X-Git-Url: https://git.argeo.org/?a=blobdiff_plain;f=security%2Fruntime%2Forg.argeo.security.mvc%2Fsrc%2Fmain%2Fjava%2Forg%2Fargeo%2Fsecurity%2Fmvc%2FUsersRolesController.java;h=a4a2e4556360051f0cb078384d2d5c827fa9151c;hb=12f0ab4fa622e3507570f5dcbe586c05131a0050;hp=8b09b94a5d273571184cdf6fae90c88029a19a58;hpb=b00a7e9898ea2819100290cab22bf614e23a3abf;p=lgpl%2Fargeo-commons.git

diff --git a/security/runtime/org.argeo.security.mvc/src/main/java/org/argeo/security/mvc/UsersRolesController.java b/security/runtime/org.argeo.security.mvc/src/main/java/org/argeo/security/mvc/UsersRolesController.java
index 8b09b94a5..a4a2e4556 100644
--- a/security/runtime/org.argeo.security.mvc/src/main/java/org/argeo/security/mvc/UsersRolesController.java
+++ b/security/runtime/org.argeo.security.mvc/src/main/java/org/argeo/security/mvc/UsersRolesController.java
@@ -9,7 +9,7 @@ import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
 import org.argeo.security.ArgeoSecurityService;
 import org.argeo.security.ArgeoUser;
-import org.argeo.security.BasicArgeoUser;
+import org.argeo.security.SimpleArgeoUser;
 import org.argeo.security.core.ArgeoUserDetails;
 import org.argeo.server.BooleanAnswer;
 import org.argeo.server.DeserializingEditor;
@@ -36,7 +36,7 @@ public class UsersRolesController implements MvcConstants {
 
 	@InitBinder
 	public void initBinder(WebDataBinder binder) {
-		binder.registerCustomEditor(BasicArgeoUser.class,
+		binder.registerCustomEditor(SimpleArgeoUser.class,
 				new DeserializingEditor(userDeserializer));
 	}
 
@@ -128,7 +128,25 @@ public class UsersRolesController implements MvcConstants {
 	@ModelAttribute(ANSWER_MODEL_KEY)
 	public ServerAnswer deleteRole(@RequestParam("role") String role) {
 		securityService.getSecurityDao().deleteRole(role);
-		return ServerAnswer.ok("Role " + role + " created");
+		return ServerAnswer.ok("Role " + role + " deleted");
+	}
+
+	@RequestMapping("/updateUserPassword.security")
+	@ModelAttribute(ANSWER_MODEL_KEY)
+	public ServerAnswer updateUserPassword(
+			@RequestParam("username") String username,
+			@RequestParam("password") String password) {
+		securityService.updateUserPassword(username, password);
+		return ServerAnswer.ok("Password updated for user " + username);
+	}
+
+	@RequestMapping("/updatePassword.security")
+	@ModelAttribute(ANSWER_MODEL_KEY)
+	public ServerAnswer updatePassword(
+			@RequestParam("password") String password,
+			@RequestParam("oldPassword") String oldPassword) {
+		securityService.getSecurityDao().updatePassword(oldPassword, password);
+		return ServerAnswer.ok("Password updated");
 	}
 
 	protected void cleanUserBeforeCreate(ArgeoUser user) {