directlx
/
dlx-claude
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
dlx-claude/memory/hiveops-mgmt/MEMORY.md

46 lines
2.0 KiB
Markdown
Raw Blame History

# HiveOps Management Portal - Memory
## Admin Password Reset Feature
Successfully implemented admin password reset functionality for portal users.
### Key Implementation Details
**Backend Components:**
- `AuditLog.java`: Added USER_PASSWORD_RESET, USER_ENABLED, USER_DISABLED enum values
- `AuditService.java`: Added logPasswordReset(), logUserEnabled(), logUserDisabled() methods
- `UserRepository.java`: Added search() method with JPQL query for email/name search
- `ResetPasswordRequest.java`: DTO with password validation (min 8, max 100 chars)
- `UserService.java`: Enhanced with findAll(), searchUsers(), resetPassword(), enableUser(), disableUser()
- `PortalUserController.java`: New controller at /portal/users with ADMIN role authorization
- `SecurityConfig.java`: Added authorization rule for /portal/users/** requiring ADMIN role
**Frontend Components:**
- `list.html`: User list with search, role filter, and pagination
- `view.html`: User details with action buttons (reset password, enable/disable)
- `reset-password.html`: Password reset form with validation
- `base.html`: Added Users menu item in sidebar (ADMIN only)
### Security Patterns
- BCrypt password encoding (strength 12)
- @PreAuthorize("hasRole('ADMIN')") on controller
- Prevents admin from disabling own account
- All actions logged to audit_logs table with admin email, target user email, and IP address
### Common Patterns in Portal
- Flash messages via RedirectAttributes (success/error)
- getClientIp() helper extracts IP from X-Forwarded-For or remote address
- Pagination with PageRequest.of(page, size, Sort)
- Bootstrap 5 styling with badges for status/role
- Thymeleaf validation with .invalid-feedback for errors
### Testing Checklist
1. Login as admin@directlx.dev / admin123
2. Navigate to Users menu (visible to ADMIN only)
3. Search users by email/name
4. View user details
5. Reset password (validate min 8 chars, matching confirmation)
6. Enable/disable user (cannot disable self)
7. Verify audit log entries created
8. Test login with new password
Reference in New Issue View Git Blame Copy Permalink