diff --git a/app/controllers/admins_controller.rb b/app/controllers/admins_controller.rb
index 866c9d2e..a3be2280 100644
--- a/app/controllers/admins_controller.rb
+++ b/app/controllers/admins_controller.rb
@@ -22,7 +22,7 @@ class AdminsController < ApplicationController
include Emailer
include Recorder
- manage_users = [:edit_user, :promote, :demote, :ban_user, :unban_user, :approve]
+ manage_users = [:edit_user, :promote, :demote, :ban_user, :unban_user, :approve, :reset]
site_settings = [:branding, :coloring, :coloring_lighten, :coloring_darken,
:registration_method, :room_authentication, :room_limit, :default_recording_visibility]
@@ -106,6 +106,14 @@ class AdminsController < ApplicationController
redirect_to admins_path
end
+ # GET /admins/reset
+ def reset
+ @user.create_reset_digest
+
+ send_password_reset_email(@user)
+
+ redirect_to admins_path, flash: { success: I18n.t("administrator.flash.reset_password") }
+ end
# SITE SETTINGS
# POST /admins/branding
diff --git a/app/controllers/password_resets_controller.rb b/app/controllers/password_resets_controller.rb
index e4959eb8..707af55e 100644
--- a/app/controllers/password_resets_controller.rb
+++ b/app/controllers/password_resets_controller.rb
@@ -53,7 +53,7 @@ class PasswordResetsController < ApplicationController
elsif params[:user][:password] != params[:user][:password_confirmation]
flash.now[:alert] = I18n.t("password_different_notice")
render 'edit'
- elsif current_user.update_attributes(user_params)
+ elsif @user.update_attributes(user_params)
flash[:success] = I18n.t("password_reset_success")
redirect_to root_path
else
@@ -67,23 +67,19 @@ class PasswordResetsController < ApplicationController
@user = User.find_by(email: params[:email])
end
- def current_user
- @user
- end
-
def user_params
params.require(:user).permit(:password, :password_confirmation)
end
# Checks expiration of reset token.
def check_expiration
- redirect_to new_password_reset_url, alert: I18n.t("expired_reset_token") if current_user.password_reset_expired?
+ redirect_to new_password_reset_url, alert: I18n.t("expired_reset_token") if @user.password_reset_expired?
end
# Confirms a valid user.
def valid_user
- unless current_user.authenticated?(:reset, params[:id])
- current_user&.activate unless current_user&.activated?
+ unless @user.authenticated?(:reset, params[:id])
+ @user&.activate unless @user&.activated?
redirect_to root_url
end
end
diff --git a/app/helpers/application_helper.rb b/app/helpers/application_helper.rb
index e8136084..29202d01 100644
--- a/app/helpers/application_helper.rb
+++ b/app/helpers/application_helper.rb
@@ -128,4 +128,9 @@ module ApplicationHelper
role.name
end
end
+
+ def can_reset_password
+ # Check if admin is editting user
+ Rails.application.routes.recognize_path(request.env['PATH_INFO'])[:action] == "edit_user"
+ end
end
diff --git a/app/models/ability.rb b/app/models/ability.rb
index d06263c9..eb9732e2 100644
--- a/app/models/ability.rb
+++ b/app/models/ability.rb
@@ -37,7 +37,7 @@ class Ability
if highest_role.can_manage_users
can [:index, :roles, :edit_user, :promote, :demote, :ban_user, :unban_user,
- :approve, :invite], :admin
+ :approve, :invite, :reset], :admin
end
if !highest_role.can_edit_site_settings && !highest_role.can_edit_roles && !highest_role.can_manage_users
diff --git a/app/views/shared/settings/_account.html.erb b/app/views/shared/settings/_account.html.erb
index a81dbe3f..e9eeb312 100644
--- a/app/views/shared/settings/_account.html.erb
+++ b/app/views/shared/settings/_account.html.erb
@@ -75,6 +75,10 @@
<% end %>
diff --git a/app/views/user_mailer/password_reset.html.erb b/app/views/user_mailer/password_reset.html.erb
