From 17c8519031fc6579f0d6af04ae2d91b1bd809452 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Gustavo=20Bascop=C3=A9?= <gustavo.bascope@processmaker.com>
Date: Thu, 3 Oct 2024 11:54:34 -0400
Subject: [PATCH 1/3] Fix observation to ask the password of the user that is
 making the change instead of the user that is being edited

---
 ProcessMaker/Http/Controllers/Api/UserController.php | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/ProcessMaker/Http/Controllers/Api/UserController.php b/ProcessMaker/Http/Controllers/Api/UserController.php
index 71dd3b06ec..5ec12ba65a 100644
--- a/ProcessMaker/Http/Controllers/Api/UserController.php
+++ b/ProcessMaker/Http/Controllers/Api/UserController.php
@@ -344,7 +344,8 @@ public function update(User $user, Request $request)
                     ],
                 ], 422);
             } else {
-                $response = $this->validateBeforeChange($user, $fields['valpassword']);
+                //dd(Auth::user());
+                $response = $this->validateBeforeChange(Auth::user(), $fields['valpassword']);
                 if ($response) {
                     return $response;
                 }

From b6618792d70b685416c252f8e45746d6814ebb3f Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Gustavo=20Bascop=C3=A9?= <gustavo.bascope@processmaker.com>
Date: Thu, 3 Oct 2024 16:42:51 -0400
Subject: [PATCH 2/3] fixed authentication after the email is changed and added
 a show password option

---
 resources/views/admin/users/edit.blade.php     | 11 ++++++++++-
 resources/views/profile/edit.blade.php         |  9 +++++++++
 resources/views/shared/users/profile.blade.php |  7 +++++--
 3 files changed, 24 insertions(+), 3 deletions(-)

diff --git a/resources/views/admin/users/edit.blade.php b/resources/views/admin/users/edit.blade.php
index cce84eb115..ec1cd77122 100644
--- a/resources/views/admin/users/edit.blade.php
+++ b/resources/views/admin/users/edit.blade.php
@@ -346,6 +346,14 @@
             ProcessMaker.alert(this.$t('The user was successfully created'), 'success');
           }
           this.originalEmail = this.formData.email;
+          const togglePassword = document.querySelector('#togglePassword');
+          const password = document.querySelector('#valpassword');
+
+          togglePassword.addEventListener('click', function (e) {
+            const type = password.getAttribute('type') === 'password' ? 'text' : 'password';
+            password.setAttribute('type', type);
+            this.classList.toggle('fa-eye-slash');
+          });
         },
         watch: {
           selectedPermissions: function () {
@@ -575,9 +583,10 @@
             ProcessMaker.apiClient.put('users/' + this.formData.id, this.formData)
               .then(response => {
                 ProcessMaker.alert(this.$t('User Updated Successfully '), 'success');
+                this.originalEmail = this.formData.email;
+                this.emailHasChanged = false;
                 if (this.formData.id == window.ProcessMaker.user.id) {
                   window.ProcessMaker.events.$emit('update-profile-avatar');
-                  this.originalEmail = this.formData.email;
                   this.formData.valpassword = "";
                 }
               })
diff --git a/resources/views/profile/edit.blade.php b/resources/views/profile/edit.blade.php
index cf2d387692..c9f78f0673 100644
--- a/resources/views/profile/edit.blade.php
+++ b/resources/views/profile/edit.blade.php
@@ -174,6 +174,14 @@
             },
             mounted() {
               this.originalEmail = this.formData.email;
+              const togglePassword = document.querySelector('#togglePassword');
+              const password = document.querySelector('#valpassword');
+
+              togglePassword.addEventListener('click', function (e) {
+                const type = password.getAttribute('type') === 'password' ? 'text' : 'password';
+                password.setAttribute('type', type);
+                this.classList.toggle('fa-eye-slash');
+              });
             },
             methods: {
                 openAvatarModal() {
@@ -257,6 +265,7 @@
                             ProcessMaker.alert(this.$t('Your profile was saved.'), 'success')
                             window.ProcessMaker.events.$emit('update-profile-avatar');
                             this.originalEmail = this.formData.email;
+                            this.emailHasChanged = false;
                             this.formData.valpassword = "";
                         })
                         .catch(error => {
diff --git a/resources/views/shared/users/profile.blade.php b/resources/views/shared/users/profile.blade.php
index 0cbea47dc9..209940fd51 100644
--- a/resources/views/shared/users/profile.blade.php
+++ b/resources/views/shared/users/profile.blade.php
@@ -173,8 +173,11 @@ class="mb-2"
       <div class="modal-body">
             <div class="form-group col">
                 {!! Form::label('valpassword', __('Password')) !!}
-                {!! Form::password('valpassword', ['id' => 'valpassword', 'rows' => 4, 'class'=> 'form-control', 'v-model'
-                        => 'formData.valpassword']) !!}
+                <div style="position: relative;">
+                    {!! Form::password('valpassword', ['id' => 'valpassword', 'rows' => 4, 'class'=> 'form-control', 'v-model'
+                            => 'formData.valpassword']) !!}
+                    <i class="fa fa-eye" id="togglePassword" style="position: absolute; top: 32%; right: 4%; cursor: pointer; color: #51585E;"></i>
+                </div>
             </div>
       </div>
       <div class="modal-footer">

From 24b20d956ec6ad7c2d0745a2e2075149e846aefc Mon Sep 17 00:00:00 2001
From: Ryan Cooley <ryancooley@users.noreply.github.com>
Date: Fri, 18 Oct 2024 03:48:44 -0700
Subject: [PATCH 3/3] Remove errant line

---
 ProcessMaker/Http/Controllers/Api/UserController.php | 1 -
 1 file changed, 1 deletion(-)

diff --git a/ProcessMaker/Http/Controllers/Api/UserController.php b/ProcessMaker/Http/Controllers/Api/UserController.php
index 5ec12ba65a..f88bd390d3 100644
--- a/ProcessMaker/Http/Controllers/Api/UserController.php
+++ b/ProcessMaker/Http/Controllers/Api/UserController.php
@@ -344,7 +344,6 @@ public function update(User $user, Request $request)
                     ],
                 ], 422);
             } else {
-                //dd(Auth::user());
                 $response = $this->validateBeforeChange(Auth::user(), $fields['valpassword']);
                 if ($response) {
                     return $response;