port` / `--pid` / `--port` / `--quiet` / `--verbose` .... They are `web` sub-command's options. * Use `./gitea web --pid ....` instead * `./gitea` can still run the `web` sub-command as shorthand, with default options * The sub-command's options must follow the sub-command * Before: `./gitea --sub-opt subcmd` might equal to `./gitea subcmd --sub-opt` (well, might not ...) * After: only `./gitea subcmd --sub-opt` could be used * The global options like `--config` are not affected 1 year ago			`&cli.StringFlag{`
			`Name: "username",`
			`Aliases: []string{"u"},`
			`Value: "",`
			`Usage: "The user to change password for",`
Add command to bulk set must-change-password (#22823) As part of administration sometimes it is appropriate to forcibly tell users to update their passwords. This PR creates a new command `gitea admin user must-change-password` which will set the `MustChangePassword` flag on the provided users. Signed-off-by: Andrew Thornton <art27@cantab.net> 2 years ago			`},`
Refactor to use urfave/cli/v2 (#25959) Replace #10912 And there are many new tests to cover the CLI behavior There were some concerns about the "option order in hook scripts" (https://github.com/go-gitea/gitea/pull/10912#issuecomment-1137543314), it's not a problem now. Because the hook script uses `/gitea hook --config=/app.ini pre-receive` format. The "config" is a global option, it can appear anywhere. ---- ## ⚠️ BREAKING ⚠️ This PR does it best to avoid breaking anything. The major changes are: * `gitea` itself won't accept web's options: `--install-port` / `--pid` / `--port` / `--quiet` / `--verbose` .... They are `web` sub-command's options. * Use `./gitea web --pid ....` instead * `./gitea` can still run the `web` sub-command as shorthand, with default options * The sub-command's options must follow the sub-command * Before: `./gitea --sub-opt subcmd` might equal to `./gitea subcmd --sub-opt` (well, might not ...) * After: only `./gitea subcmd --sub-opt` could be used * The global options like `--config` are not affected 1 year ago			`&cli.StringFlag{`
			`Name: "password",`
			`Aliases: []string{"p"},`
			`Value: "",`
			`Usage: "New password to set for user",`
Add command to bulk set must-change-password (#22823) As part of administration sometimes it is appropriate to forcibly tell users to update their passwords. This PR creates a new command `gitea admin user must-change-password` which will set the `MustChangePassword` flag on the provided users. Signed-off-by: Andrew Thornton <art27@cantab.net> 2 years ago			`},`
Add `must-change-password` cli parameter (#27626) This PR adds a new `must-change-password` parameter to the `change-password` cli command. We already have the `must-change-password` command but it feels natural to have this integrated into the `change-password` cli command. --------- Co-authored-by: 6543 <6543@obermui.de> 10 months ago			`&cli.BoolFlag{`
			`Name: "must-change-password",`
Add some tests to clarify the "must-change-password" behavior (#30693) Follow #30472: When a user is created by command line `./gitea admin user create`: Old behavior before #30472: the first user (admin or non-admin) doesn't need to change password. Revert to the old behavior before #30472 7 months ago			`Usage: "User must change password (can be disabled by --must-change-password=false)",`
Improve "must-change-password" logic and document (#30472) Unify the behaviors of "user create" and "user change-password". Co-authored-by: KN4CK3R <admin@oldschoolhack.me> 7 months ago			`Value: true,`
Add `must-change-password` cli parameter (#27626) This PR adds a new `must-change-password` parameter to the `change-password` cli command. We already have the `must-change-password` command but it feels natural to have this integrated into the `change-password` cli command. --------- Co-authored-by: 6543 <6543@obermui.de> 10 months ago			`},`
Add command to bulk set must-change-password (#22823) As part of administration sometimes it is appropriate to forcibly tell users to update their passwords. This PR creates a new command `gitea admin user must-change-password` which will set the `MustChangePassword` flag on the provided users. Signed-off-by: Andrew Thornton <art27@cantab.net> 2 years ago			`},`
			`}`

			`func runChangePassword(c *cli.Context) error {`
			`if err := argsSet(c, "username", "password"); err != nil {`
			`return err`
			`}`

