From 6ae0db8c456460a1741210a55a2520ea06daa579 Mon Sep 17 00:00:00 2001
From: Yannick Marcon <yannick.marcon@obiba.org>
Date: Thu, 2 Jan 2025 12:53:04 +0100
Subject: [PATCH 1/6] feat: users table added

---
 agate-ui/src/components/UsersTable.vue | 275 +++++++++++++++++++++++++
 agate-ui/src/i18n/en/index.js          |  44 +++-
 agate-ui/src/i18n/fr/index.js          |  44 +++-
 agate-ui/src/pages/UsersPage.vue       |   8 +-
 agate-ui/src/stores/user.ts            |  19 ++
 5 files changed, 382 insertions(+), 8 deletions(-)
 create mode 100644 agate-ui/src/components/UsersTable.vue

diff --git a/agate-ui/src/components/UsersTable.vue b/agate-ui/src/components/UsersTable.vue
new file mode 100644
index 00000000..5ab1bfd8
--- /dev/null
+++ b/agate-ui/src/components/UsersTable.vue
@@ -0,0 +1,275 @@
+<template>
+  <div>
+    <q-table :rows="users" flat row-key="name" :columns="columns" :pagination="initialPagination">
+      <template v-slot:top-left>
+        <q-btn size="sm" icon="add" color="primary" :label="t('add')" @click="onAdd" />
+      </template>
+      <template v-slot:top-right>
+        <q-input v-model="filter" debounce="300" :placeholder="t('search')" dense clearable class="q-mr-md">
+          <template v-slot:prepend>
+            <q-icon name="search" />
+          </template>
+        </q-input>
+      </template>
+      <template v-slot:body="props">
+        <q-tr :props="props" @mouseover="onOverRow(props.row)" @mouseleave="onLeaveRow(props.row)">
+          <q-td key="name" :props="props">
+            <span class="text-primary">{{ props.row.name }}</span>
+            <div class="float-right">
+              <q-btn
+                rounded
+                dense
+                flat
+                size="sm"
+                color="secondary"
+                :icon="toolsVisible[props.row.name] ? 'edit' : 'none'"
+                :title="t('edit')"
+                class="q-ml-xs"
+                @click="onShowEdit(props.row)"
+              />
+              <q-btn
+                rounded
+                dense
+                flat
+                size="sm"
+                color="secondary"
+                :title="t('delete')"
+                :icon="toolsVisible[props.row.name] ? 'delete' : 'none'"
+                class="q-ml-xs"
+                @click="onShowDelete(props.row)"
+              />
+              <q-btn
+                rounded
+                dense
+                flat
+                size="sm"
+                color="secondary"
+                :title="t('user.reset_password')"
+                :icon="toolsVisible[props.row.name] ? 'lock_reset' : 'none'"
+                class="q-ml-xs"
+                @click="onShowResetPassword(props.row)"
+              />
+              <q-btn
+                v-if="props.row.status === 'PENDING'"
+                rounded
+                dense
+                flat
+                size="sm"
+                color="secondary"
+                :title="t('user.approve')"
+                :icon="toolsVisible[props.row.name] ? 'done' : 'none'"
+                class="q-ml-xs"
+                @click="onApprove(props.row)"
+              />
+              <q-btn
+                v-if="props.row.status === 'PENDING'"
+                rounded
+                dense
+                flat
+                size="sm"
+                color="secondary"
+                :title="t('user.reject')"
+                :icon="toolsVisible[props.row.name] ? 'dangerous' : 'none'"
+                class="q-ml-xs"
+                @click="onShowReject(props.row)"
+              />
+            </div>
+          </q-td>
+          <q-td key="fullName" :props="props"> {{ props.row.firstName }} {{ props.row.lastName }} </q-td>
+          <q-td key="email" :props="props">
+            <a :href="`mailto:${props.row.email}`">{{ props.row.email }}</a>
+          </q-td>
+          <q-td key="status" :props="props">
+            <span class="text-caption" :title="t(`user.status_hint.${props.row.status}`)">{{
+              t(`user.status.${props.row.status}`)
+            }}</span>
+          </q-td>
