From c2a730f26ce8c029627b833a42013827a4674994 Mon Sep 17 00:00:00 2001
From: cricriiiiii <cricriiiiii@pandalas.xyz>
Date: Tue, 17 Nov 2020 16:39:28 +0100
Subject: [PATCH] user update -p without argument allowed

when not giving an argument (to avoid clear passwords in bash history) to "yunohost user update -p", now you are prompted for a password
---
 data/actionsmap/yunohost.yml | 3 +++
 src/yunohost/user.py         | 4 +++-
 2 files changed, 6 insertions(+), 1 deletion(-)

diff --git a/data/actionsmap/yunohost.yml b/data/actionsmap/yunohost.yml
index ff56c2ac8..8eee048f2 100644
--- a/data/actionsmap/yunohost.yml
+++ b/data/actionsmap/yunohost.yml
@@ -165,8 +165,11 @@ user:
                     full: --change-password
                     help: New password to set
                     metavar: PASSWORD
+                    nargs: "?"
+                    const: 0
                     extra:
                         pattern: *pattern_password
+                        comment: good_practices_about_user_password
                 --add-mailforward:
                     help: Mailforward addresses to add
                     nargs: "*"
diff --git a/src/yunohost/user.py b/src/yunohost/user.py
index 67fd43a03..6968744b3 100644
--- a/src/yunohost/user.py
+++ b/src/yunohost/user.py
@@ -325,7 +325,9 @@ def user_update(operation_logger, username, firstname=None, lastname=None, mail=
     if lastname and firstname:
         new_attr_dict['cn'] = new_attr_dict['displayName'] = [firstname + ' ' + lastname]
 
-    if change_password:
+    if change_password is not None:
+        if not change_password:
+            change_password = msignals.prompt(m18n.n("ask_password"), True, True)
         # Ensure sufficiently complex password
         assert_password_is_strong_enough("user", change_password)