staff: add set password for new agent

6ee21a01 · Jared Hancock · c75ee860 · 6ee21a01 · 6ee21a01 · 6ee21a01
Commit 6ee21a01 authored 9 years ago by Jared Hancock
--- a/include/ajax.staff.php
+++ b/include/ajax.staff.php
@@ -25,20 +25,27 @@ class StaffAjaxAPI extends AjaxController {
          Http::response(403, 'Agent login required');
      if (!$thisstaff->isAdmin())
          Http::response(403, 'Access denied');
-      if (!$id || !($staff = Staff::lookup($id)))
+      if ($id && !($staff = Staff::lookup($id)))
          Http::response(404, 'No such agent');

      $form = new PasswordResetForm($_POST);
+      if (!$_POST && isset($_SESSION['new-agent-passwd']))
+          $form->data($_SESSION['new-agent-passwd']);

      if ($_POST && $form->isValid()) {
          $clean = $form->getClean();
+          if ($id == 0) {
+              // Stash in the session later when creating the user
+              $_SESSION['new-agent-passwd'] = $clean;
+              Http::response(201, 'Carry on');
+          }
          try {
-              if ($clean['email']) {
+              if ($clean['welcome_email']) {
                  $staff->sendResetEmail();
              }
              else {
                  $staff->setPassword($clean['passwd1'], null);
-                  if ($clean['temporary'])
+                  if ($clean['change_passwd'])
                      $staff->change_passwd = 1;
              }
              if ($staff->save())
@@ -54,7 +61,7 @@ class StaffAjaxAPI extends AjaxController {
      }

      $title = __("Set Agent Password");
-      $verb = __('Update');
+      $verb = $id == 0 ? __('Set') : __('Update');
      $path = ltrim($ost->get_path_info(), '/');

      include STAFFINC_DIR . 'templates/quick-add.tmpl.php';

--- a/include/class.staff.php
+++ b/include/class.staff.php
@@ -1112,7 +1112,7 @@ class PasswordResetForm
 extends AbstractForm {
    function buildFields() {
        return array(
-            'email' => new BooleanField(array(
+            'welcome_email' => new BooleanField(array(
                'default' => true,
                'configuration' => array(
                    'desc' => __('Send the agent a password reset email'),
@@ -1125,7 +1125,7 @@ extends AbstractForm {
                    'classes' => 'span12',
                ),
                'visibility' => new VisibilityConstraint(
-                    new Q(array('email' => false)),
+                    new Q(array('welcome_email' => false)),
                    VisibilityConstraint::HIDDEN
                ),
            )),
@@ -1136,18 +1136,18 @@ extends AbstractForm {
                    'classes' => 'span12',
                ),
                'visibility' => new VisibilityConstraint(
-                    new Q(array('email' => false)),
+                    new Q(array('welcome_email' => false)),
                    VisibilityConstraint::HIDDEN
                ),
            )),
-            'temporary' => new BooleanField(array(
+            'change_passwd' => new BooleanField(array(
                'default' => true,
                'configuration' => array(
                    'desc' => __('Require password change at next login'),
                    'classes' => 'form footer',
                ),
                'visibility' => new VisibilityConstraint(
-                    new Q(array('email' => false)),
+                    new Q(array('welcome_email' => false)),
                    VisibilityConstraint::HIDDEN
                ),
            )),
@@ -1170,9 +1170,10 @@ extends AbstractForm {
                'autofocus' => true,
            )),
            'passwd1' => new PasswordField(array(
+                'label' => __('Enter a new password'),
                'placeholder' => __('New Password'),
                'required' => true,
-                'layout' => new GridFluidCell(12, array('style' => 'padding-top: 30px')),
+                'layout' => new GridFluidCell(12, array('style' => 'padding-top: 20px')),
            )),
            'passwd2' => new PasswordField(array(
                'placeholder' => __('Confirm Password'),

--- a/include/staff/staff.inc.php
+++ b/include/staff/staff.inc.php
@@ -103,7 +103,7 @@ else {
              name="username" value="<?php echo Format::htmlchars($staff->username); ?>" />
 <?php if (!($bk = $staff->getAuthBackend()) || $bk->supportsPasswordChange()) { ?>
            <button type="button" class="action-button" onclick="javascript:
-            $.dialog('ajax.php/staff/'+<?php echo $info['id']; ?>+'/set-password', 201);">
+            $.dialog('ajax.php/staff/'+<?php echo $info['id'] ?: '0'; ?>+'/set-password', 201);">
              <i class="icon-refresh"></i> <?php echo __('Set Password'); ?>
            </button>
 <?php } ?>

--- a/scp/staff.php
+++ b/scp/staff.php
@@ -34,7 +34,14 @@ if($_POST){
            break;
        case 'create':
            $staff = Staff::create();
+            // Unpack the data from the set-password dialog (if used)
+            if (isset($_SESSION['new-agent-passwd'])) {
+                foreach ($_SESSION['new-agent-passwd'] as $k=>$v)
+                    if (!isset($_POST[$k]))
+                        $_POST[$k] = $v;
+            }
            if ($staff->update($_POST,$errors)) {
+                unset($_SESSION['new-agent-passwd']);
                $msg=sprintf(__('Successfully added %s'),Format::htmlchars($_POST['firstname']));
                $_REQUEST['a']=null;
            }elseif(!$errors['err']){