diff --git a/app/controllers/admin/users_controller.rb b/app/controllers/admin/users_controller.rb
index 44c93471df4b137326f7d0e2b3276847446b9981..1432fff8821bf47f3ef4bb4c3b4930eadccb4ef0 100644
--- a/app/controllers/admin/users_controller.rb
+++ b/app/controllers/admin/users_controller.rb
@@ -45,6 +45,7 @@ class Admin::UsersController < Admin::ApplicationController
@user = User.new(user_params.merge(opts))
@user.created_by_id = current_user.id
@user.generate_password
+ @user.generate_reset_token
@user.skip_confirmation!
respond_to do |format|
diff --git a/app/mailers/emails/profile.rb b/app/mailers/emails/profile.rb
index f02d95fd557736b6a58887cf28bbff87c311ede2..4498b30691fcc2571a915a2e7ff607bfedd04f36 100644
--- a/app/mailers/emails/profile.rb
+++ b/app/mailers/emails/profile.rb
@@ -1,9 +1,10 @@
module Emails
module Profile
- def new_user_email(user_id, password)
+ def new_user_email(user_id, password, token)
@user = User.find(user_id)
@password = password
@target_url = user_url(@user)
+ @token = token
mail(to: @user.email, subject: subject("Account was created for you"))
end
diff --git a/app/models/user.rb b/app/models/user.rb
index 1910433659883db45a0557a35c76c5e8a8873391..512df5d6408f53404e0f5d22f4b3044d7c21ae3b 100644
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -240,6 +240,15 @@ class User < ActiveRecord::Base
end
end
+ def generate_reset_token
+ @token, enc = Devise.token_generator.generate(self.class, :reset_password_token)
+
+ self.reset_password_token = enc
+ self.reset_password_sent_at = Time.now.utc
+
+ @token
+ end
+
def namespace_uniq
namespace_name = self.username
if Namespace.find_by(path: namespace_name)
@@ -488,7 +497,7 @@ class User < ActiveRecord::Base
def post_create_hook
log_info("User \"#{self.name}\" (#{self.email}) was created")
- notification_service.new_user(self)
+ notification_service.new_user(self, @token)
system_hook_service.execute_hooks_for(self, :create)
end
diff --git a/app/services/notification_service.rb b/app/services/notification_service.rb
index e934c486c7534e5166f243707d5026e788897bf6..36d33e0d7ca85988a97f4fb4d4ce3ab2adba4213 100644
--- a/app/services/notification_service.rb
+++ b/app/services/notification_service.rb
@@ -105,9 +105,9 @@ class NotificationService
end
# Notify new user with email after creation
- def new_user(user)
+ def new_user(user, token = nil)
# Don't email omniauth created users
- mailer.new_user_email(user.id, user.password) unless user.extern_uid?
+ mailer.new_user_email(user.id, user.password, token) unless user.extern_uid?
end
# Notify users on new note in system
diff --git a/app/views/notify/new_user_email.html.haml b/app/views/notify/new_user_email.html.haml
index 09518cd3c7fc6b3bda686c84a8e23418ee138518..ebbe98dd472fe38b2ac76d7181b6b9f85ba79b09 100644
--- a/app/views/notify/new_user_email.html.haml
+++ b/app/views/notify/new_user_email.html.haml
@@ -11,11 +11,4 @@
- if @user.created_by_id
%p
- password..................................
- %code= @password
-
- %p
- You will be forced to change this password immediately after login.
-
-%p
- = link_to "Click here to login", root_url
+ = link_to "Click here to set your password", edit_password_url(@user, :reset_password_token => @token)
diff --git a/app/views/notify/new_user_email.text.erb b/app/views/notify/new_user_email.text.erb
index c21c95d30474ec3dc20d39a2f22142fae02772d7..96b26879a7720820b861fa6109b89574a5c37122 100644
--- a/app/views/notify/new_user_email.text.erb
+++ b/app/views/notify/new_user_email.text.erb
@@ -4,10 +4,5 @@ The Administrator created an account for you. Now you are a member of the compan
login.................. <%= @user.email %>
<% if @user.created_by_id %>
- password............... <%= @password %>
-
- You will be forced to change this password immediately after login.
+ <%= link_to "Click here to set your password", edit_password_url(@user, :reset_password_token => @token) %>
<% end %>
-
-
-Click here to login: <%= url_for(root_url) %>