Skip to content

feat(user-management) : Added Current password verification for user modification. #2050

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 15 commits into
base: develop
Choose a base branch
from
Open

feat(user-management) : Added Current password verification for user modification. #2050

wants to merge 15 commits into from

Conversation

GovindSinghh
Copy link
Contributor

@GovindSinghh GovindSinghh commented Jun 11, 2025
edited
Loading

Pull Requests Requirements

  • The PR title includes a brief description of the work done, including the
    Issue number if applicable.
  • The PR includes a video showing the changes for the work done.
  • The PR title follows conventional commit label standards.
  • The changes confirm to the OpenElis Global x3 Styleguide and design
    documentation.
  • The changes include tests or are validated by existing tests.
  • I have read and agree to the Contributing Guidelines of this project.

Summary

  • Added current password field in modify user form
  • Disable login name and password fields until current password is verified
  • Allow role modifications without password verification

Screenshots

screenRecoding_user_management2.mp4

[Add relevant screenshots here if applicable]

Related Issue

closes #2039

[Add a link to the related issue or mention it here if applicable]

Other

[Add any additional information or notes here]

@Lemeri123
Copy link
Contributor

Thank you @GovindSinghh for the work thou basing on the issue, I imagined the current password input area would be to confirm the correct password before allowing accessing to modify a user.
cc. @Bahati308 @mozzy11 please confirm

@Bahati308
Copy link
Contributor

Thank you @GovindSinghh for the work thou basing on the issue, I imagined the current password input area would be to confirm the correct password before allowing accessing to modify a user. cc. @Bahati308 @mozzy11 please confirm

That would also work, but according to the issue, the user can go to modify page, the enter the user password which then is compared with the actual user password.

@Bahati308
Copy link
Contributor

@GovindSinghh , the video format is not supported, you could share another format for clarity

@Bahati308
Copy link
Contributor

hello @GovindSinghh , try running this git commit --allow-empty -m "Trigger CI checks" then git push

@GovindSinghh
Copy link
Contributor Author

Hello @mozzy11, kindly review this if possible

@mozzy11
Copy link
Collaborator

mozzy11 commented Jun 20, 2025

Thanks @GovindSinghh .
Can you add a video recording of how this works ??

@GovindSinghh
Copy link
Contributor Author

Thanks @GovindSinghh . Can you add a video recording of how this works ??

I have already attached in the PR ! plz check if it's visible to u or not

mozzy11
mozzy11 reviewed Jun 23, 2025
View reviewed changes
frontend/src/components/admin/userManagement/UserAddModify.js Outdated
} else if (userDataShow.currentPassword !== userDataShow.userPassword) {
setIsCurrentPassCorrect(false);
} else {
setIsCurrentPassCorrect(true);
Copy link
Collaborator

@mozzy11 mozzy11 Jun 23, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

you cant correctly check a current user password from the forntend since its harshed.
You can only check it from the backend side ie here

mozzy11
mozzy11 reviewed Jun 23, 2025
View reviewed changes
frontend/src/components/admin/userManagement/UserAddModify.js
@@ -875,6 +933,7 @@ function UserAddModify() {
id: "login.login.password",
})}
required={true}
disabled={ID === "0" ? false : !isCurrentPassCorrect}
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Apart from just disabling the UI componenet , there shoulb be a validation on the backend side to ensure current passowrd matched the user Passowrd

@GovindSinghh
Copy link
Contributor Author

@mozzy11 I've tried to implement better code logic as u suggusted , kindly review this

@mozzy11
Copy link
Collaborator

mozzy11 commented Jun 27, 2025
edited
Loading

Thanks @GovindSinghh .
Can you arrange the validate current password button on the same level as the current passowrd text input??

@GovindSinghh
Copy link
Contributor Author

@mozzy11 is this looking fine

Screenshot 2025-06-27 171100

@mozzy11
Copy link
Collaborator

mozzy11 commented Jun 27, 2025

Thanks @GovindSinghh .
Looks better

@GovindSinghh
Copy link
Contributor Author

hey @mozzy11 , is this ready to get merged..!

@mozzy11
Copy link
Collaborator

mozzy11 commented Jul 7, 2025

Thanks @GovindSinghh . Looking at it

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@mozzy11 mozzy11 mozzy11 left review comments

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Check Current Password when Modifying an existing user
4 participants
@GovindSinghh @Lemeri123 @Bahati308 @mozzy11