use chrono::Utc;
use serde::Deserialize;
use serde_json::{Value, json};
use crate::{
error::{AppError, Result},
storage::Storage,
types::{UserPoolId, UserStatus},
validation::validate_password,
};
use super::helpers::hash_password;
#[derive(Debug, Deserialize)]
#[serde(rename_all = "PascalCase")]
struct Request {
user_pool_id: UserPoolId,
username: String,
password: String,
#[serde(default)]
permanent: bool,
}
pub async fn handler(storage: &Storage, body: Value) -> Result<Value> {
let req: Request = serde_json::from_value(body)
.map_err(|e| AppError::InvalidParameter(format!("Invalid request: {}", e)))?;
validate_password(&req.password)?;
storage
.get_user_pool(&req.user_pool_id)
.await
.ok_or(AppError::UserPoolNotFound)?;
let mut user = storage
.get_user_by_username(&req.user_pool_id, &req.username)
.await
.ok_or(AppError::UserNotFound)?;
user.password_hash = hash_password(&req.password).map_err(AppError::Internal)?;
user.last_modified_date = Utc::now();
if req.permanent {
if user.user_status == UserStatus::ForceChangePassword {
user.user_status = UserStatus::Confirmed;
}
} else {
user.user_status = UserStatus::ForceChangePassword;
}
storage.update_user(user).await;
Ok(json!({}))
}
#[cfg(test)]
mod tests {
use super::*;
use crate::action::user::admin_create_user;
use crate::action::user_pool::create_user_pool;
use serde_json::json;
#[tokio::test]
async fn test_admin_set_user_password_permanent() {
let storage = Storage::new();
let pool = create_user_pool::handler(&storage, json!({"PoolName": "test"}))
.await
.unwrap();
let pool_id = pool["UserPool"]["Id"].as_str().unwrap();
admin_create_user::handler(
&storage,
json!({
"UserPoolId": pool_id,
"Username": "testuser"
}),
)
.await
.unwrap();
let result = handler(
&storage,
json!({
"UserPoolId": pool_id,
"Username": "testuser",
"Password": "NewPassword123!",
"Permanent": true
}),
)
.await;
assert!(result.is_ok());
assert_eq!(result.unwrap(), json!({}));
let pool_id_typed: UserPoolId = pool_id.parse().unwrap();
let user = storage
.get_user_by_username(&pool_id_typed, "testuser")
.await
.unwrap();
assert_eq!(user.user_status, UserStatus::Confirmed);
}
#[tokio::test]
async fn test_admin_set_user_password_temporary() {
let storage = Storage::new();
let pool = create_user_pool::handler(&storage, json!({"PoolName": "test"}))
.await
.unwrap();
let pool_id = pool["UserPool"]["Id"].as_str().unwrap();
admin_create_user::handler(
&storage,
json!({
"UserPoolId": pool_id,
"Username": "testuser"
}),
)
.await
.unwrap();
let result = handler(
&storage,
json!({
"UserPoolId": pool_id,
"Username": "testuser",
"Password": "NewPassword123!"
}),
)
.await;
assert!(result.is_ok());
let pool_id_typed: UserPoolId = pool_id.parse().unwrap();
let user = storage
.get_user_by_username(&pool_id_typed, "testuser")
.await
.unwrap();
assert_eq!(user.user_status, UserStatus::ForceChangePassword);
}
#[tokio::test]
async fn test_admin_set_user_password_user_not_found() {
let storage = Storage::new();
let pool = create_user_pool::handler(&storage, json!({"PoolName": "test"}))
.await
.unwrap();
let pool_id = pool["UserPool"]["Id"].as_str().unwrap();
let result = handler(
&storage,
json!({
"UserPoolId": pool_id,
"Username": "nonexistent",
"Password": "NewPassword123!"
}),
)
.await;
assert!(result.is_err());
assert!(matches!(result.unwrap_err(), AppError::UserNotFound));
}
}