feat:add command to manage user passwords (#524)

Author: ChayanDass

cmd/harbor/root/cmd.go

@@ -151,6 +151,10 @@ harbor help
 	cmd.GroupID = "access"
 	root.AddCommand(cmd)
 
+	cmd = PasswordCommand()
+	cmd.GroupID = "access"
+	root.AddCommand(cmd)
+
 	// System
 	cmd = context.Context()
 	cmd.GroupID = "system"

cmd/harbor/root/password.go

@@ -0,0 +1,106 @@
+// Copyright Project Harbor Authors
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+package root
+
+import (
+	"fmt"
+
+	"github.com/goharbor/go-client/pkg/sdk/v2.0/client/user"
+	"github.com/goharbor/go-client/pkg/sdk/v2.0/models"
+	"github.com/goharbor/harbor-cli/pkg/utils"
+	"github.com/goharbor/harbor-cli/pkg/views/password/change"
+	"github.com/spf13/cobra"
+)
+
+func PasswordCommand() *cobra.Command {
+	var opts change.PasswordChangeView
+
+	cmd := &cobra.Command{
+		Use:   "password",
+		Short: "Change your password",
+		Args:  cobra.MinimumNArgs(0),
+		RunE: func(cmd *cobra.Command, args []string) error {
+			change.ChangePasswordView(&opts)
+
+			err := UpdatePassword(&opts)
+			if err != nil {
+				return fmt.Errorf("error changing password:%v", err)
+			}
+			return nil
+		},
+	}
+
+	return cmd
+}
+
+func UpdatePassword(opts *change.PasswordChangeView) error {
+	ctx, client, err := utils.ContextWithClient()
+	if err != nil {
+		return err
+	}
+
+	userResp, err := client.User.GetCurrentUserInfo(ctx, &user.GetCurrentUserInfoParams{})
+	if err != nil {
+		return err
+	}
+
+	_, err = client.User.UpdateUserPassword(ctx, &user.UpdateUserPasswordParams{
+		Password: &models.PasswordReq{
+			OldPassword: opts.OldPassword,
+			NewPassword: opts.NewPassword,
+		},
+		UserID: userResp.Payload.UserID,
+	})
+	if err != nil {
+		return err
+	}
+	if err := utils.GenerateEncryptionKey(); err != nil {
+		fmt.Println("Encryption key already exists or could not be created:", err)
+	}
+
+	key, err := utils.GetEncryptionKey()
+	if err != nil {
+		return fmt.Errorf("failed to get encryption key: %s", err)
+	}
+
+	encryptedPassword, err := utils.Encrypt(key, []byte(opts.NewPassword))
+	if err != nil {
+		return fmt.Errorf("failed to encrypt password: %s", err)
+	}
+
+	config, err := utils.GetCurrentHarborConfig()
+	if err != nil {
+		return fmt.Errorf("failed to get current Harbor config: %v", err)
+	}
+
+	credentialName := config.CurrentCredentialName
+
+	existingCred, _ := utils.GetCredentials(credentialName)
+	cred := utils.Credential{
+		Name:          existingCred.Name,
+		Username:      existingCred.Username,
+		Password:      encryptedPassword,
+		ServerAddress: existingCred.ServerAddress,
+	}
+	harborData, err := utils.GetCurrentHarborData()
+	if err != nil {
+		return fmt.Errorf("failed to get current harbor data: %s", err)
+	}
+	configPath := harborData.ConfigPath
+
+	if err = utils.UpdateCredentialsInConfigFile(cred, configPath); err != nil {
+		return fmt.Errorf("failed to update credentials: %s", err)
+	}
+	return nil
+}

cmd/harbor/root/user/cmd.go

@@ -30,6 +30,7 @@ func User() *cobra.Command {
 		UserCreateCmd(),
 		UserDeleteCmd(),
 		ElevateUserCmd(),
+		UserPasswordChangeCmd(),
 	)
 
 	return cmd

cmd/harbor/root/user/password.go

@@ -0,0 +1,68 @@
+// Copyright Project Harbor Authors
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package user
+
+import (
+	"github.com/goharbor/harbor-cli/pkg/api"
+	"github.com/goharbor/harbor-cli/pkg/prompt"
+	"github.com/goharbor/harbor-cli/pkg/views/password/reset"
+	log "github.com/sirupsen/logrus"
+	"github.com/spf13/cobra"
+)
+
+func UserPasswordChangeCmd() *cobra.Command {
+	var opts reset.PasswordChangeView
+
+	cmd := &cobra.Command{
+		Use:   "password",
+		Short: "Reset user password by name or id",
+		Long:  "Allows admin to reset the password for a specified user or select interactively if no username is provided.",
+		Args:  cobra.MinimumNArgs(0),
+		Run: func(cmd *cobra.Command, args []string) {
+			var userId int64
+			var err error
+			resetView := &reset.PasswordChangeView{
+				NewPassword:     opts.NewPassword,
+				ConfirmPassword: opts.ConfirmPassword,
+			}
+
+			if len(args) > 0 {
+				userId, err = api.GetUsersIdByName(args[0])
+				if err != nil {
+					log.Errorf("failed to get user id for '%s': %v", args[0], err)
+					return
+				}
+				if userId == 0 {
+					log.Errorf("User with name '%s' not found", args[0])
+					return
+				}
+			} else {
+				userId = prompt.GetUserIdFromUser()
+			}
+
+			reset.ChangePasswordView(resetView)
+
+			err = api.ResetPassword(userId, opts)
+			if err != nil {
+				if isUnauthorizedError(err) {
+					log.Error("Permission denied: Admin privileges are required to execute this command.")
+				} else {
+					log.Errorf("failed to reset user password: %v", err)
+				}
+			}
+		},
+	}
+	return cmd
+}

