Feature/epic 12881 self reset password

sormas-api/src/main/java/de/symeda/sormas/api/feature/FeatureType.java

@@ -331,7 +331,8 @@ public enum FeatureType {
 			CASE_SURVEILANCE,
 			CONTACT_TRACING },
 		null,
-		ImmutableMap.of(FeatureTypeProperty.S2S_SHARING, Boolean.FALSE));
+		ImmutableMap.of(FeatureTypeProperty.S2S_SHARING, Boolean.FALSE)),
+	SELF_PASSWORD_RESET(true, false, null, null,null);
 
 	public static final FeatureType[] SURVEILLANCE_FEATURE_TYPES = {
 		FeatureType.CASE_SURVEILANCE,

sormas-api/src/main/java/de/symeda/sormas/api/i18n/Captions.java

@@ -972,6 +972,7 @@ public interface Captions {
 	String Configuration_LineListing = "Configuration.LineListing";
 	String Configuration_Outbreaks = "Configuration.Outbreaks";
 	String Configuration_PointsOfEntry = "Configuration.PointsOfEntry";
+	String confirmPassword = "confirmPassword";
 	String Contact = "Contact";
 	String Contact_additionalDetails = "Contact.additionalDetails";
 	String Contact_ageAndBirthDate = "Contact.ageAndBirthDate";
@@ -1170,6 +1171,7 @@ public interface Captions {
 	String countryArchivedCountries = "countryArchivedCountries";
 	String createSymptomJournalAccountButton = "createSymptomJournalAccountButton";
 	String creationDate = "creationDate";
+	String currentPassword = "currentPassword";
 	String CustomizableEnum_hasDetails = "CustomizableEnum.hasDetails";
 	String CustomizableEnum_hasDetails_short = "CustomizableEnum.hasDetails.short";
 	String CustomizableEnumValue_active = "CustomizableEnumValue.active";
@@ -2132,6 +2134,7 @@ public interface Captions {
 	String outbreakNormal = "outbreakNormal";
 	String outbreakOutbreak = "outbreakOutbreak";
 	String passportNumber = "passportNumber";
+	String passwordStrength = "passwordStrength";
 	String PathogenTest = "PathogenTest";
 	String PathogenTest_cqValue = "PathogenTest.cqValue";
 	String PathogenTest_ctValueE = "PathogenTest.ctValueE";
@@ -3050,6 +3053,7 @@ public interface Captions {
 	String treatmentOpenPrescription = "treatmentOpenPrescription";
 	String unassigned = "unassigned";
 	String unknown = "unknown";
+	String updatePassword = "updatePassword";
 	String User = "User";
 	String User_active = "User.active";
 	String User_address = "User.address";
@@ -3068,6 +3072,7 @@ public interface Captions {
 	String User_userName = "User.userName";
 	String User_userRoles = "User.userRoles";
 	String User_uuid = "User.uuid";
+	String userGeneratePassword = "userGeneratePassword";
 	String userMyUserId = "userMyUserId";
 	String userNewUser = "userNewUser";
 	String userResetPassword = "userResetPassword";

sormas-api/src/main/java/de/symeda/sormas/api/i18n/Strings.java

@@ -194,6 +194,8 @@ public interface Strings {
 	String confirmationVaccinationStatusUpdate = "confirmationVaccinationStatusUpdate";
 	String confirmExternalMessageCorrectionThrough = "confirmExternalMessageCorrectionThrough";
 	String confirmNetworkDiagramTooManyContacts = "confirmNetworkDiagramTooManyContacts";
+	String confirmPassword = "confirmPassword";
+	String currentPassword = "currentPassword";
 	String date = "date";
 	String day = "day";
 	String DefaultPassword_newPassword = "DefaultPassword.newPassword";
@@ -487,6 +489,7 @@ public interface Strings {
 	String headingcasesWithReferenceDefinitionFulfilled = "headingcasesWithReferenceDefinitionFulfilled";
 	String headingCaution = "headingCaution";
 	String headingChangeCaseDisease = "headingChangeCaseDisease";
+	String headingChangePassword = "headingChangePassword";
 	String headingChangePathogenTestResult = "headingChangePathogenTestResult";
 	String headingClinicalMeasurements = "headingClinicalMeasurements";
 	String headingClinicalVisitsDeleted = "headingClinicalVisitsDeleted";
@@ -873,6 +876,7 @@ public interface Strings {
 	String headingUpdatedPersonInformation = "headingUpdatedPersonInformation";
 	String headingUpdatedSampleInformation = "headingUpdatedSampleInformation";
 	String headingUpdatePassword = "headingUpdatePassword";
+	String headingUpdatePasswordFailed = "headingUpdatePasswordFailed";
 	String headingUpdatePersonContactDetails = "headingUpdatePersonContactDetails";
 	String headingUploadSuccess = "headingUploadSuccess";
 	String headingUserData = "headingUserData";
@@ -1433,6 +1437,8 @@ public interface Strings {
 	String messageMissingDateFilter = "messageMissingDateFilter";
 	String messageMissingEpiWeekFilter = "messageMissingEpiWeekFilter";
 	String messageMultipleSampleReports = "messageMultipleSampleReports";
+	String messageNewPasswordDoesNotMatchFailed = "messageNewPasswordDoesNotMatchFailed";
+	String messageNewPasswordFailed = "messageNewPasswordFailed";
 	String messageNoCaseFound = "messageNoCaseFound";
 	String messageNoCaseFoundToLinkImmunization = "messageNoCaseFoundToLinkImmunization";
 	String messageNoCasesSelected = "messageNoCasesSelected";
@@ -1470,6 +1476,8 @@ public interface Strings {
 	String messageNoVisitsSelected = "messageNoVisitsSelected";
 	String messageOtherDeleteReasonNotFilled = "messageOtherDeleteReasonNotFilled";
 	String messageOutbreakSaved = "messageOutbreakSaved";
+	String messagePasswordChange = "messagePasswordChange";
+	String messagePasswordFailed = "messagePasswordFailed";
 	String messagePasswordReset = "messagePasswordReset";
 	String messagePasswordResetEmailLink = "messagePasswordResetEmailLink";
 	String messagePathogenTestSaved = "messagePathogenTestSaved";
@@ -1581,6 +1589,7 @@ public interface Strings {
 	String messageVisitsDeleted = "messageVisitsDeleted";
 	String messageVisitsWithWrongStatusNotCancelled = "messageVisitsWithWrongStatusNotCancelled";
 	String messageVisitsWithWrongStatusNotSetToLost = "messageVisitsWithWrongStatusNotSetToLost";
+	String messageWrongCurrentPassword = "messageWrongCurrentPassword";
 	String messageWrongFileType = "messageWrongFileType";
 	String messageWrongTemplateFileType = "messageWrongTemplateFileType";
 	String min = "min";
@@ -1646,6 +1655,7 @@ public interface Strings {
 	String of = "of";
 	String on = "on";
 	String or = "or";
+	String passwordStrength = "passwordStrength";
 	String pathogenTestDeletedDuringLabMessageConversion = "pathogenTestDeletedDuringLabMessageConversion";
 	String pleaseSpecify = "pleaseSpecify";
 	String populationDataByArea = "populationDataByArea";
@@ -1813,6 +1823,7 @@ public interface Strings {
 	String unsavedChanges_warningMessage = "unsavedChanges.warningMessage";
 	String unsavedChanges_warningTitle = "unsavedChanges.warningTitle";
 	String until = "until";
+	String updatePassword = "updatePassword";
 	String uuidOf = "uuidOf";
 	String warningDashboardMapTooManyMarkers = "warningDashboardMapTooManyMarkers";
 	String warningNetworkDiagramTooManyContacts = "warningNetworkDiagramTooManyContacts";

sormas-api/src/main/java/de/symeda/sormas/api/user/UserDto.java

@@ -69,9 +69,17 @@ public class UserDto extends EntityDto {
 	public static final String HAS_CONSENTED_TO_GDPR = "hasConsentedToGdpr";
 	public static final String EXTERNAL_ID = "externalId";
 	public static final String JURISDICTION_LEVEL = "jurisdictionLevel";
+	public static final String PASSWORD = "currentPassword";
+	public static final String NEW_PASSWORD = "newPassword";
+	public static final String CONFIRM_PASSWORD = "confirmPassword";
 
 	private boolean active = true;
 
+	private String currentPassword;
+	private String newPassword;
+	private String confirmPassword;
+	private String passwordStrength;
+
 	@Size(max = FieldConstraints.CHARACTER_LIMIT_DEFAULT, message = Validations.textTooLong)
 	@AuditIncludeProperty
 	private String userName;
@@ -296,4 +304,37 @@ public JurisdictionLevel getJurisdictionLevel() {
 	public void setJurisdictionLevel(JurisdictionLevel jurisdictionLevel) {
 		this.jurisdictionLevel = jurisdictionLevel;
 	}
+
+	public void setCurrentPassword(String currentPassword) {
+		this.currentPassword = currentPassword;
+	}
+
+	public String getCurrentPassword() {
+		return currentPassword;
+	}
+
+	public void setNewPassword(String newPassword) {
+		this.newPassword = newPassword;
+	}
+
+	public String getNewPassword() {
+		return newPassword;
+	}
+
+	public void setConfirmPassword(String confirmPassword) {
+		this.confirmPassword = confirmPassword;
+	}
+
+	public String getConfirmPassword() {
+		return confirmPassword;
+	}
+
+	public void setPasswordStrength(String passwordStrength) {
+		this.passwordStrength = passwordStrength;
+	}
+
+	public String getPasswordStrength() {
+		return passwordStrength;
+	}
+
 }

sormas-api/src/main/java/de/symeda/sormas/api/user/UserFacade.java

@@ -52,12 +52,22 @@ public interface UserFacade {
 
 	String resetPassword(String uuid);
 
+	String updateUserPassword(String uuid, String newPassword);
+
+	boolean validateCurrentPassword(String password);
+
+	String checkPasswordStrength(String password);
+
+	boolean isPasswordWeak(String password);
+
+	String generatePassword();
+
 	List<UserDto> getAllAfter(Date date);
 
 	UserDto getByUserName(String userName);
 
 	/**
-	 * 
+	 *
 	 * @param regionRef
 	 *            reference of the region to be filtered for. When this region is null, it is not filtered in this regard.
 	 *            NOTE: some users don't have a region (often users with NATIONAL_USER role, for example). They will
@@ -79,7 +89,7 @@ public interface UserFacade {
 	long count(UserCriteria userCriteria);
 
 	/**
-	 * 
+	 *
 	 * @param district
 	 *            reference of the district to be filtered for. When this district is null, it is not filtered in this regard.
 	 *            NOTE: some users don't have a district (often users with NATIONAL_USER role, for example). They will
@@ -93,7 +103,7 @@ public interface UserFacade {
 	List<UserReferenceDto> getUserRefsByDistrict(DistrictReferenceDto district, Disease limitedDisease, UserRight... userRights);
 
 	/**
-	 * 
+	 *
 	 * @param district
 	 *            reference of the district to be filtered for. When this district is null, it is not filtered in this regard.
 	 *            NOTE: some users don't have a district (often users with NATIONAL_USER role, for example). They will
@@ -160,7 +170,7 @@ List<UserReferenceDto> getUserRefsByInfrastructure(
 	/**
 	 * Retrieves the user rights of the user specified by the passed UUID, or those of the current user if no UUID is specified.
 	 * Requesting the user rights of another user without the rights to view users and user roles results in an AccessDeniedException.
-	 * 
+	 *
 	 * @param userUuid
 	 *            The UUID of the user to request the user rights for
 	 * @return A set containing the user rights associated to all user roles assigned to the user

sormas-api/src/main/java/de/symeda/sormas/api/user/UserPasswordChangeDto.java

@@ -0,0 +1,50 @@
+/*
+ * SORMAS® - Surveillance Outbreak Response Management & Analysis System
+ * Copyright © 2016-2023 Helmholtz-Zentrum für Infektionsforschung GmbH (HZI)
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ * You should have received a copy of the GNU General Public License
+ * along with this program. If not, see <https://www.gnu.org/licenses/>.
+ */
+
+package de.symeda.sormas.api.user;
+
+import java.io.Serializable;
+
+public class UserPasswordChangeDto implements Serializable {
+
+	private static final long serialVersionUID = 6269655187128160377L;
+
+	private String uuid;
+	private String newPassword;
+
+	public String getUuid() {
+		return uuid;
+	}
+
+	public void setUuid(String uuid) {
+		this.uuid = uuid;
+	}
+
+	public String getNewPassword() {
+		return newPassword;
+	}
+
+	public void setNewPassword(String newPassword) {
+		this.newPassword = newPassword;
+	}
+
+	public UserPasswordChangeDto(String uuid, String newPassword) {
+		this.uuid = uuid;
+		this.newPassword = newPassword;
+	}
+
+	public UserPasswordChangeDto() {
+	}
+}

sormas-api/src/main/resources/captions.properties

@@ -2975,6 +2975,7 @@ TreatmentExport.caseName=Case name
 userNewUser=New user
 userMyUserId=My user ID
 userResetPassword=Create new password
+userGeneratePassword=Generate new password
 userUpdatePasswordConfirmation=Really update password?
 sync=Sync
 syncUsers=Sync Users
@@ -3000,6 +3001,11 @@ User.district=District
 User.community=Community
 User.externalId=External ID
 userRestrictDiseases=Restrict access to specific diseases
+currentPassword=Enter Current Password
+updatePassword=Enter new Password
+confirmPassword=Confirm new Password
+passwordStrength=Password strength
+
 # Vaccination
 vaccinationNewVaccination=New vaccination
 vaccinationNoVaccinationsForPerson=There are no vaccinations for this person

sormas-api/src/main/resources/strings.properties

@@ -629,6 +629,7 @@ headingLineListing = Line listing
 headingLineListingImport = Line listing import
 headingLocation = Location
 headingLoginFailed = Login failed
+headingUpdatePasswordFailed = Update password failed
 headingMaternalHistory = Maternal history
 headingMedicalInformation = Additional medical information
 headingMissingDateFilter = Missing date filter
@@ -660,6 +661,10 @@ headingOutbreakIn = Outbreak in
 headingPathogenTestsDeleted = Pathogen tests deleted
 headingPaperFormDates = Reception dates of paper form
 headingPersonData = Person data
+currentPassword=Enter Current Password
+updatePassword=Enter new Password
+confirmPassword=Confirm new Password
+passwordStrength=Password strength
 headingPersonInformation = Person information
 headingPersonOccupation = Occupation & education
 headingPickEventGroup = Pick event group
@@ -711,6 +716,7 @@ headingReferCaseFromPointOfEntry = Refer case from point of entry
 headingTreatments = Executed treatments
 headingTreatmentsDeleted = Treatments deleted
 headingUpdatePassword = Update password
+headingChangePassword = Change password
 headingUploadSuccess = Upload Successful
 headingUserData = User data
 headingVaccination = Vaccination
@@ -1315,6 +1321,9 @@ messageUploadSuccessful = Upload successful! You can now close this window.
 messageIncompleteGpsCoordinates = GPS coordinates are incomplete
 messageExternalMessagesAssigned = The assignee has been changed for all selected messages
 messageLoginFailed = Please check your username and password and try again
+messageNewPasswordDoesNotMatchFailed = New password and Confirm password does not match
+messagePasswordFailed = Incorrect Password Please check your Password and try again
+messageNewPasswordFailed = Password should contain some text, \n some numbers \n and should be more than 8 characters
 messageMissingCases = Please generate some cases before generating contacts
 messageMissingDateFilter = Please fill in both date filter fields
 messageMissingEpiWeekFilter = Please fill in both epi week filter fields
@@ -1344,6 +1353,7 @@ messageNoUsersSelected = You have not selected any users
 messageNoUserSelected = No user has been selected
 messageOutbreakSaved = Outbreak information saved
 messagePasswordReset = User's password was reset
+messagePasswordChange = User's password was changed successfully
 messagePasswordResetEmailLink = A link to reset the password was sent to the user's email
 messagePathogenTestSaved = Pathogen test saved. The classification of its associated case was automatically changed to %s.
 messagePathogenTestSavedShort = Pathogen test saved
@@ -1392,6 +1402,7 @@ messageVaccinationOutsideJurisdictionDeletionDenied = The vaccination outside us
 messageVisitsDeleted = All selected eligible visits have been deleted
 messageVisitsWithWrongStatusNotCancelled = Follow-up visits with CANCELLED or NO FOLLOW-UP status can not be cancelled
 messageVisitsWithWrongStatusNotSetToLost = Follow-up visits with NO FOLLOW-UP status can not be set to lost
+messageWrongCurrentPassword = Wrong Current Password
 messageWrongFileType = Please provide a .csv file containing the data you want to import. It's recommended to use the import template file as a starting point.
 messageWrongTemplateFileType=For %s, please provide a .%s file.
 messageLineListingDisabled = Line listing has been disabled

sormas-app/app/src/main/AndroidManifest.xml

@@ -13,6 +13,7 @@
     <uses-feature android:name="android.hardware.location.gps" />
     <uses-permission android:name="android.permission.CAMERA" />
     <uses-permission android:name="android.permission.FOREGROUND_SERVICE"/>
+    <uses-permission android:name="android.permission.ACCESS_COARSE_LOCATION" />
 
     <application
         android:name=".SormasApplication"
@@ -490,6 +491,13 @@
         <activity
             android:name=".barcode.BarcodeActivity" />
 
+        <activity
+                android:name=".login.ChangePasswordActivity"
+                android:launchMode="singleTop"
+                android:screenOrientation="portrait"
+                android:theme="@style/SormasTheme"
+                android:windowSoftInputMode="stateHidden" />
+
         <receiver
             android:name=".SormasBootstrap"
             android:enabled="true"

sormas-app/app/src/main/java/de/symeda/sormas/app/backend/config/ConfigProvider.java

@@ -312,6 +312,16 @@ public static void setUsernameAndPassword(String username, String password) {
 		}
 	}
 
+	public static void setNewPassword(String password) {
+
+		if (password == null)
+			throw new NullPointerException("password");
+		password = instance.encodeCredential(password, "Password");
+
+		instance.password = password;
+		DatabaseHelper.getConfigDao().createOrUpdate(new Config(KEY_PASSWORD, password));
+	}
+
 	public static void setPin(String pin) {
 		if (pin == null) {
 			throw new NullPointerException("pin");
@@ -621,7 +631,7 @@ public static void setAccessGranted(Boolean accessGranted) {
 	/**
 	 * When no locale is set Locale.getDefault is set.
 	 * (Actually not relevant, because the locale is always updated to the server's, so this is just a fallback).
-	 * 
+	 *
 	 * @return Will never be null.
 	 */
 	public static String getServerLocale() {