Add --show-password flag to user reset-password (#394)

dsXLII · dsmith4-godaddy · danielbachhuber · web-flow · commit ca979c45ccb6 · 2023-05-18T03:23:46.000-07:00
* First draft of password reset flag to show new pass

* Correct indentation on feature test

* Add --porcelain flag for user reset-password

* Test for --porcelain

* PHPCS corrections

* PHPCS assignment alignment fix

* Fix feature test formatting

* Update README.md

---------

Co-authored-by: David E. Smith &lt;109608083+dsmith4-godaddy@users.noreply.github.com&gt;
Co-authored-by: Daniel Bachhuber &lt;daniel.bachhuber@automattic.com&gt;
diff --git a/README.md b/README.md
@@ -5300,7 +5300,7 @@ wp user remove-role <user> [<role>]
 Resets the password for one or more users.
 
 ~~~
-wp user reset-password <user>... [--skip-email]
+wp user reset-password <user>... [--skip-email] [--show-password] [--porcelain]
 ~~~
 
 **OPTIONS**
@@ -5311,6 +5311,12 @@ wp user reset-password <user>... [--skip-email]
 	[--skip-email]
 		Don't send an email notification to the affected user(s).
 
+	[--show-password]
+		Show the new password(s).
+
+	[--porcelain]
+		Output only the new password(s).
+
 **EXAMPLES**
 
     # Reset the password for two users and send them the change email.
@@ -5319,6 +5325,10 @@ wp user reset-password <user>... [--skip-email]
     Reset password for editor.
     Success: Passwords reset for 2 users.
 
+    # Reset the password for one user, displaying only the new password, and not sending the change email.
+    $ wp user reset-password admin --skip-email --porcelain
+    yV6BP*!d70wg
+
 
 
 ### wp user session
diff --git a/features/user-reset-password.feature b/features/user-reset-password.feature
@@ -41,3 +41,40 @@ Feature: Reset passwords for one or more WordPress users.
       """
       {ORIGINAL_PASSWORD}
       """
+
+  @require-wp-4.3
+  Scenario: Reset the password of a WordPress user, and show the new password
+    Given a WP installation
+
+    When I run `wp user get 1 --field=user_pass`
+    Then save STDOUT as {ORIGINAL_PASSWORD}
+
+    When I run `wp user reset-password 1 --skip-email --show-password`
+    Then STDOUT should contain:
+      """
+      Password:
+      """
+    And an email should not be sent
+
+    When I run `wp user get 1 --field=user_pass`
+    Then STDOUT should not contain:
+      """
+      {ORIGINAL_PASSWORD}
+      """
+
+  @require-wp-4.3
+  Scenario: Reset the password of a WordPress user, and show only the new password
+    Given a WP installation
+
+    When I run `wp user get 1 --field=user_pass`
+    Then save STDOUT as {ORIGINAL_PASSWORD}
+
+    When I run `wp user reset-password 1 --skip-email --porcelain`
+    Then STDOUT should not be empty
+    And an email should not be sent
+
+    When I run `wp user get 1 --field=user_pass`
+    Then STDOUT should not contain:
+      """
+      {ORIGINAL_PASSWORD}
+      """
diff --git a/src/User_Command.php b/src/User_Command.php
@@ -1092,6 +1092,12 @@ public function import_csv( $args, $assoc_args ) {
 	 * [--skip-email]
 	 * : Don't send an email notification to the affected user(s).
 	 *
+	 * [--show-password]
+	 * : Show the new password(s).
+	 *
+	 * [--porcelain]
+	 * : Output only the new password(s).
+	 *
 	 * ## EXAMPLES
 	 *
 	 *     # Reset the password for two users and send them the change email.
@@ -1100,35 +1106,50 @@ public function import_csv( $args, $assoc_args ) {
 	 *     Reset password for editor.
 	 *     Success: Passwords reset for 2 users.
 	 *
+	 *     # Reset the password for one user, displaying only the new password, and not sending the change email.
+	 *     $ wp user reset-password admin --skip-email --porcelain
+	 *     yV6BP*!d70wg
+	 *
 	 * @subcommand reset-password
 	 */
 	public function reset_password( $args, $assoc_args ) {
-		$skip_email = Utils\get_flag_value( $assoc_args, 'skip-email' );
+		$porcelain     = Utils\get_flag_value( $assoc_args, 'porcelain' );
+		$skip_email    = Utils\get_flag_value( $assoc_args, 'skip-email' );
+		$show_new_pass = Utils\get_flag_value( $assoc_args, 'show-password' );
+
 		if ( $skip_email ) {
 			add_filter( 'send_password_change_email', '__return_false' );
 		}
 		$fetcher = new UserFetcher();
 		$users   = $fetcher->get_many( $args );
 		foreach ( $users as $user ) {
+			$new_pass = wp_generate_password( 24 );
 			wp_update_user(
 				[
 					'ID'        => $user->ID,
-					'user_pass' => wp_generate_password( 24 ),
+					'user_pass' => $new_pass,
 				]
 			);
-			WP_CLI::log( "Reset password for {$user->user_login}." );
-		}
-		if ( $skip_email ) {
-			remove_filter( 'send_password_change_email', '__return_false' );
+			if ( $porcelain ) {
+				WP_CLI::line( "$new_pass" );
+			} else {
+				WP_CLI::log( "Reset password for {$user->user_login}." );
+				if ( $show_new_pass ) {
+					WP_CLI::line( "Password: $new_pass" );
+				}
+			}
 		}
 
 		$reset_user_count = count( $users );
-		if ( 1 === $reset_user_count ) {
-			WP_CLI::success( "Password reset for {$reset_user_count} user." );
-		} elseif ( $reset_user_count > 1 ) {
-			WP_CLI::success( "Passwords reset for {$reset_user_count} users." );
-		} else {
-			WP_CLI::error( 'No user found to reset password.' );
+
+		if ( ! $porcelain ) {
+			if ( 1 === $reset_user_count ) {
+				WP_CLI::success( "Password reset for {$reset_user_count} user." );
+			} elseif ( $reset_user_count > 1 ) {
+				WP_CLI::success( "Passwords reset for {$reset_user_count} users." );
+			} else {
+				WP_CLI::error( 'No user found to reset password.' );
+			}
 		}
 	}
 
