X-Git-Url: https://git.opendaylight.org/gerrit/gitweb?a=blobdiff_plain;f=opendaylight%2Fweb%2Froot%2Fsrc%2Fmain%2Fjava%2Forg%2Fopendaylight%2Fcontroller%2Fweb%2FDaylightWebAdmin.java;h=46b8d4e0fe5e0329299a5671a6440ae801fbc853;hb=refs%2Fchanges%2F49%2F449%2F1;hp=1ab8dff116aff1f176f168d66ae979de83e35dec;hpb=86a8fcb92de5475f366cda9e79e1b494834267b1;p=controller.git

diff --git a/opendaylight/web/root/src/main/java/org/opendaylight/controller/web/DaylightWebAdmin.java b/opendaylight/web/root/src/main/java/org/opendaylight/controller/web/DaylightWebAdmin.java
index 1ab8dff116..46b8d4e0fe 100644
--- a/opendaylight/web/root/src/main/java/org/opendaylight/controller/web/DaylightWebAdmin.java
+++ b/opendaylight/web/root/src/main/java/org/opendaylight/controller/web/DaylightWebAdmin.java
@@ -15,6 +15,7 @@ import javax.servlet.http.HttpServletRequest;
 import org.opendaylight.controller.sal.authorization.UserLevel;
 import org.opendaylight.controller.sal.utils.ServiceHelper;
 import org.opendaylight.controller.sal.utils.Status;
+import org.opendaylight.controller.sal.utils.StatusCode;
 import org.opendaylight.controller.usermanager.IUserManager;
 import org.opendaylight.controller.usermanager.internal.UserConfig;
 import org.springframework.stereotype.Controller;
@@ -94,6 +95,29 @@ public class DaylightWebAdmin {
 
         return userManager.removeLocalUser(userName).getDescription();
     }
+    
+    @RequestMapping(value = "/users/password/{username}", method = RequestMethod.POST)
+    @ResponseBody
+    public Status changePassword(@PathVariable("username") String username, HttpServletRequest request,
+            @RequestParam("currentPassword") String currentPassword, @RequestParam("newPassword") String newPassword) {
+        IUserManager userManager = (IUserManager) ServiceHelper
+                .getGlobalInstance(IUserManager.class, this);
+        if (userManager == null) {
+            return new Status(StatusCode.GONE, "User Manager not found");
+        }
+        
+        if (!authorize(userManager, UserLevel.NETWORKADMIN, request)) {
+            return new Status(StatusCode.FORBIDDEN, "Operation not permitted");
+        }
+        
+        if (newPassword.isEmpty()) {
+            return new Status(StatusCode.BADREQUEST, "Empty passwords not allowed");
+        }
+        
+        Status status = userManager.changeLocalUserPassword(username, currentPassword, newPassword);
+        
+        return status;
+    }
 
     /**
      * Is the operation permitted for the given level