From b5a93edea574ecae1e30d6e7b7969be66b8b3619 Mon Sep 17 00:00:00 2001 From: Martin Renvoize Date: Fri, 29 Apr 2022 10:42:57 +0100 Subject: [PATCH] Bug 30611: Add ability for staff to send password reset emails This patch adds the ability for staff with the edit_borrowers permission to send password reset emails to users. The staff initiated password reset has it's own notice, STAFF_PASSWORD_RESET, and the reset link produced has an extended timeout of 5 days, as apposed to the usual 2 day limit. Test plan 1) Apply patch and run the database update 2) Login to the staff client with a user who has the 'edit_borrowers' permission. 3) Note that a new, 'Send password reset' option appears under the 'More' menu on the patron details page. 4) Clicking the button will queue the STAFF_PASSWORD_RESET notice and redirect the user to the Notices tab. Signed-off-by: Sally Signed-off-by: Marcel de Rooy Signed-off-by: Fridolin Somers --- Koha/Patron/Password/Recovery.pm | 6 ++++-- .../prog/en/includes/members-toolbar.inc | 4 ++++ members/notices.pl | 19 +++++++++++++++++++ 3 files changed, 27 insertions(+), 2 deletions(-) diff --git a/Koha/Patron/Password/Recovery.pm b/Koha/Patron/Password/Recovery.pm index 5fb1402dee..a7d24ece40 100644 --- a/Koha/Patron/Password/Recovery.pm +++ b/Koha/Patron/Password/Recovery.pm @@ -104,6 +104,7 @@ sub SendPasswordRecoveryEmail { my $borrower = shift; # Koha::Patron my $userEmail = shift; #to_address (the one specified in the request) my $update = shift; + my $staff = shift // 0; my $schema = Koha::Database->new->schema; @@ -114,8 +115,9 @@ sub SendPasswordRecoveryEmail { } while ( substr ( $uuid_str, -1, 1 ) eq '.' ); # insert into database + my $days = $staff ? 5 : 2; my $expirydate = - dt_from_string()->add( days => 2 ); + dt_from_string()->add( days => $days ); if ($update) { my $rs = $schema->resultset('BorrowerPasswordRecovery') @@ -141,7 +143,7 @@ sub SendPasswordRecoveryEmail { # prepare the email my $letter = C4::Letters::GetPreparedLetter( module => 'members', - letter_code => 'PASSWORD_RESET', + letter_code => $staff ? 'STAFF_PASSWORD_RESET' : 'PASSWORD_RESET', branchcode => $borrower->branchcode, lang => $borrower->lang, substitute => diff --git a/koha-tmpl/intranet-tmpl/prog/en/includes/members-toolbar.inc b/koha-tmpl/intranet-tmpl/prog/en/includes/members-toolbar.inc index 0466779a60..83136d04b8 100644 --- a/koha-tmpl/intranet-tmpl/prog/en/includes/members-toolbar.inc +++ b/koha-tmpl/intranet-tmpl/prog/en/includes/members-toolbar.inc @@ -72,6 +72,10 @@
  • Send welcome email
  • [% END %] + [% IF CAN_user_borrowers_edit_borrowers %] +
  • Send password reset
  • + [% END %] + [% IF CAN_user_borrowers_delete_borrowers %]
  • Delete
  • [% ELSE %] diff --git a/members/notices.pl b/members/notices.pl index dad8f07e8b..806ec4a5a8 100755 --- a/members/notices.pl +++ b/members/notices.pl @@ -27,6 +27,7 @@ use C4::Members; use C4::Letters qw( GetPreparedLetter EnqueueLetter ); use Koha::Patrons; use Koha::Patron::Categories; +use Koha::Patron::Password::Recovery qw( SendPasswordRecoveryEmail ValidateBorrowernumber ); my $input=CGI->new; @@ -93,6 +94,24 @@ if ( $op eq 'send_welcome' ) { print $input->redirect("/cgi-bin/koha/members/notices.pl?borrowernumber=$borrowernumber"); } +if ( $op eq 'send_password_reset' ) { + + my $emailaddr = $patron->notice_email_address; + + if ($emailaddr) { + + # check if there's already a recovery in process + my $update = ValidateBorrowernumber( $patron->borrowernumber ); + + # send staff initiated password recovery + SendPasswordRecoveryEmail( $patron, $emailaddr, $update, 1 ); + } + + # redirect to self to avoid form submission on refresh + print $input->redirect( + "/cgi-bin/koha/members/notices.pl?borrowernumber=$borrowernumber"); +} + # Getting the messages my $queued_messages = C4::Letters::GetQueuedMessages({borrowernumber => $borrowernumber}); -- 2.39.5