diff --git a/app/controllers/entities_controller.rb b/app/controllers/entities_c

1. diff --git a/app/controllers/entities_controller.rb b/app/controllers/entities_controller.rb
2. index b50d410..11274af 100644
3. --- a/app/controllers/entities_controller.rb
4. +++ b/app/controllers/entities_controller.rb
5. @@ -127,7 +127,7 @@ def setup_existing_guest
6. entity = Entity.find_by_email(params[:email])
7. entity_role = nil
8. if entity.present?
9. - role_hash = { login: params[:email], password: random_password, active: true}
10. + role_hash = { login: params[:email], password: User.random_password, active: true}
11. entity_role = entity.send(:as_user, role_hash)
12. unless entity_role.roles.include?("guest_user")
13. roles = entity_role.roles.present? ? "#{entity_role.roles}, guest_user" : "guest_user"
14. @@ -311,26 +311,8 @@ def guest_entity_profile
15. end
16.  
17. def password_reset
18. - entity = Entity.find_by_email(params[:email])
19. - if entity.present?
20. - system_user = entity.entity_roles.where(system_role_type: "User")
21. - if system_user.present?
22. - user_id = system_user.first.system_role_id
23. - user = User.find(user_id)
24. - if user.present?
25. - password = random_password
26. - user.update_attributes(password: password, display_profile: true)
27. - UserMailer.send_login_details(params[:email], user.login, password).deliver
28. - @message = 'success'
29. - else
30. - @message = "failure"
31. - end
32. - else
33. - @message = "failure"
34. - end
35. - else
36. - @message = "failure"
37. - end
38. + entity = Entity.find_by_email_and_role_or_no_entity(params[:email], "User")
39. + @message = entity.reset_user_password("User") ? "success" : "failure"
40. respond_to do |format|
41. format.json { render json: { message: @message } }
42. end
43. @@ -412,10 +394,4 @@ def role
44. def search_matching_entity(entity)
45. Entity.where(Entity.conditions_by_criteria(entity,:strip => Entity::PHONE_TYPES) ).order("last_name, first_name, organization_name")
46. end
47. -
48. - private
49. -
50. - def random_password
51. - (0...8).map { (65 + rand(26)).chr }.join
52. - end
53. end
54. diff --git a/app/models/entity.rb b/app/models/entity.rb
55. index a25e4a5..46f6fa0 100644
56. --- a/app/models/entity.rb
57. +++ b/app/models/entity.rb
58. @@ -39,6 +39,9 @@ class Entity < ActiveRecord::Base
59. # * entity - must be constantizable as a subclass of Entity
60. # (Person, Organization, etc.)
61. #
62. +
63. + scope :by_system_role_and_email, ->(email, role) { joins(:entity_roles).where("entities.email = ? AND entity_roles.system_role_type = ?", email, role) }
64. +
65. def self.find_or_create_in_role(role, entity, entity_hash, role_hash = {})
66. entity = entity.to_s.classify.constantize.send(:find_or_initialize!, entity_hash)
67.  
68. @@ -126,6 +129,25 @@ def phone_number
69. send("#{prefered_number}_phone")
70. end
71.  
72. + def find_user_by_role(role)
73. + entity_role_by_role = entity_roles.find_by_system_role_type(role)
74. + if entity_role_by_role
75. + user_id = entity_role_by_role.system_role_id
76. + User.find_by_id_or_no_user(user_id)
77. + else
78. + NoUser.new
79. + end
80. + end
81. +
82. +
83. + def self.find_by_email_and_role_or_no_entity(email, role)
84. + by_system_role_and_email(email, role).first || NoEntity.new
85. + end
86. +
87. + def reset_user_password(role)
88. + find_user_by_role(role).reset_password(email)
89. + end
90. +
91. # Checks to see if the requested method matches a subclass of Entity so
92. # that we can return the entity with confidence that its subclass's
93. # methods may be called.
94. diff --git a/app/models/no_entity.rb b/app/models/no_entity.rb
95. new file mode 100644
96. index 0000000..a310638
97. --- /dev/null
98. +++ b/app/models/no_entity.rb
99. @@ -0,0 +1,6 @@
100. +class NoEntity
101. +
102. + def reset_user_password(role = nil)
103. + false
104. + end
105. +end
106. \ No newline at end of file
107. diff --git a/app/models/no_user.rb b/app/models/no_user.rb
108. new file mode 100644
109. index 0000000..1c1050b
110. --- /dev/null
111. +++ b/app/models/no_user.rb
112. @@ -0,0 +1,5 @@
113. +class NoUser
114. + def reset_password(email = nil)
115. + false
116. + end
117. +end
118. \ No newline at end of file
119. diff --git a/app/models/user.rb b/app/models/user.rb
120. index b141645..76e964f 100644
121. --- a/app/models/user.rb
122. +++ b/app/models/user.rb
123. @@ -125,6 +125,13 @@ def authorized?( *roles )
124. return false
125. end
126.  
127. + def reset_password(email)
128. + password = User.random_password
129. + is_successful = update_attributes(password: password, display_profile: true)
130. + UserMailer.send_login_details(email, login, password).deliver if is_successful
131. + is_successful
132. + end
133. +
134. # True if the user has only read_only roles.
135. def is_in_a_read_only_role?
136. user_roles.all? { |r| r.read_only? }
137. @@ -135,4 +142,12 @@ def generate_access_token
138. self.access_token = SecureRandom.hex
139. end while self.class.exists?(access_token: access_token)
140. end
141. +
142. + def self.find_by_id_or_no_user(id)
143. + find_by_id(id) || NoUser.new
144. + end
145. +
146. + def self.random_password
147. + (0...8).map { (65 + rand(26)).chr }.join
148. + end
149. end