Password update feature

pyproject.toml

@@ -3,7 +3,7 @@ name = "sophosfirewall-python"
 packages = [
     { include = "sophosfirewall_python" },
 ]
-version = "0.1.19"
+version = "0.1.21"
 description = "Python SDK for Sophos Firewall"
 authors = ["Matt Mullen <[email protected]>"]
 readme = "README.md"

sophosfirewall_python/firewallapi.py

@@ -826,6 +826,51 @@ def create_user(
             "createuser.j2", template_vars=kwargs, debug=debug
         )
         return resp
+
+    def update_user_password(
+        self, username: str, new_password: str, debug: bool = False
+    ):
+        """Update user password.
+
+        Args:
+            username (str): Username
+            new_password (str): New password. Must meet complexity requirements.
+            debug (bool, optional): Enable debug mode. Defaults to False.
+
+        Returns:
+            dict: XML response converted to Python dictionary
+        """
+        # Get the existing user
+        resp = self.get_user(name=username)
+        user_params = resp["Response"]["User"]
+        user_params["Password"] = new_password
+        user_params.pop("PasswordHash")
+
+        # Update the user
+        resp = self.submit_template(
+            "updateuserpassword.j2", template_vars=user_params, debug=debug
+        )
+        return resp
+
+    def update_admin_password(
+            self, current_password: str, new_password: str, debug: bool = False
+    ):
+        """Update the admin password.
+
+        Args:
+            current_password (str): Current admin password.
+            new_password (str): New admin password. Must meet complexity requirements.
+            debug (bool, optional): Enable debug mode. Defaults to False.
+
+        Returns:
+            dict: XML response converted to Python dictionary
+        """
+        params = {"current_password": current_password, "new_password": new_password}
+
+        resp = self.submit_template(
+            "updateadminpassword.j2", template_vars=params, debug=debug
+        )
+        return resp
 
     def update_urlgroup(
         self, name: str, domain: str, debug: bool = False

sophosfirewall_python/templates/updateadminpassword.j2

@@ -0,0 +1,12 @@
+<Request>
+   <Login>
+        <Username>{{ username }}</Username>
+        <Password >{{ password }}</Password>
+    </Login>
+    <Set operation="update"> 
+    <AdminPassword>
+		  <CurrentPassword>{{ current_password }}</CurrentPassword>
+		  <NewPassword>{{ new_password }}</NewPassword>
+	  </AdminPassword>
+    </Set>
+</Request>

sophosfirewall_python/templates/updateuserpassword.j2

@@ -0,0 +1,42 @@
+<Request>
+   <Login>
+        <Username>{{username}}</Username>
+        <Password >{{password}}</Password>
+    </Login>
+    <Set operation = "update"> 
+		<User transactionid = "">
+            <Username>{{ Username }}</Username>
+            <Name>{{ Name }}</Name>
+            <Description>{{ Description }}</Description>
+            <Password>{{ Password }}</Password>
+            <UserType>{{ UserType }}</UserType>
+            {% if UserType == 'Administrator' %}
+            <Profile>{{ Profile }}</Profile>
+            {% endif %}
+            <Group>{{ Group }}</Group>
+            <EmailList>
+                <EmailID>{{ EmailList.EmailID }}</EmailID>
+            </EmailList>
+            <AccessTimePolicy>{{ AccessTimePolicy | default('Allowed all the time') }}</AccessTimePolicy>
+            <DataTransferPolicy/>
+            <QoSPolicy/>
+            <SSLVPNPolicy>{{ SSLVPNPolicy | default('No Policy Applied') }}</SSLVPNPolicy>
+            <SSLVPNIPv4Address/>
+            <SSLVPNIPv6Address/>
+            <ClientlessPolicy>{{ ClientlessPolicy | default('No Policy Applied') }}</ClientlessPolicy>
+            <L2TP>{{ L2TP | default('Disable') }}</L2TP>
+            <PPTP>{{ PPTP | default('Disable') }}</PPTP>
+            <CISCO>{{ CISCO | default('Disable') }}</CISCO>
+            <QuarantineDigest>{{ QuarantineDigest | default('Disable') }}</QuarantineDigest>
+            <MACBinding>{{ MACBinding | default('Disable') }}</MACBinding>
+            <LoginRestriction>{{ LoginRestriction | default('UserGroupNode') }}</LoginRestriction>
+            <IsEncryptCert>{{ IsEncryptCert | default('Disable') }}</IsEncryptCert>
+            <SimultaneousLoginsGlobal>{{ SimultaneousLoginsGlobal | default('Disable') }}</SimultaneousLoginsGlobal>
+            <SurfingQuotaPolicy>{{ SurfingQuotaPolicy | default('Unlimited Internet Access') }}</SurfingQuotaPolicy>
+            {% if UserType == "Administrator" %}
+            <ScheduleForApplianceAccess>{{ ScheduleForApplianceAccess | default('All The Time') }}</ScheduleForApplianceAccess>
+            <LoginRestrictionForAppliance>{{ LoginRestrictionForAppliance | default('AnyNode') }}</LoginRestrictionForAppliance>
+            {% endif %}
+        </User>
+   </Set>
+</Request>