			`ctx, cancel := installSignals()`
			`defer cancel()`

			`if err := initDB(ctx); err != nil {`
			`return err`
			`}`

Unify user update methods (#28733) Fixes #28660 Fixes an admin api bug related to `user.LoginSource` Fixed `/user/emails` response not identical to GitHub api This PR unifies the user update methods. The goal is to keep the logic only at one place (having audit logs in mind). For example, do the password checks only in one method not everywhere a password is updated. After that PR is merged, the user creation should be next. 9 months ago			`user, err := user_model.GetUserByName(ctx, c.String("username"))`
Add command to bulk set must-change-password (#22823) As part of administration sometimes it is appropriate to forcibly tell users to update their passwords. This PR creates a new command `gitea admin user must-change-password` which will set the `MustChangePassword` flag on the provided users. Signed-off-by: Andrew Thornton <art27@cantab.net> 2 years ago			`if err != nil {`
			`return err`
			`}`

Unify user update methods (#28733) Fixes #28660 Fixes an admin api bug related to `user.LoginSource` Fixed `/user/emails` response not identical to GitHub api This PR unifies the user update methods. The goal is to keep the logic only at one place (having audit logs in mind). For example, do the password checks only in one method not everywhere a password is updated. After that PR is merged, the user creation should be next. 9 months ago			`opts := &user_service.UpdateAuthOptions{`
			`Password: optional.Some(c.String("password")),`
Improve "must-change-password" logic and document (#30472) Unify the behaviors of "user create" and "user change-password". Co-authored-by: KN4CK3R <admin@oldschoolhack.me> 7 months ago			`MustChangePassword: optional.Some(c.Bool("must-change-password")),`
Unify user update methods (#28733) Fixes #28660 Fixes an admin api bug related to `user.LoginSource` Fixed `/user/emails` response not identical to GitHub api This PR unifies the user update methods. The goal is to keep the logic only at one place (having audit logs in mind). For example, do the password checks only in one method not everywhere a password is updated. After that PR is merged, the user creation should be next. 9 months ago			`}`
			`if err := user_service.UpdateAuth(ctx, user, opts); err != nil {`
			`switch {`
			`case errors.Is(err, password.ErrMinLength):`
Improve "must-change-password" logic and document (#30472) Unify the behaviors of "user create" and "user change-password". Co-authored-by: KN4CK3R <admin@oldschoolhack.me> 7 months ago			`return fmt.Errorf("password is not long enough, needs to be at least %d characters", setting.MinPasswordLength)`
Unify user update methods (#28733) Fixes #28660 Fixes an admin api bug related to `user.LoginSource` Fixed `/user/emails` response not identical to GitHub api This PR unifies the user update methods. The goal is to keep the logic only at one place (having audit logs in mind). For example, do the password checks only in one method not everywhere a password is updated. After that PR is merged, the user creation should be next. 9 months ago			`case errors.Is(err, password.ErrComplexity):`
Improve "must-change-password" logic and document (#30472) Unify the behaviors of "user create" and "user change-password". Co-authored-by: KN4CK3R <admin@oldschoolhack.me> 7 months ago			`return errors.New("password does not meet complexity requirements")`
Unify user update methods (#28733) Fixes #28660 Fixes an admin api bug related to `user.LoginSource` Fixed `/user/emails` response not identical to GitHub api This PR unifies the user update methods. The goal is to keep the logic only at one place (having audit logs in mind). For example, do the password checks only in one method not everywhere a password is updated. After that PR is merged, the user creation should be next. 9 months ago			`case errors.Is(err, password.ErrIsPwned):`
Improve "must-change-password" logic and document (#30472) Unify the behaviors of "user create" and "user change-password". Co-authored-by: KN4CK3R <admin@oldschoolhack.me> 7 months ago			`return errors.New("the password is in a list of stolen passwords previously exposed in public data breaches, please try again with a different password, to see more details: https://haveibeenpwned.com/Passwords")`
Unify user update methods (#28733) Fixes #28660 Fixes an admin api bug related to `user.LoginSource` Fixed `/user/emails` response not identical to GitHub api This PR unifies the user update methods. The goal is to keep the logic only at one place (having audit logs in mind). For example, do the password checks only in one method not everywhere a password is updated. After that PR is merged, the user creation should be next. 9 months ago			`default:`
			`return err`
			`}`
Add command to bulk set must-change-password (#22823) As part of administration sometimes it is appropriate to forcibly tell users to update their passwords. This PR creates a new command `gitea admin user must-change-password` which will set the `MustChangePassword` flag on the provided users. Signed-off-by: Andrew Thornton <art27@cantab.net> 2 years ago			`}`

			`fmt.Printf("%s's password has been successfully updated!\n", user.Name)`
			`return nil`
			`}`