diff --git a/client-api/src/main/java/ru/dragonestia/picker/api/repository/AccountRepository.java b/client-api/src/main/java/ru/dragonestia/picker/api/repository/AccountRepository.java index 20baaae..82e953b 100644 --- a/client-api/src/main/java/ru/dragonestia/picker/api/repository/AccountRepository.java +++ b/client-api/src/main/java/ru/dragonestia/picker/api/repository/AccountRepository.java @@ -19,4 +19,6 @@ public interface AccountRepository { void removeAccount(@NotNull IAccount account); void setPermissions(@NotNull IAccount account, @NotNull List permissions); + + void setPassword(@NotNull IAccount account, @NotNull String newPassword); } diff --git a/client-impl/src/main/java/ru/dragonestia/picker/api/impl/repository/AccountRepositoryImpl.java b/client-impl/src/main/java/ru/dragonestia/picker/api/impl/repository/AccountRepositoryImpl.java index 0d50c12..9b81749 100644 --- a/client-impl/src/main/java/ru/dragonestia/picker/api/impl/repository/AccountRepositoryImpl.java +++ b/client-impl/src/main/java/ru/dragonestia/picker/api/impl/repository/AccountRepositoryImpl.java @@ -60,4 +60,11 @@ public class AccountRepositoryImpl implements AccountRepository { params.put("permissions", String.join(",", permissions)); }); } + + @Override + public void setPassword(@NotNull IAccount account, @NotNull String newPassword) { + rest.query("/accounts/" + account.getUsername() + "/password", HttpMethod.PUT, params -> { + params.put("newPassword", newPassword); + }); + } } diff --git a/control-panel/src/main/java/ru/dragonestia/picker/cp/page/AccountDetailsPage.java b/control-panel/src/main/java/ru/dragonestia/picker/cp/page/AccountDetailsPage.java index 6da64c8..00810a6 100644 --- a/control-panel/src/main/java/ru/dragonestia/picker/cp/page/AccountDetailsPage.java +++ b/control-panel/src/main/java/ru/dragonestia/picker/cp/page/AccountDetailsPage.java @@ -91,7 +91,7 @@ public class AccountDetailsPage extends VerticalLayout implements BeforeEnterObs return; } - //TODO: change password + client.getAccountRepository().setPassword(account, pass); Notifications.success("Password successfully changed!"); newPassword.setValue(""); confirmPassword.setValue(""); diff --git a/server/src/main/java/ru/dragonestia/picker/controller/AccountsController.java b/server/src/main/java/ru/dragonestia/picker/controller/AccountsController.java index 62d0a39..6c038aa 100644 --- a/server/src/main/java/ru/dragonestia/picker/controller/AccountsController.java +++ b/server/src/main/java/ru/dragonestia/picker/controller/AccountsController.java @@ -6,6 +6,7 @@ import org.springframework.http.ResponseEntity; import org.springframework.security.access.prepost.PreAuthorize; import org.springframework.security.core.context.SecurityContextHolder; import org.springframework.security.core.userdetails.UsernameNotFoundException; +import org.springframework.security.crypto.password.PasswordEncoder; import org.springframework.web.bind.annotation.*; import ru.dragonestia.picker.api.exception.AccountDoesNotExistsException; import ru.dragonestia.picker.api.exception.PermissionNotFoundException; @@ -24,6 +25,7 @@ import java.util.HashSet; public class AccountsController { private final AccountService accountService; + private final PasswordEncoder passwordEncoder; @GetMapping("/current") ResponseAccount currentAccount() { @@ -97,4 +99,14 @@ public class AccountsController { return ResponseEntity.ok().build(); } + + @PreAuthorize("hasRole('ADMIN') || principal.username.equals(accountId)") + @PutMapping("/{accountId}/password") + ResponseEntity changePassword(@PathVariable String accountId, @RequestParam String newPassword) { + var account = accountService.findAccount(accountId).orElseThrow(() -> new AccountDoesNotExistsException(accountId)); + account.setPassword(passwordEncoder.encode(newPassword)); + accountService.updateState(account); + + return ResponseEntity.ok().build(); + } } diff --git a/server/src/main/java/ru/dragonestia/picker/service/AccountService.java b/server/src/main/java/ru/dragonestia/picker/service/AccountService.java index 1a3a516..83f4500 100644 --- a/server/src/main/java/ru/dragonestia/picker/service/AccountService.java +++ b/server/src/main/java/ru/dragonestia/picker/service/AccountService.java @@ -22,7 +22,7 @@ public interface AccountService extends UserDetailsService { @PreAuthorize("hasRole('ADMIN')") void removeAccount(@NotNull Account account); - @PreAuthorize("hasRole('ADMIN')") + @PreAuthorize("hasRole('ADMIN') || principal.username.equals(account.username)") void updateState(@NotNull Account account); @Override