diff --git a/src/Umbraco.Web.BackOffice/DependencyInjection/UmbracoBuilderExtensions.cs b/src/Umbraco.Web.BackOffice/DependencyInjection/UmbracoBuilderExtensions.cs index 4fc0584f53..d678fa2279 100644 --- a/src/Umbraco.Web.BackOffice/DependencyInjection/UmbracoBuilderExtensions.cs +++ b/src/Umbraco.Web.BackOffice/DependencyInjection/UmbracoBuilderExtensions.cs @@ -85,9 +85,12 @@ namespace Umbraco.Extensions builder.Services.AddUnique(); builder.AddNotificationHandler(); + builder.AddNotificationHandler(); builder.AddNotificationHandler(); builder.AddNotificationHandler(); builder.AddNotificationHandler(); + builder.AddNotificationHandler(); + builder.AddNotificationHandler(); return builder; } diff --git a/src/Umbraco.Web.BackOffice/Security/BackOfficeUserManagerAuditer.cs b/src/Umbraco.Web.BackOffice/Security/BackOfficeUserManagerAuditer.cs index 40b9cf81a7..00b93a7c37 100644 --- a/src/Umbraco.Web.BackOffice/Security/BackOfficeUserManagerAuditer.cs +++ b/src/Umbraco.Web.BackOffice/Security/BackOfficeUserManagerAuditer.cs @@ -17,7 +17,9 @@ namespace Umbraco.Cms.Web.BackOffice.Security INotificationHandler, INotificationHandler, INotificationHandler, - INotificationHandler + INotificationHandler, + INotificationHandler, + INotificationHandler { private readonly IAuditService _auditService; private readonly IUserService _userService; @@ -51,6 +53,12 @@ namespace Umbraco.Cms.Web.BackOffice.Security public void Handle(UserForgotPasswordChangedNotification notification) => WriteAudit(notification.PerformingUserId, notification.AffectedUserId, notification.IpAddress, "umbraco/user/password/forgot/change", "password forgot/change"); + public void Handle(UserPasswordChangedNotification notification) => + WriteAudit(notification.PerformingUserId, notification.AffectedUserId, notification.IpAddress, "umbraco/user/password/change", "password change"); + + public void Handle(UserPasswordResetNotification notification) => + WriteAudit(notification.PerformingUserId, notification.AffectedUserId, notification.IpAddress, "umbraco/user/password/reset", "password reset"); + private IUser GetPerformingUser(string userId) { if (!int.TryParse(userId, out int asInt)) diff --git a/src/Umbraco.Web.Common/Security/BackOfficeUserManager.cs b/src/Umbraco.Web.Common/Security/BackOfficeUserManager.cs index 4fed85121a..459ed57138 100644 --- a/src/Umbraco.Web.Common/Security/BackOfficeUserManager.cs +++ b/src/Umbraco.Web.Common/Security/BackOfficeUserManager.cs @@ -123,7 +123,7 @@ namespace Umbraco.Cms.Web.Common.Security IdentityResult result = await base.ChangePasswordWithResetAsync(userId, token, newPassword); if (result.Succeeded) { - NotifyPasswordChanged(_httpContextAccessor.HttpContext?.User, userId); + NotifyPasswordReset(_httpContextAccessor.HttpContext?.User, userId); } return result; @@ -225,6 +225,10 @@ namespace Umbraco.Cms.Web.Common.Security (currentUserId, ip) => new UserPasswordChangedNotification(ip, userId, currentUserId) ); + public void NotifyPasswordReset(IPrincipal currentUser, string userId) => Notify(currentUser, + (currentUserId, ip) => new UserPasswordResetNotification(ip, userId, currentUserId) + ); + public void NotifyResetAccessFailedCount(IPrincipal currentUser, string userId) => Notify(currentUser, (currentUserId, ip) => new UserResetAccessFailedCountNotification(ip, userId, currentUserId) ); diff --git a/src/Umbraco.Web.Common/Security/UserPasswordResetNotification.cs b/src/Umbraco.Web.Common/Security/UserPasswordResetNotification.cs new file mode 100644 index 0000000000..618fa04f4c --- /dev/null +++ b/src/Umbraco.Web.Common/Security/UserPasswordResetNotification.cs @@ -0,0 +1,9 @@ +namespace Umbraco.Cms.Web.Common.Security +{ + public class UserPasswordResetNotification : UserNotification + { + public UserPasswordResetNotification(string ipAddress, string affectedUserId, string performingUserId) : base(ipAddress, affectedUserId, performingUserId) + { + } + } +}