standalone: rename User field plaintext_password to just password

diff --git a/ext/standaloneusers/Civi/Api4/Action/User/WriteTrait.php b/ext/standaloneusers/Civi/Api4/Action/User/WriteTrait.php
index 7a23f99450d6f17db986836266b0ebcdf89b46be..146426c590abef91003ddcda54f3878eafeed024 100644 (file)
--- a/ext/standaloneusers/Civi/Api4/Action/User/WriteTrait.php
+++ b/ext/standaloneusers/Civi/Api4/Action/User/WriteTrait.php
@@ -53,11 +53,11 @@ trait WriteTrait {
         throw new UnauthorizedException("Not allowed to change " . implode(' or ', array_keys($forbidden)));
       }
     }
-    if (isset($record['plaintext_password'])) {
+    if (isset($record['password'])) {
       if (!empty($record['hashed_password'])) {
-        throw new API_Exception("Ambiguous password parameters: Cannot pass plaintext_password AND hashed_password.");
+        throw new API_Exception("Ambiguous password parameters: Cannot pass password AND hashed_password.");
       }
-      if (empty($record['plaintext_password'])) {
+      if (empty($record['password'])) {
         throw new API_Exception("Disallowing empty password.");
       }
     }
@@ -67,7 +67,7 @@ trait WriteTrait {
   /**
    * This is called with the values for a record fully loaded.
    *
-   * Note that we will now have hashed_password, as well as possibly plaintext_password.
+   * Note that we will now have hashed_password, as well as possibly password.
    *
    */
   protected function validateValues() {
@@ -101,7 +101,7 @@ trait WriteTrait {
       }
 
       // If changing a password, require user to re-authenticate as themself.
-      if (isset(($values['plaintext_password'])) && !$hasAuthenticated) {
+      if (isset(($values['password'])) && !$hasAuthenticated) {
         throw new UnauthorizedException("Unauthorized");
       }
     }
@@ -117,10 +117,10 @@ trait WriteTrait {
    */
   protected function write(array $items) {
     foreach ($items as &$item) {
-      // If given, convert plaintext_password to hashed_password now.
-      if (isset($item['plaintext_password'])) {
-        $item['hashed_password'] = Security::singleton()->hashPassword($item['plaintext_password']);
-        unset($item['plaintext_password']);
+      // If given, convert password to hashed_password now.
+      if (isset($item['password'])) {
+        $item['hashed_password'] = Security::singleton()->hashPassword($item['password']);
+        unset($item['password']);
       }
     }
     return parent::write($items);

diff --git a/ext/standaloneusers/Civi/Api4/Service/Spec/Provider/UserSpecProvider.php b/ext/standaloneusers/Civi/Api4/Service/Spec/Provider/UserSpecProvider.php
index 42e7344885ed1f9a923eabd7ba5830ab8224d0cc..e699055ef7402db8e5ffab6c72925e37b22f654d 100644 (file)
--- a/ext/standaloneusers/Civi/Api4/Service/Spec/Provider/UserSpecProvider.php
+++ b/ext/standaloneusers/Civi/Api4/Service/Spec/Provider/UserSpecProvider.php
@@ -25,11 +25,11 @@ class UserSpecProvider extends \Civi\Core\Service\AutoService implements Generic
    * @inheritDoc
    */
   public function modifySpec(RequestSpec $spec) {
-    $plaintextPassword = new FieldSpec('plaintext_password', 'User', 'String');
-    $plaintextPassword->setTitle(ts('New password'));
-    $plaintextPassword->setDescription('Provide a new password for this user.');
-    $plaintextPassword->setInputType('Text');
-    $spec->addFieldSpec($plaintextPassword);
+    $password = new FieldSpec('password', 'User', 'String');
+    $password->setTitle(ts('New password'));
+    $password->setDescription('Provide a new password for this user.');
+    $password->setInputType('Text');
+    $spec->addFieldSpec($password);
   }
 
   /**

diff --git a/ext/standaloneusers/Civi/Standalone/Security.php b/ext/standaloneusers/Civi/Standalone/Security.php
index 2c90dcccddbc9b6134ea7a0dea9d94b68b776651..c0e8de0f84cf5682ad610311425e752becabd61f 100644 (file)
--- a/ext/standaloneusers/Civi/Standalone/Security.php
+++ b/ext/standaloneusers/Civi/Standalone/Security.php
@@ -142,7 +142,7 @@ class Security {
       $userID = \Civi\Api4\User::create(FALSE)
         ->addValue('username', $params['cms_name'])
         ->addValue('email', $mail)
-        ->addValue('plaintext_password', $params['cms_pass'])
+        ->addValue('password', $params['cms_pass'])
         ->execute()->single()['id'];
     }
     catch (\Exception $e) {

diff --git a/ext/standaloneusers/ang/crmChangePassword.js b/ext/standaloneusers/ang/crmChangePassword.js
index c74273825d923a7fa91be7ed80181e072d287f6a..0c6bc4efa82e25e8a558bf94725b641be41892b5 100644 (file)
--- a/ext/standaloneusers/ang/crmChangePassword.js
+++ b/ext/standaloneusers/ang/crmChangePassword.js
@@ -82,7 +82,7 @@
           // Now submit api request.
           const userUpdateParams = {
             actorPassword: ctrl.actorPassword,
-            values: {plaintext_password: ctrl.newPassword},
+            values: {password: ctrl.newPassword},
             where: [['id', '=', ctrl.userId]]
           };
           return crmApi4('User', 'Update', userUpdateParams)

