From 957482bc9b23949923f7ac4a3dbb8b8b54892603 Mon Sep 17 00:00:00 2001
From: Sebastian Bartus-Kunz <sbartus-kunz@nitton.de>
Date: Fri, 10 Jun 2016 15:06:41 +0200
Subject: [PATCH] Added change password request.

---
 restapi/index.php | 48 +++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 48 insertions(+)

diff --git a/restapi/index.php b/restapi/index.php
index a2b17da90..f98ebe8ef 100644
--- a/restapi/index.php
+++ b/restapi/index.php
@@ -929,6 +929,53 @@ function createAccount() { /* {{{ */
     return;
 } /* }}} */
 
+/**
+ * Updates the password of an existing Account, the password must be PUT as a md5 string
+ *
+ * @param      <type>  $id     The user name or numerical identifier
+ */
+function changeAccountPassword($id) { /* {{{ */
+    global $app, $dms, $userobj;
+
+    checkIfAdmin();
+
+    if ($app->request()->put('password') == null)
+    {
+        $app->response()->header('Content-Type', 'application/json');
+        echo json_encode(array('success'=>false, 'message'=>'You must PUT a new password', 'data'=>''));
+        return; 
+    }
+
+    $newPassword = $app->request()->put('password');
+
+    if(is_numeric($id))
+        $account = $dms->getUser($id);
+    else {
+        $account = $dms->getUserByLogin($id);
+    }
+
+    /**
+     * User not found
+     */
+    if (!$account) {
+    	$app->response()->status(404);
+    	return;
+    }
+
+    $operation = $account->setPwd($newPassword);
+
+    if (!$operation){
+		$app->response()->header('Content-Type', 'application/json');
+	    echo json_encode(array('success'=>false, 'message'=>'', 'data'=>'Could not change password.'));
+	    return;
+    }
+
+    $app->response()->header('Content-Type', 'application/json');
+    echo json_encode(array('success'=>true, 'message'=>'', 'data'=>''));
+
+    return;
+} /* }}} */
+
 function getAccountById($id) { /* {{{ */
     global $app, $dms, $userobj;
     checkIfAdmin();
@@ -1351,6 +1398,7 @@ $app->get('/account/locked', 'getLockedDocuments');
 $app->post('/accounts', 'createAccount');
 $app->get('/accounts/:id', 'getAccountById');
 $app->put('/accounts/:id/disable', 'setDisabledAccount');
+$app->get('/accounts/:id/password', 'changeAccountPassword');
 $app->post('/groups', 'createGroup');
 $app->get('/groups/:id', 'getGroup');
 $app->put('/groups/:id/addUser', 'addUserToGroup');