From 6ee21a01a41b2d5f190d54b8f5d204648a317a59 Mon Sep 17 00:00:00 2001
From: Jared Hancock <jared@osticket.com>
Date: Tue, 7 Jul 2015 15:36:05 -0500
Subject: [PATCH] staff: add set password for new agent
---
include/ajax.staff.php | 15 +++++++++++----
include/class.staff.php | 13 +++++++------
include/staff/staff.inc.php | 2 +-
scp/staff.php | 7 +++++++
4 files changed, 26 insertions(+), 11 deletions(-)
diff --git a/include/ajax.staff.php b/include/ajax.staff.php
index e0292420f..2967eb354 100644
--- a/include/ajax.staff.php
+++ b/include/ajax.staff.php
@@ -25,20 +25,27 @@ class StaffAjaxAPI extends AjaxController {
Http::response(403, 'Agent login required');
if (!$thisstaff->isAdmin())
Http::response(403, 'Access denied');
- if (!$id || !($staff = Staff::lookup($id)))
+ if ($id && !($staff = Staff::lookup($id)))
Http::response(404, 'No such agent');
$form = new PasswordResetForm($_POST);
+ if (!$_POST && isset($_SESSION['new-agent-passwd']))
+ $form->data($_SESSION['new-agent-passwd']);
if ($_POST && $form->isValid()) {
$clean = $form->getClean();
+ if ($id == 0) {
+ // Stash in the session later when creating the user
+ $_SESSION['new-agent-passwd'] = $clean;
+ Http::response(201, 'Carry on');
+ }
try {
- if ($clean['email']) {
+ if ($clean['welcome_email']) {
$staff->sendResetEmail();
}
else {
$staff->setPassword($clean['passwd1'], null);
- if ($clean['temporary'])
+ if ($clean['change_passwd'])
$staff->change_passwd = 1;
}
if ($staff->save())
@@ -54,7 +61,7 @@ class StaffAjaxAPI extends AjaxController {
}
$title = __("Set Agent Password");
- $verb = __('Update');
+ $verb = $id == 0 ? __('Set') : __('Update');
$path = ltrim($ost->get_path_info(), '/');
include STAFFINC_DIR . 'templates/quick-add.tmpl.php';
diff --git a/include/class.staff.php b/include/class.staff.php
index d3cdff2a1..153bdc0a0 100644
--- a/include/class.staff.php
+++ b/include/class.staff.php
@@ -1112,7 +1112,7 @@ class PasswordResetForm
extends AbstractForm {
function buildFields() {
return array(
- 'email' => new BooleanField(array(
+ 'welcome_email' => new BooleanField(array(
'default' => true,
'configuration' => array(
'desc' => __('Send the agent a password reset email'),
@@ -1125,7 +1125,7 @@ extends AbstractForm {
'classes' => 'span12',
),
'visibility' => new VisibilityConstraint(
- new Q(array('email' => false)),
+ new Q(array('welcome_email' => false)),
VisibilityConstraint::HIDDEN
),
)),
@@ -1136,18 +1136,18 @@ extends AbstractForm {
'classes' => 'span12',
),
'visibility' => new VisibilityConstraint(
- new Q(array('email' => false)),
+ new Q(array('welcome_email' => false)),
VisibilityConstraint::HIDDEN
),
)),
- 'temporary' => new BooleanField(array(
+ 'change_passwd' => new BooleanField(array(
'default' => true,
'configuration' => array(
'desc' => __('Require password change at next login'),
'classes' => 'form footer',
),
'visibility' => new VisibilityConstraint(
- new Q(array('email' => false)),
+ new Q(array('welcome_email' => false)),
VisibilityConstraint::HIDDEN
),
)),
@@ -1170,9 +1170,10 @@ extends AbstractForm {
'autofocus' => true,
)),
'passwd1' => new PasswordField(array(
+ 'label' => __('Enter a new password'),
'placeholder' => __('New Password'),
'required' => true,
- 'layout' => new GridFluidCell(12, array('style' => 'padding-top: 30px')),
+ 'layout' => new GridFluidCell(12, array('style' => 'padding-top: 20px')),
)),
'passwd2' => new PasswordField(array(
'placeholder' => __('Confirm Password'),
diff --git a/include/staff/staff.inc.php b/include/staff/staff.inc.php
index fdb94df4c..ed810332a 100644
--- a/include/staff/staff.inc.php
+++ b/include/staff/staff.inc.php
@@ -103,7 +103,7 @@ else {
name="username" value="<?php echo Format::htmlchars($staff->username); ?>" />
<?php if (!($bk = $staff->getAuthBackend()) || $bk->supportsPasswordChange()) { ?>
<button type="button" class="action-button" onclick="javascript:
- $.dialog('ajax.php/staff/'+<?php echo $info['id']; ?>+'/set-password', 201);">
+ $.dialog('ajax.php/staff/'+<?php echo $info['id'] ?: '0'; ?>+'/set-password', 201);">
<i class="icon-refresh"></i> <?php echo __('Set Password'); ?>
</button>
<?php } ?>
diff --git a/scp/staff.php b/scp/staff.php
index a0426ea28..81ac0e0ee 100644
--- a/scp/staff.php
+++ b/scp/staff.php
@@ -34,7 +34,14 @@ if($_POST){
break;
case 'create':
$staff = Staff::create();
+ // Unpack the data from the set-password dialog (if used)
+ if (isset($_SESSION['new-agent-passwd'])) {
+ foreach ($_SESSION['new-agent-passwd'] as $k=>$v)
+ if (!isset($_POST[$k]))
+ $_POST[$k] = $v;
+ }
if ($staff->update($_POST,$errors)) {
+ unset($_SESSION['new-agent-passwd']);
$msg=sprintf(__('Successfully added %s'),Format::htmlchars($_POST['firstname']));
$_REQUEST['a']=null;
}elseif(!$errors['err']){
--
GitLab