added change password

ScarletRedMan · May 3, 2024 · ab92864 · ab92864
1 parent a41575b
commit ab92864
Show file tree

Hide file tree

Showing 5 changed files with 23 additions and 2 deletions.
diff --git a/client-api/src/main/java/ru/dragonestia/picker/api/repository/AccountRepository.java b/client-api/src/main/java/ru/dragonestia/picker/api/repository/AccountRepository.java
@@ -19,4 +19,6 @@ public interface AccountRepository {
     void removeAccount(@NotNull IAccount account);
 
     void setPermissions(@NotNull IAccount account, @NotNull List<String> permissions);
+
+    void setPassword(@NotNull IAccount account, @NotNull String newPassword);
 }
diff --git a/...t-impl/src/main/java/ru/dragonestia/picker/api/impl/repository/AccountRepositoryImpl.java b/...t-impl/src/main/java/ru/dragonestia/picker/api/impl/repository/AccountRepositoryImpl.java
@@ -60,4 +60,11 @@ public void setPermissions(@NotNull IAccount account, @NotNull List<String> perm
             params.put("permissions", String.join(",", permissions));
         });
     }
+
+    @Override
+    public void setPassword(@NotNull IAccount account, @NotNull String newPassword) {
+        rest.query("/accounts/" + account.getUsername() + "/password", HttpMethod.PUT, params -> {
+            params.put("newPassword", newPassword);
+        });
+    }
 }
diff --git a/control-panel/src/main/java/ru/dragonestia/picker/cp/page/AccountDetailsPage.java b/control-panel/src/main/java/ru/dragonestia/picker/cp/page/AccountDetailsPage.java
@@ -91,7 +91,7 @@ private void createChangePassword() {
                 return;
             }
 
-            //TODO: change password
+            client.getAccountRepository().setPassword(account, pass);
             Notifications.success("Password successfully changed!");
             newPassword.setValue("");
             confirmPassword.setValue("");

diff --git a/server/src/main/java/ru/dragonestia/picker/controller/AccountsController.java b/server/src/main/java/ru/dragonestia/picker/controller/AccountsController.java
@@ -6,6 +6,7 @@
 import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.security.core.context.SecurityContextHolder;
 import org.springframework.security.core.userdetails.UsernameNotFoundException;
+import org.springframework.security.crypto.password.PasswordEncoder;
 import org.springframework.web.bind.annotation.*;
 import ru.dragonestia.picker.api.exception.AccountDoesNotExistsException;
 import ru.dragonestia.picker.api.exception.PermissionNotFoundException;
@@ -24,6 +25,7 @@
 public class AccountsController {
 
     private final AccountService accountService;
+    private final PasswordEncoder passwordEncoder;
 
     @GetMapping("/current")
     ResponseAccount currentAccount() {
@@ -97,4 +99,14 @@ ResponseEntity<?> removeAccount(@PathVariable String accountId) {
 
         return ResponseEntity.ok().build();
     }
+
+    @PreAuthorize("hasRole('ADMIN') || principal.username.equals(accountId)")
+    @PutMapping("/{accountId}/password")
+    ResponseEntity<?> changePassword(@PathVariable String accountId, @RequestParam String newPassword) {
+        var account = accountService.findAccount(accountId).orElseThrow(() -> new AccountDoesNotExistsException(accountId));
+        account.setPassword(passwordEncoder.encode(newPassword));
+        accountService.updateState(account);
+
+        return ResponseEntity.ok().build();
+    }
 }
diff --git a/server/src/main/java/ru/dragonestia/picker/service/AccountService.java b/server/src/main/java/ru/dragonestia/picker/service/AccountService.java
@@ -22,7 +22,7 @@ public interface AccountService extends UserDetailsService {
     @PreAuthorize("hasRole('ADMIN')")
     void removeAccount(@NotNull Account account);
 
-    @PreAuthorize("hasRole('ADMIN')")
+    @PreAuthorize("hasRole('ADMIN') || principal.username.equals(account.username)")
     void updateState(@NotNull Account account);
 
     @Override