From 0825764cc9cbfd518145fd1382a923cee5a54356 Mon Sep 17 00:00:00 2001
From: Kevin Roast <kevin.roast@alfresco.com>
Date: Tue, 12 May 2009 14:23:09 +0000
Subject: [PATCH] Addition of password update/set API for JavaScript People
 object:  - changePassword(string oldpw, string newpw) - changes password for
 the current user only,  old password must be supplied  - setPassword(string
 userName, string password) - set the password for the given user - only
 executable by an admin user Fix up and clean up of my-sites.get.js so that
 IMAP favorites are only retrieved if the IMAP server is enabled

git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@14280 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
---
 .../org/alfresco/repo/jscript/People.java     | 34 +++++++++++++++++++
 1 file changed, 34 insertions(+)

diff --git a/source/java/org/alfresco/repo/jscript/People.java b/source/java/org/alfresco/repo/jscript/People.java
index 9bf5611bd9..ec0507f66b 100644
--- a/source/java/org/alfresco/repo/jscript/People.java
+++ b/source/java/org/alfresco/repo/jscript/People.java
@@ -273,6 +273,40 @@ public final class People extends BaseScopableProcessorExtension
     {
         return this.mutableAuthenticationDao.getEnabled(userName);
     }
+    
+    /**
+     * Change the password for the currently logged in user.
+     * Old password must be supplied.
+     *  
+     * @param oldPassword       Old user password
+     * @param newPassword       New user password
+     */
+    public void changePassword(String oldPassword, String newPassword)
+    {
+        ParameterCheck.mandatoryString("oldPassword", oldPassword);
+        ParameterCheck.mandatoryString("newPassword", newPassword);
+        
+        this.services.getAuthenticationService().updateAuthentication(
+                AuthenticationUtil.getFullyAuthenticatedUser(), oldPassword.toCharArray(), newPassword.toCharArray());
+    }
+    
+    /**
+     * Set a password for the given user. Note that only an administrator
+     * can perform this action, otherwise it will be ignored.
+     * 
+     * @param userName          Username to change password for
+     * @param password          Password to set
+     */
+    public void setPassword(String userName, String password)
+    {
+        ParameterCheck.mandatoryString("userName", userName);
+        ParameterCheck.mandatoryString("password", password);
+        
+        if (this.authorityService.hasAdminAuthority())
+        {
+            this.services.getAuthenticationService().setAuthentication(userName, password.toCharArray());
+        }
+    }
 
     /**
      * Create a Person with the given user name