RE1-T113 Set pw on first login

Author: ucswift

Core/Resgrid.Model/DepartmentMember.cs

@@ -80,6 +80,13 @@ public class DepartmentMember : IEntity
 		/// </summary>
 		public DateTime? PasswordLastSetOn { get; set; }
 
+		/// <summary>
+		/// When true the user must change their password on next login.
+		/// Set by admins when creating accounts or resetting passwords.
+		/// Cleared automatically after the user completes the forced password change.
+		/// </summary>
+		public bool MustChangePassword { get; set; }
+
 		[NotMapped]
 		public string TableName => "DepartmentMembers";
 

Core/Resgrid.Services/DepartmentsService.cs

@@ -289,7 +289,7 @@ public async Task<string> GetUserIdForDeletedUserInDepartmentAsync(int departmen
 			if (member != null)
 			{
 				member.IsDeleted = true;
-				var savedMember = _departmentMembersRepository.SaveOrUpdateAsync(member, cancellationToken);
+				await _departmentMembersRepository.SaveOrUpdateAsync(member, cancellationToken);
 
 				var member2 = await _departmentMembersRepository.GetDepartmentMemberByDepartmentIdAndUserIdAsync(departmentId, userIdToDelete);
 

Core/Resgrid.Services/UsersService.cs

@@ -97,7 +97,7 @@ public async Task<bool> DoesUserHaveAnyActiveDepartments(string userName)
 			var user = await GetUserByNameAsync(userName);
 			var memberships = await _departmentMembersRepository.GetAllByUserIdAsync(user.UserId);
 
-			return memberships.Any(x => x.IsDeleted == false);
+			return memberships.Any(x => x.IsDeleted == false && (x.IsDisabled == null || x.IsDisabled == false));
 		}
 
 		public IdentityUser GetUserById(string userId, bool bypassCache = true)

Providers/Resgrid.Providers.Migrations/Migrations/M0064_AddingMustChangePassword.cs

@@ -0,0 +1,19 @@
+using FluentMigrator;
+
+namespace Resgrid.Providers.Migrations.Migrations
+{
+	[Migration(64)]
+	public class M0064_AddingMustChangePassword : Migration
+	{
+		public override void Up()
+		{
+			Alter.Table("DepartmentMembers")
+				.AddColumn("MustChangePassword").AsBoolean().NotNullable().WithDefaultValue(false);
+		}
+
+		public override void Down()
+		{
+			Delete.Column("MustChangePassword").FromTable("DepartmentMembers");
+		}
+	}
+}

Providers/Resgrid.Providers.MigrationsPg/Migrations/M0064_AddingMustChangePasswordPg.cs

@@ -0,0 +1,19 @@
+using FluentMigrator;
+
+namespace Resgrid.Providers.MigrationsPg.Migrations
+{
+	[Migration(64)]
+	public class M0064_AddingMustChangePasswordPg : Migration
+	{
+		public override void Up()
+		{
+			Alter.Table("DepartmentMembers".ToLower())
+				.AddColumn("MustChangePassword".ToLower()).AsBoolean().NotNullable().WithDefaultValue(false);
+		}
+
+		public override void Down()
+		{
+			Delete.Column("MustChangePassword".ToLower()).FromTable("DepartmentMembers".ToLower());
+		}
+	}
+}

Web/Resgrid.Web/Areas/User/Controllers/PersonnelController.cs

@@ -547,6 +547,16 @@ public async Task<IActionResult> AddPerson(AddPersonModel model, IFormCollection
 
 					await _departmentsService.AddUserToDepartmentAsync(DepartmentId, user.UserId, false, cancellationToken);
 
+					if (model.MustChangePasswordOnLogin)
+					{
+						var member = await _departmentsService.GetDepartmentMemberAsync(user.UserId, DepartmentId);
+						if (member != null)
+						{
+							member.MustChangePassword = true;
+							await _departmentsService.SaveDepartmentMemberAsync(member, cancellationToken);
+						}
+					}
+
 					var userObject = _usersService.GetUserById(user.UserId);
 
 					_eventAggregator.SendMessage<UserCreatedEvent>(new UserCreatedEvent() { DepartmentId = DepartmentId, Name = string.Format("{0} {1}", model.FirstName, model.LastName), User = userObject });

Web/Resgrid.Web/Areas/User/Controllers/ProfileController.cs

@@ -1000,6 +1000,13 @@ public async Task<IActionResult>  ResetPasswordForUser(ResetPasswordForUserView
 			{
 				await _departmentSsoService.RecordPasswordChangedAsync(DepartmentId, model.UserId);
 
+				var member = await _departmentsService.GetDepartmentMemberAsync(model.UserId, DepartmentId);
+				if (member != null)
+				{
+					member.MustChangePassword = model.MustChangePasswordOnLogin;
+					await _departmentsService.SaveDepartmentMemberAsync(member);
+				}
+
 				if (model.EmailUser)
 					await _emailService.SendPasswordResetEmail(model.Email, model.Name, user.UserName, model.Password, userDepartment.Name);
 

Web/Resgrid.Web/Areas/User/Models/AddPersonModel.cs

@@ -63,5 +63,7 @@ public class AddPersonModel: BaseUserModel
 		public string ConfirmPassword { get; set; }
 
 		public bool SendAccountCreationNotification { get; set; }
+
+		public bool MustChangePasswordOnLogin { get; set; }
 	}
 }

Web/Resgrid.Web/Areas/User/Models/Profile/ResetPasswordForUserView.cs

@@ -25,5 +25,7 @@ public class ResetPasswordForUserView
 		[Display(Name = "Confirm password")]
 		[System.ComponentModel.DataAnnotations.Compare("Password", ErrorMessage = "The password and confirmation password do not match.")]
 		public string ConfirmPassword { get; set; }
+
+		public bool MustChangePasswordOnLogin { get; set; }
 	}
 }

Web/Resgrid.Web/Areas/User/Views/Personnel/AddPerson.cshtml

@@ -185,6 +185,17 @@
               </div>
             </div>
 
+            <div class="form-group">
+              <label class="col-sm-2 control-label">Require Password Change</label>
+              <div class="col-sm-10">
+                <div class="checkbox checkbox-primary">
+                  <input type="checkbox" class="checkbox checkbox-primary" asp-for="MustChangePasswordOnLogin">
+                  <label></label>
+                </div>
+                <p class="help-block">User will be required to change their password on first login.</p>
+              </div>
+            </div>
+
             @if (!string.IsNullOrEmpty(Model.UdfFormHtml))
             {
               <div class="hr-line-dashed"></div>