X-Git-Url: https://git.argeo.org/?a=blobdiff_plain;f=security%2Fruntime%2Forg.argeo.security.mvc%2Fsrc%2Fmain%2Fjava%2Forg%2Fargeo%2Fsecurity%2Fmvc%2FUsersRolesController.java;h=e73522cf4a4b6f072c1bd7d750bdd90082dbff65;hb=ec59a58bc368dc922a454d52eb70bb91dfd68793;hp=8b09b94a5d273571184cdf6fae90c88029a19a58;hpb=b00a7e9898ea2819100290cab22bf614e23a3abf;p=lgpl%2Fargeo-commons.git

diff --git a/security/runtime/org.argeo.security.mvc/src/main/java/org/argeo/security/mvc/UsersRolesController.java b/security/runtime/org.argeo.security.mvc/src/main/java/org/argeo/security/mvc/UsersRolesController.java
index 8b09b94a5..e73522cf4 100644
--- a/security/runtime/org.argeo.security.mvc/src/main/java/org/argeo/security/mvc/UsersRolesController.java
+++ b/security/runtime/org.argeo.security.mvc/src/main/java/org/argeo/security/mvc/UsersRolesController.java
@@ -128,7 +128,25 @@ public class UsersRolesController implements MvcConstants {
 	@ModelAttribute(ANSWER_MODEL_KEY)
 	public ServerAnswer deleteRole(@RequestParam("role") String role) {
 		securityService.getSecurityDao().deleteRole(role);
-		return ServerAnswer.ok("Role " + role + " created");
+		return ServerAnswer.ok("Role " + role + " deleted");
+	}
+
+	@RequestMapping("/updateUserPassword.security")
+	@ModelAttribute(ANSWER_MODEL_KEY)
+	public ServerAnswer updateUserPassword(
+			@RequestParam("username") String username,
+			@RequestParam("password") String password) {
+		securityService.updateUserPassword(username, password);
+		return ServerAnswer.ok("Password updated for user " + username);
+	}
+
+	@RequestMapping("/updatePassword.security")
+	@ModelAttribute(ANSWER_MODEL_KEY)
+	public ServerAnswer updatePassword(
+			@RequestParam("password") String password,
+			@RequestParam("oldPassword") String oldPassword) {
+		securityService.getSecurityDao().updatePassword(oldPassword, password);
+		return ServerAnswer.ok("Password updated");
 	}
 
 	protected void cleanUserBeforeCreate(ArgeoUser user) {