diff --git a/ext/standaloneusers/tests/phpunit/Civi/Standalone/SecurityTest.php b/ext/standaloneusers/tests/phpunit/Civi/Standalone/SecurityTest.php
index 0c1ee14885b2071ffc83f0f4dd07bc9c8afd408a..cb2579ac47ea7a5baef6715a4c20b33766d549f6 100644 (file)
--- a/ext/standaloneusers/tests/phpunit/Civi/Standalone/SecurityTest.php
+++ b/ext/standaloneusers/tests/phpunit/Civi/Standalone/SecurityTest.php
@@ -201,7 +201,7 @@ class SecurityTest extends \PHPUnit\Framework\TestCase implements EndToEndInterf
     $userID = User::create(FALSE)
       ->setValues([
         'username' => 'testuser1',
-        'plaintext_password' => 'shhh',
+        'password' => 'shhh',
         'contact_id' => $stafferContactID,
         'roles:name' => ['staff'],
         'email' => 'testuser1@example.org',
@@ -218,7 +218,7 @@ class SecurityTest extends \PHPUnit\Framework\TestCase implements EndToEndInterf
     $userId = \CRM_Core_BAO_UFMatch::getUFId($stafferContactID);
     $this->assertNotNull($userId);
 
-    $this->assertArrayNotHasKey('plaintext_password', $user);
+    $this->assertArrayNotHasKey('password', $user);
     $this->assertMatchesRegularExpression('/^[$].+[$].+/', $user['hashed_password']);
 
     // Update to the loaded values should NOT result in the password being changed.
@@ -248,10 +248,10 @@ class SecurityTest extends \PHPUnit\Framework\TestCase implements EndToEndInterf
     // Now move on to tests with checkPermissions:TRUE
 
     // Check we are allowed to update this user's password if we provide our own, since we have 'cms:administer users'
-    // ...by plaintext_password
+    // ...by password
     $previousHash = $updatedUser['hashed_password'];
     $updatedUser = User::update(TRUE)
-      ->addValue('plaintext_password', 'topSecret')
+      ->addValue('password', 'topSecret')
       ->addWhere('id', '=', $user['id'])
       ->setActorPassword('secret1')
       ->setReload(TRUE)
@@ -276,7 +276,7 @@ class SecurityTest extends \PHPUnit\Framework\TestCase implements EndToEndInterf
     // Check that if we don't supply OUR correct password, we're not allowed to update the user's password.
     try {
       User::update(TRUE)
-        ->addValue('plaintext_password', 'anotherNewPassword')
+        ->addValue('password', 'anotherNewPassword')
         ->addWhere('id', '=', $user['id'])
         ->setActorPassword('wrong pass')
         ->execute();
@@ -289,7 +289,7 @@ class SecurityTest extends \PHPUnit\Framework\TestCase implements EndToEndInterf
     // Check that if we don't supply OUR password at all, we're not allowed to update the user's password.
     try {
       User::update(TRUE)
-        ->addValue('plaintext_password', 'anotherNewPassword')
+        ->addValue('password', 'anotherNewPassword')
         ->addWhere('id', '=', $user['id'])
         ->execute();
       $this->fail("Expected UnauthorizedException got none.");
@@ -304,7 +304,7 @@ class SecurityTest extends \PHPUnit\Framework\TestCase implements EndToEndInterf
     // Check we are allowed to update our own password if we provide the current one.
     $updatedUser = User::update(TRUE)
       ->setActorPassword('topSecret')
-      ->addValue('plaintext_password', 'ourNewSecret')
+      ->addValue('password', 'ourNewSecret')
       ->addWhere('id', '=', $user['id'])
       ->setReload(TRUE)
       ->execute()->first();
@@ -314,7 +314,7 @@ class SecurityTest extends \PHPUnit\Framework\TestCase implements EndToEndInterf
     // Check that if we don't supply OUR correct password, we're not allowed to update our password.
     try {
       User::update(TRUE)
-        ->addValue('plaintext_password', 'anotherNewPassword')
+        ->addValue('password', 'anotherNewPassword')
         ->addWhere('id', '=', $user['id'])
         ->setActorPassword('wrong pass')
         ->execute();
@@ -327,7 +327,7 @@ class SecurityTest extends \PHPUnit\Framework\TestCase implements EndToEndInterf
     // Check that if we don't supply OUR password at all, we're not allowed to update the user's password.
     try {
       User::update(TRUE)
-        ->addValue('plaintext_password', 'anotherNewPassword')
+        ->addValue('password', 'anotherNewPassword')
         ->addWhere('id', '=', $user['id'])
         ->execute();
       $this->fail("Expected UnauthorizedException got none.");
@@ -339,7 +339,7 @@ class SecurityTest extends \PHPUnit\Framework\TestCase implements EndToEndInterf
     // Check that we're not allowed to update the admin user's password, since we are not an admin.
     try {
       User::update(TRUE)
-        ->addValue('plaintext_password', 'anotherNewPassword')
+        ->addValue('password', 'anotherNewPassword')
         ->addWhere('id', '=', $adminUserID)
         ->setActorPassword('ourNewSecret')
         ->execute();