Uploaded image for project: 'Reference Application'
  1. Reference Application
  2. RA-931

Need way for admin to change a user's password

    Details

    • Complexity:
      Undetermined

      Description

      Background

      In Reference Application 2.3, in the Admin UI module, we intentionally do not allow an admin to set another user's password (principle of "non-repudiation"), even though this was previously allowed in the Legacy UI.

      However, per complaint by James Arbaugh, we are being too strict: in real life there needs to be some way to unlock a user account if the user has forgotten their password and secret question/answer.

      Acceptance Criteria

      1. On the Edit Account page (e.g. http://demo.openmrs.org/openmrs/adminui/systemadmin/accounts/account.page?personId=4) for someone that has a user account, there should be a Reset Password button
      2. Clicking the Reset Password button should pop up a confirmation dialog
      3. If you say Yes to the confirmation dialog, then
        1. the user's password should be set to a new random password
        2. the "need to change password" flag should be set to true for the user
        3. the auto-generated password should be displayed on the screen with instructions telling the admin to communicate this to the user for a one-time login, then they can set their own password.
        4. a line must be written (at INFO level) to the log file saying which user changed the password of which other user
      4. Create another ticket (with a barebones description), for a future release, about capturing email addresses for users, so they may safely reset passwords themselves.

      See: https://talk.openmrs.org/t/how-can-an-admin-change-a-users-password/3342/5

        Gliffy Diagrams

          Attachments

            Issue Links

              Attachments-Category-Modification

                Activity

                  People

                  • Assignee:
                    irindu Irindu Nugawela
                    Reporter:
                    arbaughj James Arbaugh
                  • Votes:
                    2 Vote for this issue
                    Watchers:
                    9 Start watching this issue

                    Dates

                    • Created:
                      Updated: