+
+ @RequestMapping(value = "/users/password/{username}", method = RequestMethod.POST)
+ @ResponseBody
+ public Status changePassword(@PathVariable("username") String username, HttpServletRequest request,
+ @RequestParam("currentPassword") String currentPassword, @RequestParam("newPassword") String newPassword) {
+ IUserManager userManager = (IUserManager) ServiceHelper
+ .getGlobalInstance(IUserManager.class, this);
+ if (userManager == null) {
+ return new Status(StatusCode.GONE, "User Manager not found");
+ }
+
+ if (!authorize(userManager, UserLevel.NETWORKADMIN, request)) {
+ return new Status(StatusCode.FORBIDDEN, "Operation not permitted");
+ }
+
+ if (newPassword.isEmpty()) {
+ return new Status(StatusCode.BADREQUEST, "Empty passwords not allowed");
+ }
+
+ Status status = userManager.changeLocalUserPassword(username, currentPassword, newPassword);
+
+ return status;
+ }
+