nexus3-cli icon indicating copy to clipboard operation
nexus3-cli copied to clipboard

Published 20 hours ago verified publisher icon thiagofigueiro

Change users password via cli

Open verhyppo opened this issue 5 years ago • 5 comments

It could be a good idea to allow the users for nexus-cli to change the password for existing users.

verhyppo avatar Feb 07 '20 22:02 verhyppo

For local users, yeah. Nice. This is the sort of thing I think should go into the configure sub-command I mentioned in your other issue.

thiagofigueiro avatar Feb 08 '20 00:02 thiagofigueiro

Hi, What do you think should be the best approach to login again the user once it's password has been changed? Simply logout the user from the cli and then ask the user to do the login back? or reconnect him directly using the username and pwd just changed if the username match with the current user?

verhyppo avatar Mar 24 '20 20:03 verhyppo

I understood the original suggestion as:

  1. The CLI user recorded in ~/.nexus3cli is an administrator
  2. The CLI user can issue a command to change any other user's password (including herself)

Your question leads me to think that 1 is not always true (which is sensible) and that 2 is only herself.

Either way, your question is valid as if an admin CLI user changes their own password, they would need to manually re-login with nexus3 login.

My opinion is:

  1. The CLI doesn't check for an existing ~/.nexus3cli. It would be good if it did and adjusted the default answers to match the existing configuration.
  2. If the password changed is for the user in ~/.nexus3cli, the CLI should automatically update the settings.

How does this sound?

thiagofigueiro avatar Mar 24 '20 21:03 thiagofigueiro

just for clarification: by administrator do you mean that has role nx-admin?

EDIT: in nx domain, a user to change it's own password must have nx-userschangepw priviledge granted, while needs nx-admin to change other user passwords. In this case it makes sense to allow simple users to change their own password via cli. This means that your opinions are correct and I think makes the ux enough for a simple user.

I think there could be some problems integration testing those scenarios since we don't have the creation of a new user already, maybe it's something that can be planned.

verhyppo avatar Mar 24 '20 21:03 verhyppo

by administrator do you mean that has role nx-admin?

Yes - I should have been specific, thanks!

From a testing point of view it would be easier if user creation/management came before password changing. We could always hack the test setup externally (curl? I remember seeing user management in the REST API recently).

thiagofigueiro avatar Mar 24 '20 22:03 thiagofigueiro