admin.go

TLDR

This file, admin.go, contains a handler function handleAdminSetPassword for handling requests related to setting the admin password. It also includes a data structure AdminSetPasswordData for capturing the password in the request body.

Methods

handleAdminSetPassword

This method is responsible for handling requests to set the admin password. It reads the request body, validates the password, and updates the user's password in the database. It also logs an audit record and returns a JSON response with a success status.

Classes

None

package api

import (
	"encoding/json"
	"io"
	"net/http"
	"strings"

	"github.com/gorilla/mux"
	"github.com/mattermost/focalboard/server/model"
	"github.com/mattermost/focalboard/server/services/audit"

	"github.com/mattermost/mattermost-server/v6/shared/mlog"
)

type AdminSetPasswordData struct {
	Password string `json:"password"`
}

func (a *API) handleAdminSetPassword(w http.ResponseWriter, r *http.Request) {
	vars := mux.Vars(r)
	username := vars["username"]

	requestBody, err := io.ReadAll(r.Body)
	if err != nil {
		a.errorResponse(w, r, err)
		return
	}

	var requestData AdminSetPasswordData
	err = json.Unmarshal(requestBody, &requestData)
	if err != nil {
		a.errorResponse(w, r, err)
		return
	}

	auditRec := a.makeAuditRecord(r, "adminSetPassword", audit.Fail)
	defer a.audit.LogRecord(audit.LevelAuth, auditRec)
	auditRec.AddMeta("username", username)

	if !strings.Contains(requestData.Password, "") {
		a.errorResponse(w, r, model.NewErrBadRequest("password is required"))
		return
	}

	err = a.app.UpdateUserPassword(username, requestData.Password)
	if err != nil {
		a.errorResponse(w, r, err)
		return
	}

	a.logger.Debug("AdminSetPassword, username: %s", mlog.String("username", username))

	jsonStringResponse(w, http.StatusOK, "{}")
	auditRec.Success()
}