Allow admin toggle forcing a password change for newly created users (#4563)

routers/admin/users.go

@@ -82,7 +82,7 @@ func NewUserPost(ctx *context.Context, form auth.AdminCreateUserForm) {
 		Passwd:             form.Password,
 		IsActive:           true,
 		LoginType:          models.LoginPlain,
-		MustChangePassword: true,
+		MustChangePassword: form.MustChangePassword,
 	}
 
 	if len(form.LoginType) > 0 {

routers/admin/users_test.go

@@ -29,12 +29,13 @@ func TestNewUserPost_MustChangePassword(t *testing.T) {
 	email := "gitea@gitea.io"
 
 	form := auth.AdminCreateUserForm{
-		LoginType:  "local",
-		LoginName:  "local",
-		UserName:   username,
-		Email:      email,
-		Password:   "xxxxxxxx",
-		SendNotify: false,
+		LoginType:          "local",
+		LoginName:          "local",
+		UserName:           username,
+		Email:              email,
+		Password:           "xxxxxxxx",
+		SendNotify:         false,
+		MustChangePassword: true,
 	}
 
 	NewUserPost(ctx, form)
@@ -48,3 +49,40 @@ func TestNewUserPost_MustChangePassword(t *testing.T) {
 	assert.Equal(t, email, u.Email)
 	assert.True(t, u.MustChangePassword)
 }
+
+func TestNewUserPost_MustChangePasswordFalse(t *testing.T) {
+
+	models.PrepareTestEnv(t)
+	ctx := test.MockContext(t, "admin/users/new")
+
+	u := models.AssertExistsAndLoadBean(t, &models.User{
+		IsAdmin: true,
+		ID:      2,
+	}).(*models.User)
+
+	ctx.User = u
+
+	username := "gitea"
+	email := "gitea@gitea.io"
+
+	form := auth.AdminCreateUserForm{
+		LoginType:          "local",
+		LoginName:          "local",
+		UserName:           username,
+		Email:              email,
+		Password:           "xxxxxxxx",
+		SendNotify:         false,
+		MustChangePassword: false,
+	}
+
+	NewUserPost(ctx, form)
+
+	assert.NotEmpty(t, ctx.Flash.SuccessMsg)
+
+	u, err := models.GetUserByName(username)
+
+	assert.NoError(t, err)
+	assert.Equal(t, username, u.Name)
+	assert.Equal(t, email, u.Email)
+	assert.False(t, u.MustChangePassword)
+}