index 81bba048..989e803e 100644
--- a/app/views/user_mailer/password_reset.html.erb
+++ b/app/views/user_mailer/password_reset.html.erb
@@ -24,7 +24,7 @@
- <%= t('mailer.user.password_reset.welcome', bigbluebutton: t('bigbluebutton')) %>
+ <%= t('mailer.user.password_reset.welcome', email: @user.email).html_safe %>
@@ -38,11 +38,11 @@
- <%= t('mailer.user.password_reset.expire') %>
+ <%= t('mailer.user.password_reset.ignore') %>
- <%= t('mailer.user.password_reset.ignore') %>
+ <%= t('mailer.user.password_reset.expire') %>
diff --git a/app/views/user_mailer/password_reset.text.erb b/app/views/user_mailer/password_reset.text.erb
index 199047df..3065dd67 100644
--- a/app/views/user_mailer/password_reset.text.erb
+++ b/app/views/user_mailer/password_reset.text.erb
@@ -18,7 +18,7 @@
<%= t('mailer.user.password_reset.title') %>
-<%= t('mailer.user.password_reset.welcome', bigbluebutton: t('bigbluebutton')) %>
+<%= t('mailer.user.password_reset.welcome', email: @user.email) %>
<%= t('mailer.user.password_reset.message') %>
<%= @url %>
diff --git a/config/locales/en.yml b/config/locales/en.yml
index 2881cf6f..1d3ebfd7 100755
--- a/config/locales/en.yml
+++ b/config/locales/en.yml
@@ -75,6 +75,7 @@ en:
invite_email_verification: Emails must be enabled in order to use this method. Please contact your system administrator.
promoted: User has been successfully promoted
registration_method_updated: Registration method successfully updated
+ reset_password: The user has been sent an email to reset their password. (Please ask them to check their spam folder if they haven't received it)
settings: Site Settings successfully changed
unauthorized: You are not authorized to perform actions on this user
recordings:
@@ -262,11 +263,11 @@ en:
username: Your username is %{email}.
password_reset:
title: 'Password reset'
- welcome: It seems like you forgot your password for %{bigbluebutton}
- message: 'If this is true, please click the link below to reset your password:'
+ welcome: A password reset has been requested for the email %{email}
+ message: 'If you requested this reset, then please click the link below to reset your password:'
reset_link: Reset Password
expire: This link will expire in two hours.
- ignore: You can safely ignore this email if you did not request a password reset.
+ ignore: You can safely ignore this email if you did not make this request.
promoted:
admins_link: Visit the Organization Page
info: You are now an %{role} on %{url}.
diff --git a/config/routes.rb b/config/routes.rb
index 4d09d0d5..7406a11d 100644
--- a/config/routes.rb
+++ b/config/routes.rb
@@ -51,6 +51,7 @@ Rails.application.routes.draw do
post '/invite', to: 'admins#invite', as: :invite_user
post '/registration_method/:method', to: 'admins#registration_method', as: :admin_change_registration
post '/approve/:user_uid', to: 'admins#approve', as: :admin_approve
+ get '/reset', to: 'admins#reset', as: :admin_reset
post '/room_limit', to: 'admins#room_limit', as: :admin_room_limit
post '/default_recording_visibility', to: 'admins#default_recording_visibility', as: :admin_recording_visibility
get '/roles', to: 'admins#roles', as: :admin_roles
diff --git a/spec/controllers/password_resets_controller_spec.rb b/spec/controllers/password_resets_controller_spec.rb
index 18026ea3..5fedb819 100644
--- a/spec/controllers/password_resets_controller_spec.rb
+++ b/spec/controllers/password_resets_controller_spec.rb
@@ -124,6 +124,7 @@ describe PasswordResetsController, type: :controller do
params = {
id: token,
+ email: user.email,
user: {
password: :password,
password_confirmation: :password,