auth::password::reset (public)

 auth::password::reset [ -admin ] -authority_id authority_id \
    -username username

Defined in packages/acs-authentication/tcl/password-procs.tcl

Reset the user's password, which means setting it to a new randomly generated password and inform the user of that new password.

Switches:
-admin (optional, boolean)
Specify this flag if this call represents an admin changing a user's password.
-authority_id (required)
The authority of the user
-username (required)
The username of the user
Returns:
An array list with the following entries:
  • password_status: ok, no_account, not_supported, reset_error, failed_to_connect
  • password_message: A human-readable message to be relayed to the user. May be empty if password_status is ok. May include HTML. Could be empty if password_status is ok.
  • password: The new, automatically generated password. If no password is included in the return array, that means the new password has already been sent to the user somehow. If it is returned, it means that caller is responsible for informing the user of his/her new password.

Partial Call Graph (max 5 caller/called nodes):
%3 test_auth_password_reset auth_password_reset (test acs-authentication) auth::password::reset auth::password::reset test_auth_password_reset->auth::password::reset _ _ (public) auth::password::reset->_ ad_conn ad_conn (public) auth::password::reset->ad_conn ad_log ad_log (public) auth::password::reset->ad_log ad_try ad_try (public) auth::password::reset->ad_try auth::password::ResetPassword auth::password::ResetPassword (private) auth::password::reset->auth::password::ResetPassword auth::password::recover_password auth::password::recover_password (public) auth::password::recover_password->auth::password::reset packages/acs-admin/www/users/password-reset.tcl packages/acs-admin/ www/users/password-reset.tcl packages/acs-admin/www/users/password-reset.tcl->auth::password::reset

Testcases:
auth_password_reset
Source code:
    ad_try {
        array set result [auth::password::ResetPassword  -authority_id $authority_id  -username $username]

        # We do this so that if there aren't even a password_status in the array, that gets caught below
        set dummy $result(password_status)
    } on error {errorMsg} {
        set result(password_status) failed_to_connect
        set result(password_message) "Error invoking the password management driver."
        ad_log Error "Error invoking password management driver for authority_id = $authority_id: $errorMsg"
    }

    # Check the result code and provide canned responses
    switch $result(password_status) {
        ok {
            if { [info exists result(password)] && $result(password) ne ""
                 && (!$admin_p || [parameter::get  -parameter EmailChangedPasswordP  -package_id [ad_conn subsite_id]  -default 1])
             } {
                # We have retrieved or reset a forgotten password that we should email to the user
                ad_try {
                    auth::password::email_password  -authority_id $authority_id  -username $username  -password $result(password)  -subject_msg_key "acs-subsite.email_subject_Forgotten_password"  -body_msg_key "acs-subsite.email_body_Forgotten_password"
                } on error {errorMsg} {
                    # We could not inform the user of his email - we failed
                    set result(password_status) "failed_to_connect"
                    set result(password_message) [_ acs-subsite.Error_sending_mail]
                    ad_log Error "We had an error sending out email with new password to username $username, authority $authority_id: $errorMsg"
                }
            }
            if { ![info exists result(password_message)] || $result(password_message) eq "" } {
                set result(password_message) [_ acs-subsite.Check_Your_Inbox]
            }
        }
        no_account - not_supported - retrieve_error - failed_to_connect {
            if { ![info exists result(password_message)] || $result(password_message) eq "" } {
                array set default_message {
                    no_account {Unknown username}
                    not_supported {This operation is not supported}
                    reset_error {Error resetting password}
                    failed_to_connect {Error communicating with authentication server}
                }
                set result(password_message) $default_message($result(password_status))
            }
        }
        default {
            set result(password_status) "failed_to_connect"
            set result(password_message) "Illegal error code returned from password management driver"
        }
    }

    return [array get result]
XQL Not present:
Generic, PostgreSQL, Oracle
[ hide source ] | [ make this the default ]
Show another procedure: