Announcement

Collapse

The Alpha Software Forum Participation Guidelines

The Alpha Software Forum is a free forum created for Alpha Software Developer Community to ask for help, exchange ideas, and share solutions. Alpha Software strives to create an environment where all members of the community can feel safe to participate. In order to ensure the Alpha Software Forum is a place where all feel welcome, forum participants are expected to behave as follows:
  • Be professional in your conduct
  • Be kind to others
  • Be constructive when giving feedback
  • Be open to new ideas and suggestions
  • Stay on topic


Be sure all comments and threads you post are respectful. Posts that contain any of the following content will be considered a violation of your agreement as a member of the Alpha Software Forum Community and will be moderated:
  • Spam.
  • Vulgar language.
  • Quotes from private conversations without permission, including pricing and other sales related discussions.
  • Personal attacks, insults, or subtle put-downs.
  • Harassment, bullying, threatening, mocking, shaming, or deriding anyone.
  • Sexist, racist, homophobic, transphobic, ableist, or otherwise discriminatory jokes and language.
  • Sexually explicit or violent material, links, or language.
  • Pirated, hacked, or copyright-infringing material.
  • Encouraging of others to engage in the above behaviors.


If a thread or post is found to contain any of the content outlined above, a moderator may choose to take one of the following actions:
  • Remove the Post or Thread - the content is removed from the forum.
  • Place the User in Moderation - all posts and new threads must be approved by a moderator before they are posted.
  • Temporarily Ban the User - user is banned from forum for a period of time.
  • Permanently Ban the User - user is permanently banned from the forum.


Moderators may also rename posts and threads if they are too generic or do not property reflect the content.

Moderators may move threads if they have been posted in the incorrect forum.

Threads/Posts questioning specific moderator decisions or actions (such as "why was a user banned?") are not allowed and will be removed.

The owners of Alpha Software Corporation (Forum Owner) reserve the right to remove, edit, move, or close any thread for any reason; or ban any forum member without notice, reason, or explanation.

Community members are encouraged to click the "Report Post" icon in the lower left of a given post if they feel the post is in violation of the rules. This will alert the Moderators to take a look.

Alpha Software Corporation may amend the guidelines from time to time and may also vary the procedures it sets out where appropriate in a particular case. Your agreement to comply with the guidelines will be deemed agreement to any changes to it.



Bonus TIPS for Successful Posting

Try a Search First
It is highly recommended that a Search be done on your topic before posting, as many questions have been answered in prior posts. As with any search engine, the shorter the search term, the more "hits" will be returned, but the more specific the search term is, the greater the relevance of those "hits". Searching for "table" might well return every message on the board while "tablesum" would greatly restrict the number of messages returned.

When you do post
First, make sure you are posting your question in the correct forum. For example, if you post an issue regarding Desktop applications on the Mobile & Browser Applications board , not only will your question not be seen by the appropriate audience, it may also be removed or relocated.

The more detail you provide about your problem or question, the more likely someone is to understand your request and be able to help. A sample database with a minimum of records (and its support files, zipped together) will make it much easier to diagnose issues with your application. Screen shots of error messages are especially helpful.

When explaining how to reproduce your problem, please be as detailed as possible. Describe every step, click-by-click and keypress-by-keypress. Otherwise when others try to duplicate your problem, they may do something slightly different and end up with different results.

A note about attachments
You may only attach one file to each message. Attachment file size is limited to 2MB. If you need to include several files, you may do so by zipping them into a single archive.

If you forgot to attach your files to your post, please do NOT create a new thread. Instead, reply to your original message and attach the file there.

When attaching screen shots, it is best to attach an image file (.BMP, .JPG, .GIF, .PNG, etc.) or a zip file of several images, as opposed to a Word document containing the screen shots. Because Word documents are prone to viruses, many message board users will not open your Word file, therefore limiting their ability to help you.

Similarly, if you are uploading a zipped archive, you should simply create a .ZIP file and not a self-extracting .EXE as many users will not run your EXE file.
See more
See less

Admin to reset any user password WITHOUT "Old Password"

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Admin to reset any user password WITHOUT "Old Password"

    My dialog works well for an Admin to reset ANY user's password. The issue, is, Admin NEEDS to know the old password.

    I need the Admin to change the password for any user WITHOUT having to know the old password.

    Your help will be appreciated.

  • #2
    Re: Admin to reset any user password WITHOUT "Old Password"

    I saw that in the pre-release notes that this is a new feature coming down the pipe:
    http://downloads.alphasoftware.com/A...easenotes.html

    UX Component - Web Security Server-Side Action Scripts - The web security action scripts in a UX component now allow the password to be optional in the variable mapping even if the security setting require a password. The password is optional if the component can only edit an existing security record. The password mapping is required if the component can add a new user security record. A warning message will appear when the action script is saved if a password variable is not specified.
    NWCOPRO: Nuisance Wildlife Control Software My Application: http://www.nwcopro.com "Without forgetting, we would have no memory at all...now what was I saying?"

    Comment


    • #3
      Re: Admin to reset any user password WITHOUT "Old Password"

      Is your dialog built upon some specific Alpha dialog template? Can't you just remove the control that asks for the old password and then also remove any xbasic that demands that field entry be valid? Fundamentally, the Admin should not know the users password, ever.
      Steve Wood
      Join the ALPHA DEVELOPERS NETWORK
      There is no Cloud. It's just someone else's computer.
      Web - Mobile - Hosting - Products - Frameworks - Developer Resources
      AlphaToGo | IADN (100% Alpha Anywhere Websites)

      Comment


      • #4
        Re: Admin to reset any user password WITHOUT "Old Password"

        Instead of using the UX template "SecurityFramework-ChangePasswordAnyUser", start with the template "SecurityFramework-EditAccountForExistingUser" which doesn't require the old password.

        Comment


        • #5
          Re: Admin to reset any user password WITHOUT "Old Password"

          Originally posted by Steve Wood View Post
          Is your dialog built upon some specific Alpha dialog template? Can't you just remove the control that asks for the old password and then also remove any xbasic that demands that field entry be valid? Fundamentally, the Admin should not know the users password, ever.
          Hi Steve.

          Yes, its based on the template to reset ANY user password.

          Comment


          • #6
            Re: Admin to reset any user password WITHOUT "Old Password"

            have you tried what jerry suggested in post #4?
            the way I have is
            a grid to show all the users and a button to edit on the row, click that button opens the dialog with that template and fills in the data and I change at will.
            no problems so far, except I have to wait few minutes.
            thanks for reading

            gandhi

            version 11 3381 - 4096
            mysql backend
            http://www.alphawebprogramming.blogspot.com
            ggandhi344@gmail.com
            Skype:ggandhi344@gmail.com
            1 914 924 5171

            Comment


            • #7
              Re: Admin to reset any user password WITHOUT "Old Password"

              Ghandi,

              Yip I did. It does load all the details etc, BUT now I think instead of "updating" the record it actually tries to insert a new record for it gives me a duplicate username error.

              Comment


              • #8
                Re: Admin to reset any user password WITHOUT "Old Password"

                of "updating" the record it actually tries to insert a new record
                I used the same edit security user framework, and it does not add new user just edits.
                please check again.
                thanks for reading

                gandhi

                version 11 3381 - 4096
                mysql backend
                http://www.alphawebprogramming.blogspot.com
                ggandhi344@gmail.com
                Skype:ggandhi344@gmail.com
                1 914 924 5171

                Comment


                • #9
                  Re: Admin to reset any user password WITHOUT "Old Password"

                  Gandi,

                  Just to recap;
                  I created a normal updatable grid. I also created an UX from the template EditAccountForExistingUser. I changed the sql db connection properties as well as bound my user firstName, LastName, UserName and Mobile Number fields to the users table. The security framework fields remains unbound and I did not touch them.

                  I created a button on the updatable grid [shows next to each user record]

                  When I click the button, the UX loads and populates the user fields with data from my users table. To this stage everything seems to work fine.

                  When I type a new password as well as confirm this password and submit the UX, the "username" field returns an error that the username already exists. This tells me that the UX tries to create a new user rather than updating the current user data.

                  Is there perhaps a server side event that I need to change for I did no other changes except for those explained above.

                  Thanks so much

                  Comment


                  • #10
                    Re: Admin to reset any user password WITHOUT "Old Password"

                    http://screencast.com/t/MR1sdRbG8dv2
                    take a look at this screencast. this is in my production machine and I cannot change lot of things.
                    if you need more info I can show in my development machine later on and write a text file instructions if you need.
                    I doubt that, you will figure it out.
                    thanks for reading

                    gandhi

                    version 11 3381 - 4096
                    mysql backend
                    http://www.alphawebprogramming.blogspot.com
                    ggandhi344@gmail.com
                    Skype:ggandhi344@gmail.com
                    1 914 924 5171

                    Comment


                    • #11
                      Re: Admin to reset any user password WITHOUT "Old Password"

                      When you create a UX to edit the current user, you must include the guid security field in the field mapping, normally as a hidden field. If this field has a value, it identifies the security record as an existing record. If the field doesn't exist or isn't mapped, the system thinks this is a new record.

                      A username must always be unique. When the system validates the data on save, it gets the guid of any record with that username.
                      • If no match is found, the username is allowed.
                      • If the guid found is the same as the guid submitted for the current record (existing record and the username didn't change), it is allowed.
                      • If the guid found does not match the current record guid, or no guid is supplied, this is not allowed as the system thinks it is a duplicate. This throws the error.

                      Comment


                      • #12
                        Re: Admin to reset any user password WITHOUT "Old Password"

                        I've just set this up from scratch using Jerry's suggestion and it works as expected.

                        This UX expects a security id (e.g. an email address) to be supplied in the onDialogInitialize event. To make this UX 100% standalone I made some modifications to it.

                        To support multiple groups per user, replace the UserRoles radio control with a checkbox control. The radio control allows a user to belong to one group. The checkbox control allows multiple groups per user. However, you will need to provide code in the afterDialogValidate event to save the multiple selected groups for the user. I have not put in this code.

                        Add a dropdown control to your UX (e.g. ddUsers). It's data source will come from the websecurityregisteredusers table. The value selected will be the Username. Now you can select a User to work on. In the onChange event for this control fire off an Ajax Callback... call the XBasic function something like getUserInfo, and create that XBasic function.

                        The first line of this function will be...

                        Code:
                        dim id as c = e.dataSubmitted.ddUsers

                        And this is the big one... in the onDialogInitialize Server-side event... you have to make some changes.

                        1. Comment out the "Simulate a User" section.
                        2. Leave the UserRoles stuff in place
                        3. Put your cursor on the LoadUser line, click Action Scripting and then Convert to XBasic
                        4. Copy this XBasic code into your getUserInfo XBasic function.
                        5. Do the same for the LoadSecurity Action Scripting
                        6. The LoadSecurity XBasic code must follow the LoadUser XBasic Code
                        7. Now delete all the XBasic code created for LoadUser and LoadSecurity from the onDialogInitialize event. Only delete the code generated for those 2 Action Scripting items
                        8. In the Ajax Callback, at the end of the generated code for LoadUser, add one line of code...

                        Code:
                        getUserInfo = e.javascript
                        onDialogInitialize returns all the generated javascript code from LoadUser in e.javascript, but we're not running this code from onDialogInitialize. In our Ajax Callback we need to return the generated javascript to the Callback name instead.

                        9. The XBasic code generated from LoadSecurity includes this line... a5ws_GetUsersWithDialog(e , rtc). This function assigns our User info (password etc.) to e.control. You can use e.control in onDialogInitialize to set default values for controls when a UX is loaded. But, we're not using onDialogInitialize, and so we need to change a few things. This code is added after a5ws_GetUsersWithDialog(e , rtc)

                        Code:
                        dim pVar as c
                        dim pVarCnt as n
                        dim pVarArray[0] as c
                        pVar = properties_enum(e.control)
                        pVarArray.initialize(pVar)
                        pVarCnt = *count(pVar)
                        
                        dim e._set as p
                        for i = 1 to pVarCnt
                        	eval("e._set." + pVarArray[i] + ".value") = eval("e.control." + pVarArray[i])
                        next i
                        This code gets the data we need from e.control and creates the required e._set.<controlName>.value variable values. e._set assigns values to controls.

                        So... when this UX is first run, it's empty. You select a user name from the dropdown list and the generated code gets values from websecurityregsiteredusers, websecurityusers, and websecuritygroups. The guid is one of the items retrieved and placed into a hidden control. You can make your changes to the password and save.

                        I think this is a really good example of one of the many strengths of Alpha. It's open. If one of the supplied features doesn't do exactly what you want, you can easily create the code for that feature and modify it to suit your needs. Attached is the UX I modified as well as a short video of it's use.

                        http://www.youtube.com/watch?v=b3ZtkQJ_uhI
                        Attached Files

                        Comment


                        • #13
                          Re: Admin to reset any user password WITHOUT &quot;Old Password&quot;

                          Thanks Gandhi! stopped by here while searching for a resolve to same problem and your solution worked for me just fine. The screencast was indeed very useful. We should note to copy and paste the session variable settings specifies in the "override settings" property for the Users list grid. I noticed that I got some error when I tried to type it in even though it was correctly typed. SIMPLY COPY & PASTE, don't bother to type by yourself

                          Comment


                          • #14
                            Re: Admin to reset any user password WITHOUT &quot;Old Password&quot;

                            David,

                            I loved your video and your instructions. You have exactly what I am looking for for an administrative password control (and all other user variables). I am running into a problem, however. When I pick the user from the dropdown, I get the following error: pVar = properties_enum(e.control) Property not found e.control subelement not found.

                            Could it be the way I bound my fields? I wasn't sure which Guid should be mapped as AA creates more than one security table with a userGuid.

                            Comment


                            • #15
                              Re: Admin to reset any user password WITHOUT &quot;Old Password&quot;

                              You'd have to post your UX and Alpha build you're using.

                              Comment

                              Working...
                              X