Uploaded image for project: 'Reference Application'
  1. Reference Application
  2. RA-931

Need way for admin to change a user's password

    XMLWordPrintable

Details

    • Improvement
    • Status: Waiting on Information
    • TBD
    • Resolution: Unresolved
    • Reference Application 2.3, Reference Application 2.10.0
    • None
    • None
    • Undetermined

    Description

      Background

      In Reference Application 2.3, in the Admin UI module, we intentionally do not allow an admin to set another user's password (principle of "non-repudiation"), even though this was previously allowed in the Legacy UI.

      However, per complaint by arbaughj, we are being too strict: in real life there needs to be some way to unlock a user account if the user has forgotten their password and secret question/answer.

      Acceptance Criteria

      1. On the Edit Account page (e.g. http://demo.openmrs.org/openmrs/adminui/systemadmin/accounts/account.page?personId=4) for someone that has a user account, there should be a Reset Password button
      2. Clicking the Reset Password button should pop up a confirmation dialog
      3. If you say Yes to the confirmation dialog, then
        1. the user's password should be set to a new random password
        2. the "need to change password" flag should be set to true for the user
        3. the auto-generated password should be displayed on the screen with instructions telling the admin to communicate this to the user for a one-time login, then they can set their own password.
        4. a line must be written (at INFO level) to the log file saying which user changed the password of which other user
      4. Create another ticket (with a barebones description), for a future release, about capturing email addresses for users, so they may safely reset passwords themselves.

      See: https://talk.openmrs.org/t/how-can-an-admin-change-a-users-password/3342/5

      Gliffy Diagrams

        Attachments

          Issue Links

            Activity

              People

                Unassigned Unassigned
                arbaughj James Arbaugh
                Votes:
                2 Vote for this issue
                Watchers:
                12 Start watching this issue

                Dates

                  Created:
                  Updated: