Users: enable admins to send users a reset password link.

Add a feature so Admins can send users a 'password reset' email. This doesn't change the password or force a password change. It only emails the user the password reset link.

The feature appears in several places:
* A "Send Reset Link" button on user profile screen.
* A "Send password reset" option in the user list bulk action dropdown.
* A "Send password reset" quick action when hovering over a username in the user list.

Props Ipstenu, DrewAPicture, eventualo, wonderboymusic, knutsp, ericlewis, afercia, JoshuaWold, johnbillion, paaljoachim, hedgefield.
Fixes #34281.



git-svn-id: https://develop.svn.wordpress.org/trunk@50129 602fd350-edb4-49c9-b593-d223f7449a82
This commit is contained in:
Adam Silverstein
2021-02-01 22:11:46 +00:00
parent c2bc4dfa61
commit 193a5dae21
9 changed files with 354 additions and 158 deletions

View File

@@ -5398,3 +5398,33 @@ function wp_ajax_toggle_auto_updates() {
wp_send_json_success();
}
/**
* Ajax handler sends a password reset link.
*
* @since 5.7.0
*/
function wp_ajax_send_password_reset() {
// Validate the nonce for this action.
$user_id = isset( $_POST['user_id'] ) ? (int) $_POST['user_id'] : 0;
check_ajax_referer( 'reset-password-for-' . $user_id, 'nonce' );
// Verify user capabilities.
if ( ! current_user_can( 'edit_user', $user_id ) ) {
wp_send_json_error( __( 'Cannot send password reset, permission denied.' ) );
}
// Send the password reset link.
$user = get_userdata( $user_id );
$results = retrieve_password( $user->user_login );
if ( true === $results ) {
wp_send_json_success(
/* translators: 1: User's display name. */
sprintf( __( 'A password reset link was emailed to %s.' ), $user->display_name )
);
} else {
wp_send_json_error( $results );
}
}

View File

@@ -274,6 +274,11 @@ class WP_Users_List_Table extends WP_List_Table {
}
}
// Add a password reset link to the bulk actions dropdown.
if ( current_user_can( 'edit_users' ) ) {
$actions['resetpassword'] = __( 'Send password reset' );
}
return $actions;
}
@@ -469,6 +474,11 @@ class WP_Users_List_Table extends WP_List_Table {
);
}
// Add a link to send the user a reset password link by email.
if ( get_current_user_id() !== $user_object->ID && current_user_can( 'edit_user', $user_object->ID ) ) {
$actions['resetpassword'] = "<a class='resetpassword' href='" . wp_nonce_url( "users.php?action=resetpassword&amp;users=$user_object->ID", 'bulk-users' ) . "'>" . __( 'Send password reset' ) . '</a>';
}
/**
* Filters the action links displayed under each user in the Users list table.
*