Administrators can create password recovery links

src/api_data/admin/admin_create_password_recovery_link_api.rs

@@ -0,0 +1,14 @@
+//! # Create password recovery link result
+//!
+//! @author Pierre Hubert
+
+#[derive(serde::Serialize)]
+pub struct AdminCreatedPasswordRecoveryLinkApi {
+    url: String,
+}
+
+impl AdminCreatedPasswordRecoveryLinkApi {
+    pub fn new(url: String) -> Self {
+        Self { url }
+    }
+}

src/api_data/admin/mod.rs

@@ -12,4 +12,5 @@ pub mod admin_role_api;
 pub mod admin_res_create_account;
 pub mod admin_log_api;
 pub mod admin_search_user_result_api;
-pub mod admin_user_info_api;
+pub mod admin_user_info_api;
+pub mod admin_create_password_recovery_link_api;

src/controllers/admin/admin_users_controller.rs

@@ -2,11 +2,13 @@
 //!
 //! @author Pierre Hubert
 
+use crate::api_data::admin::admin_create_password_recovery_link_api::AdminCreatedPasswordRecoveryLinkApi;
 use crate::api_data::admin::admin_search_user_result_api::AdminSearchUserResult;
 use crate::api_data::admin::admin_user_info_api::AdminUserInfoAPI;
 use crate::constants::admin::AdminRole;
 use crate::data::admin_action_log::AdminAction;
 use crate::data::base_request_handler::BaseRequestHandler;
+use crate::data::config::conf;
 use crate::data::http_request_handler::HttpRequestHandler;
 use crate::helpers::{account_helper, user_helper};
 use crate::helpers::admin_log_helper::log_admin_action;
@@ -62,4 +64,20 @@ pub fn change_email_address(r: &mut HttpRequestHandler) -> RequestResult {
                      })?;
 
     r.ok()
+}
+
+/// Create a password recovery link for a Comunic user
+pub fn create_password_recovery_link(r: &mut HttpRequestHandler) -> RequestResult {
+    r.check_admin_has_role(AdminRole::MANAGE_USERS)?;
+
+    let user_id = r.post_user_id("user_id")?;
+    let user = user_helper::find_user_by_id(&user_id)?;
+
+    let token = account_helper::generate_password_reset_token(&user_id)?;
+    let recovery_link = conf().password_reset_url.replace("{TOKEN}", &token);
+
+    log_admin_action(r.admin_id()?, &r.remote_ip(),
+                     AdminAction::CreatePasswordRecoveryLink { user_id, user_name: user.full_name() })?;
+
+    r.set_response(AdminCreatedPasswordRecoveryLinkApi::new(recovery_link))
 }

src/data/admin_action_log.rs

@@ -16,6 +16,7 @@ pub enum AdminAction {
     RemoveAdminRole { target: AdminID, role: String },
     AccessUserPage { user_id: UserID, user_name: String },
     ChangedEmailAddress { user_id: UserID, user_name: String, old_mail: String, new_mail: String },
+    CreatePasswordRecoveryLink { user_id: UserID, user_name: String },
     UnsupportedAction { raw_data: String },
 }
 
@@ -54,6 +55,9 @@ impl AdminAction {
             AdminAction::ChangedEmailAddress { .. } =>
                 { "Changed email address of user #{user_id} '{user_name}' from {old_mail} to {new_mail}" }
 
+            AdminAction::CreatePasswordRecoveryLink { .. } =>
+                { "Created a password recovery link for user #{user_id} '{user_name}'." }
+
             AdminAction::UnsupportedAction { .. } => { "Unsupported action. Raw data: {raw_data}" }
         }
     }

src/routes.rs

@@ -399,5 +399,6 @@ pub fn get_routes() -> Vec<Route> {
         Route::admin_post("/admin/users/search", Box::new(admin_users_controller::search)),
         Route::admin_post("/admin/users/info", Box::new(admin_users_controller::get_single)),
         Route::admin_post("/admin/users/change_email_address", Box::new(admin_users_controller::change_email_address)),
+        Route::admin_post("/admin/users/create_password_recovery_link", Box::new(admin_users_controller::create_password_recovery_link)),
     ]
 }