doc/cli-docs/harbor-password.md

@@ -0,0 +1,32 @@
+---
+title: harbor password
+weight: 55
+---
+## harbor password
+
+### Description
+
+##### Change your password
+
+```sh
+harbor password [flags]
+```
+
+### Options
+
+```sh
+  -h, --help   help for password
+```
+
+### Options inherited from parent commands
+
+```sh
+  -c, --config string          config file (default is $HOME/.config/harbor-cli/config.yaml)
+  -o, --output-format string   Output format. One of: json|yaml
+  -v, --verbose                verbose output
+```
+
+### SEE ALSO
+
+* [harbor](harbor.md)	 - Official Harbor CLI
+

doc/cli-docs/harbor-user-password.md

@@ -0,0 +1,36 @@
+---
+title: harbor user password
+weight: 30
+---
+## harbor user password
+
+### Description
+
+##### Reset user password by name or id
+
+### Synopsis
+
+Allows admin to reset the password for a specified user or select interactively if no username is provided.
+
+```sh
+harbor user password [flags]
+```
+
+### Options
+
+```sh
+  -h, --help   help for password
+```
+
+### Options inherited from parent commands
+
+```sh
+  -c, --config string          config file (default is $HOME/.config/harbor-cli/config.yaml)
+  -o, --output-format string   Output format. One of: json|yaml
+  -v, --verbose                verbose output
+```
+
+### SEE ALSO
+
+* [harbor user](harbor-user.md)	 - Manage users
+

doc/cli-docs/harbor-user.md

@@ -39,4 +39,5 @@ Manage users in Harbor
 * [harbor user delete](harbor-user-delete.md)	 - delete user by name or id
 * [harbor user elevate](harbor-user-elevate.md)	 - elevate user
 * [harbor user list](harbor-user-list.md)	 - List users
+* [harbor user password](harbor-user-password.md)	 - Reset user password by name or id
 

doc/cli-docs/harbor.md

@@ -44,6 +44,7 @@ harbor help
 * [harbor label](harbor-label.md)	 - Manage labels in Harbor
 * [harbor login](harbor-login.md)	 - Log in to Harbor registry
 * [harbor logs](harbor-logs.md)	 - Get recent logs of the projects which the user is a member of
+* [harbor password](harbor-password.md)	 - Change your password
 * [harbor project](harbor-project.md)	 - Manage projects and assign resources to them
 * [harbor quota](harbor-quota.md)	 - Manage quotas
 * [harbor registry](harbor-registry.md)	 - Manage registries

doc/man-docs/man1/harbor-password.1

@@ -0,0 +1,35 @@
+.nh
+.TH "HARBOR" "1"  "Harbor Community" "Harbor User Manuals"
+
+.SH NAME
+harbor-password - Change your password
+
+
+.SH SYNOPSIS
+\fBharbor password [flags]\fP
+
+
+.SH DESCRIPTION
+Change your password
+
+
+.SH OPTIONS
+\fB-h\fP, \fB--help\fP[=false]
+	help for password
+
+
+.SH OPTIONS INHERITED FROM PARENT COMMANDS
+\fB-c\fP, \fB--config\fP=""
+	config file (default is $HOME/.config/harbor-cli/config.yaml)
+
+.PP
+\fB-o\fP, \fB--output-format\fP=""
+	Output format. One of: json|yaml
+
+.PP
+\fB-v\fP, \fB--verbose\fP[=false]
+	verbose output
+
+
+.SH SEE ALSO
+\fBharbor(1)\fP

doc/man-docs/man1/harbor-user-password.1

@@ -0,0 +1,35 @@
+.nh
+.TH "HARBOR" "1"  "Harbor Community" "Harbor User Manuals"
+
+.SH NAME
+harbor-user-password - Reset user password by name or id
+
+
+.SH SYNOPSIS
+\fBharbor user password [flags]\fP
+
+
+.SH DESCRIPTION
+Allows admin to reset the password for a specified user or select interactively if no username is provided.
+
+
+.SH OPTIONS
+\fB-h\fP, \fB--help\fP[=false]
+	help for password
+
+
+.SH OPTIONS INHERITED FROM PARENT COMMANDS
+\fB-c\fP, \fB--config\fP=""
+	config file (default is $HOME/.config/harbor-cli/config.yaml)
+
+.PP
+\fB-o\fP, \fB--output-format\fP=""
+	Output format. One of: json|yaml
+
+.PP
+\fB-v\fP, \fB--verbose\fP[=false]
+	verbose output
+
+
+.SH SEE ALSO
+\fBharbor-user(1)\fP