diff --git a/modules/backend/controllers/Users.php b/modules/backend/controllers/Users.php index 15bd175c6d..65040fbbcb 100644 --- a/modules/backend/controllers/Users.php +++ b/modules/backend/controllers/Users.php @@ -149,6 +149,22 @@ public function update_onImpersonateUser($recordId) return Backend::redirect('backend/users/myaccount'); } + /** + * Send a password restore email to this user + * @param int $recordId + * @return Response|void + */ + public function update_onSendPasswordRestore($recordId) + { + if (!$this->user->hasAccess('backend.manage_users')) { + return Response::make(Lang::get('backend::lang.page.access_denied.label'), 403); + } + + $this->formFindModelObject($recordId)->sendPasswordRestore(); + + Flash::success(Lang::get('backend::lang.account.send_password_restore_success')); + } + /** * Unsuspend this user */ diff --git a/modules/backend/controllers/users/_btn_password_restore.htm b/modules/backend/controllers/users/_btn_password_restore.htm new file mode 100644 index 0000000000..683d2d182c --- /dev/null +++ b/modules/backend/controllers/users/_btn_password_restore.htm @@ -0,0 +1,14 @@ +user->hasAccess('backend.manage_users')): ?> +
+ +
+ diff --git a/modules/backend/lang/en/lang.php b/modules/backend/lang/en/lang.php index 6fbafc7a96..37549da0b3 100644 --- a/modules/backend/lang/en/lang.php +++ b/modules/backend/lang/en/lang.php @@ -71,6 +71,10 @@ 'reset_success' => 'Password has been reset. You may now sign in.', 'reset_error' => 'Invalid password reset data supplied. Please try again!', 'reset_fail' => 'Unable to reset your password!', + 'send_password_restore' => 'Send Password Restore', + 'send_password_restore_confirm' => 'Are you sure you want to send this user a passowrd restore email?', + 'send_password_restore_success' => 'Password restore email sent', + 'send_password_restore_working' => 'Sending...', 'apply' => 'Apply', 'cancel' => 'Cancel', 'delete' => 'Delete', @@ -148,7 +152,7 @@ 'superuser' => 'Super User', 'superuser_comment' => 'Grants this account unlimited access to all areas of the system. Super users can add and manage other users. ', 'send_invite' => 'Send invitation by email', - 'send_invite_comment' => 'Sends a welcome message containing login and password information.', + 'send_invite_comment' => 'Sends a welcome message containing login and password information. If a password is not set, the message will include a password reset link.', 'delete_confirm' => 'Delete this administrator?', 'return' => 'Return to admin list', 'allow' => 'Allow', diff --git a/modules/backend/models/User.php b/modules/backend/models/User.php index b04d681594..330a3ef435 100644 --- a/modules/backend/models/User.php +++ b/modules/backend/models/User.php @@ -27,8 +27,8 @@ class User extends UserBase public $rules = [ 'email' => 'required|between:6,255|email|unique:backend_users', 'login' => 'required|between:2,255|unique:backend_users', - 'password' => 'required:create|min:4|confirmed', - 'password_confirmation' => 'required_with:password|min:4' + 'password' => 'sometimes|min:4|confirmed', + 'password_confirmation' => 'sometimes|required_with:password|min:4' ]; /** @@ -152,6 +152,21 @@ public function afterLogin() Event::fire('backend.user.login', [$this]); } + /** + * Generates a link to the backend, or a password reset link if no password was set on creation. + * @return string + */ + public function getInvitationLink() + { + if (!$this->password) { + $code = $this->getResetPasswordCode(); + + return Backend::url('backend/auth/reset/' . $this->id . '/' . $code); + } + + return Backend::url('backend'); + } + /** * Sends an invitation to the user using template "backend::mail.invite". * @return void @@ -161,8 +176,7 @@ public function sendInvitation() $data = [ 'name' => $this->full_name, 'login' => $this->login, - 'password' => $this->getOriginalHashValue('password'), - 'link' => Backend::url('backend'), + 'link' => $this->getInvitationLink(), ]; Mail::send('backend::mail.invite', $data, function ($message) { @@ -170,6 +184,27 @@ public function sendInvitation() }); } + + /** + * Sends a password restore link to the user using template "backend::mail.restore". + * @return void + */ + public function sendPasswordRestore() + { + $code = $this->getResetPasswordCode(); + + $link = Backend::url('backend/auth/reset/' . $this->id . '/' . $code); + + $data = [ + 'name' => $this->full_name, + 'link' => $link, + ]; + + Mail::send('backend::mail.restore', $data, function ($message) { + $message->to($this->email, $this->full_name)->subject(trans('backend::lang.account.password_reset')); + }); + } + public function getGroupsOptions() { $result = []; diff --git a/modules/backend/models/user/fields.yaml b/modules/backend/models/user/fields.yaml index bbfbae286f..65baea18bd 100644 --- a/modules/backend/models/user/fields.yaml +++ b/modules/backend/models/user/fields.yaml @@ -75,6 +75,10 @@ secondaryTabs: label: '' context: [update] type: partial + btn_password_restore: + label: '' + context: [update] + type: partial avatar: label: backend::lang.user.avatar type: fileupload diff --git a/modules/backend/views/mail/invite.htm b/modules/backend/views/mail/invite.htm index da43549e75..0789085f09 100644 --- a/modules/backend/views/mail/invite.htm +++ b/modules/backend/views/mail/invite.htm @@ -8,7 +8,6 @@ {% partial 'panel' body %} - Login: `{{ login ?: 'sample' }}` -- Password: `{{ (password ?: '********') | raw }}` {% endpartial %} You can use the following link to sign in: @@ -17,4 +16,4 @@ Sign in to admin area {% endpartial %} -After signing in you should change your password by clicking your name on the top right corner of the administration area. +After signing in, you may be asked to set a new password if one was not created for you.