Add must-change-password cli parameter
#27626
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
GiteaBot
added
the
lgtm/need 2
pull-request-size
bot
added
the
size/XS
github-actions
bot
added
modifies/cli
KN4CK3R
force-pushed
the
enhancement-cli-password
branch
from
2e17689
to
3a08cc3
Compare
delvh
approved these changes
Oct 14, 2023
GiteaBot
added
lgtm/need 1
lunny
reviewed
Oct 15, 2023
6543
requested changes
Oct 20, 2023
GiteaBot
added
lgtm/blocked
This reverts commit 77e2e23.
pull-request-size
bot
added
size/S
6543
approved these changes
Oct 20, 2023
GiteaBot
added
lgtm/done
|
@KN4CK3R I did make it the same as the other option ... if you disagree please force push that change away :) |
|
@6543 So, what's the command line for changing a users password without requesting a change from them? |
|
|
|
Yep, and that's wrong:
inverted command:
|
|
ah now I get your concerns ... let me fix that issue ... |
diff --git a/cmd/admin_user_change_password.go b/cmd/admin_user_change_password.go
index f1b08c197e..1a7d96a920 100644
--- a/cmd/admin_user_change_password.go
+++ b/cmd/admin_user_change_password.go
@@ -32,11 +32,7 @@ var microcmdUserChangePassword = &cli.Command{
Value: "",
Usage: "New password to set for user",
},
- &cli.BoolFlag{
- Name: "must-change-password",
- Value: true,
- Usage: "User must change password",
- },
+ mustChangePasswordFlag,
},
}
@@ -74,7 +70,7 @@ func runChangePassword(c *cli.Context) error {
return err
}
- user.MustChangePassword = c.Bool("must-change-password")
+ user.MustChangePassword = mustChangePassword(c)
if err = user_model.UpdateUserCols(ctx, user, "must_change_password", "passwd", "passwd_hash_algo", "salt"); err != nil {
return err
diff --git a/cmd/admin_user_create.go b/cmd/admin_user_create.go
index fefe18d39c..2f4a1d0843 100644
--- a/cmd/admin_user_create.go
+++ b/cmd/admin_user_create.go
@@ -45,10 +45,7 @@ var microcmdUserCreate = &cli.Command{
Name: "random-password",
Usage: "Generate a random password for the user",
},
- &cli.BoolFlag{
- Name: "must-change-password",
- Usage: "Set this option to false to prevent forcing the user to change their password after initial login, (Default: true)",
- },
+ mustChangePasswordFlag,
&cli.IntFlag{
Name: "random-password-length",
Usage: "Length of the random password to be generated",
@@ -110,19 +107,14 @@ func runCreateUser(c *cli.Context) error {
return errors.New("must set either password or random-password flag")
}
- // always default to true
- changePassword := true
+ changePassword := mustChangePassword(c)
// If this is the first user being created.
// Take it as the admin and don't force a password update.
- if n := user_model.CountUsers(ctx, nil); n == 0 {
+ if !c.IsSet("must-change-password") && user_model.CountUsers(ctx, nil) == 0 {
changePassword = false
}
- if c.IsSet("must-change-password") {
- changePassword = c.Bool("must-change-password")
- }
-
restricted := util.OptionalBoolNone
if c.IsSet("restricted") { |
|
// Copyright 2023 The Gitea Authors. All rights reserved.
// SPDX-License-Identifier: MIT
package cmd
import (
"strconv"
"github.com/urfave/cli/v2"
)
var mustChangePasswordFlag = &cli.StringFlag{
Name: "must-change-password",
Value: "true",
Usage: "Set this option to false to prevent forcing the user to change their password after initial login, (Default: true)",
}
// return bool of must-change-password flag
func mustChangePassword(c *cli.Context) bool {
v, _ := strconv.ParseBool(c.String("must-change-password"))
return v
} |
|
what do you think? |
|
Personally I would not want this workaround because it's different to every other command. |
wxiaoguang
reviewed
Nov 17, 2023
| @@ -95,6 +95,7 @@ Admin operations: | |||
| - Options: | |||
| - `--username value`, `-u value`: Username. Required. | |||
| - `--password value`, `-p value`: New password. Required. | |||
| - `--must-change-password`: If provided, the user is required to choose a new password after the login. Optional. (default: true). | |||
There was a problem hiding this comment.
Suggested change
| - `--must-change-password`: If provided, the user is required to choose a new password after the login. Optional. (default: true). | |
| - `--must-change-password`, `--must-change-password=true/false`: If provided, the user is required to choose a new password after the login. Optional. |
The (default: true) and optional might cause misunderstanding IMO.
I think everyone could understand that --must-change-password means --must-change-password=true
Or just follow the wording above, like - `--admin`: If provided, this makes the user an admin. Optional.
There was a problem hiding this comment.
Is there any other suggestion? If no, could I commit this suggestion and approve?
There was a problem hiding this comment.
Changed the wording. Now the default is false if the flag is not set. I still think this should default to true.
There was a problem hiding this comment.
Sure, but I think if it defaults to true, then it might needs some new wording. (the old one makes me think for quite a long time to understand what is "optional" and what is "default: true" ....)
Maybe like this?
- `--must-change-password`: Default to true, the user is required to choose a new password after login. Use `--must-change-password=false` to disable this option.
Anyway, no better idea from my side. Either is fine to me.
There was a problem hiding this comment.
I think I just used the wording from here:
gitea/docs/content/administration/command-line.en-us.md
Lines 86 to 87 in 360b3fd
Maybe we should have a common format for optional and required parameters.
pull-request-size
bot
added
size/XS
pull-request-size
bot
added
size/S
wxiaoguang
approved these changes
Feb 3, 2024
lafriks
approved these changes
Feb 3, 2024
zjjhot
added a commit
to zjjhot/gitea
that referenced
this pull request
Feb 4, 2024
* giteaofficial/main: Add `must-change-password` cli parameter (go-gitea#27626) Include username in email headers (go-gitea#28981) Update tool dependencies (go-gitea#29030) Add artifacts v4 jwt to job message and accept it (go-gitea#28885) Pass es2020 to esbuild-loader as well (go-gitea#29027) Fix default avatar image size in PR diff page (go-gitea#28971) Update JS and PY dependencies, build for `es2020` browsers (go-gitea#28977)
silverwind
pushed a commit
to silverwind/gitea
that referenced
this pull request
Feb 20, 2024
This PR adds a new `must-change-password` parameter to the `change-password` cli command. We already have the `must-change-password` command but it feels natural to have this integrated into the `change-password` cli command. --------- Co-authored-by: 6543 <6543@obermui.de>
|
-> Improve "must-change-password" logic and document #30472 |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR adds a new
must-change-passwordparameter to thechange-passwordcli command.We already have the
must-change-passwordcommand but it feels natural to have this integrated into thechange-passwordcli command.