+          <q-td key="role" :props="props">
+            <span class="text-caption">{{ t(`user.role.${props.row.role}`) }}</span>
+          </q-td>
+          <q-td key="otpEnabled" :props="props">
+            <q-icon v-if="props.row.otpEnabled" name="done" />
+          </q-td>
+          <q-td key="realm" :props="props">
+            <q-chip size="sm">{{ props.row.realm }}</q-chip>
+            <q-btn
+              v-if="props.row.accountUrl"
+              :title="props.row.accountUrl"
+              dense
+              flat
+              icon="account_circle"
+              color="secondary"
+              size="sm"
+              @click="onAccount(props.row)"
+            />
+          </q-td>
+          <q-td key="groups" :props="props">
+            <template v-for="grp in props.row.groups" :key="grp">
+              <q-badge :label="grp" class="on-left" />
+            </template>
+          </q-td>
+          <q-td key="applications" :props="props">
+            <template v-for="app in props.row.applications" :key="app">
+              <q-badge :label="getApplicationName(app)" class="on-left" />
+            </template>
+            <template v-for="(grpApp, idx) in props.row.groupApplications" :key="idx">
+              <q-badge
+                color="secondary"
+                :label="getApplicationName(grpApp.application)"
+                :title="t('inherited_from', { parent: grpApp.group })"
+                class="on-left"
+              />
+            </template>
+          </q-td>
+        </q-tr>
+      </template>
+    </q-table>
+    <confirm-dialog
+      v-model="showDelete"
+      :title="t('user.remove')"
+      :text="t('user.remove_confirm', { name: selected?.name })"
+      @confirm="onDelete"
+    />
+    <confirm-dialog
+      v-model="showResetPassword"
+      :title="t('user.reset_password')"
+      :text="t('user.reset_password_confirm', { name: selected?.name })"
+      @confirm="onResetPassword"
+    />
+    <confirm-dialog
+      v-model="showReject"
+      :title="t('user.reject')"
+      :text="t('user.reject_confirm', { name: selected?.name })"
+      @confirm="onDelete"
+    />
+    <group-dialog v-model="showEdit" :group="selected" @saved="onSaved" />
+  </div>
+</template>
+
+<script lang="ts">
+export default defineComponent({
+  name: 'UsersTable',
+});
+</script>
+<script setup lang="ts">
+import type { UserDto } from 'src/models/Agate';
+import GroupDialog from 'src/components/GroupDialog.vue';
+import ConfirmDialog from 'src/components/ConfirmDialog.vue';
+import { DefaultAlignment } from 'src/components/models';
+import { notifyError, notifySuccess } from 'src/utils/notify';
+
+const { t } = useI18n();
+const userStore = useUserStore();
+const groupStore = useGroupStore();
+const applicationStore = useApplicationStore();
+
+const filter = ref('');
+const toolsVisible = ref<{ [key: string]: boolean }>({});
+const initialPagination = ref({
+  descending: false,
+  page: 1,
+  rowsPerPage: 20,
+});
+const showEdit = ref(false);
+const showDelete = ref(false);
+const showResetPassword = ref(false);
+const showReject = ref(false);
+const selected = ref();
+
+const users = computed(
+  () =>
+    userStore.users?.filter((usr) => {
+      const str = `${usr.name} ${usr.firstName || ''} ${usr.lastName || ''} ${usr.email}`;
+      return filter.value ? str.toLowerCase().includes(filter.value.toLowerCase()) : true;
+    }) || [],
+);
+const columns = computed(() => [
+  { name: 'name', label: t('name'), field: 'name', align: DefaultAlignment },
+  { name: 'fullName', label: t('fullName'), field: 'fullName', align: DefaultAlignment },
+  { name: 'email', label: t('email'), field: 'email', align: DefaultAlignment },
+  { name: 'status', label: t('status'), field: 'status', align: DefaultAlignment },
+  { name: 'role', label: t('role'), field: 'role', align: DefaultAlignment },
+  { name: 'otpEnabled', label: t('otpEnabled'), field: 'otpEnabled', align: DefaultAlignment },
+  { name: 'realm', label: t('realm'), field: 'realm', align: DefaultAlignment },
+  { name: 'groups', label: t('groups'), field: 'groups', align: DefaultAlignment },
+  { name: 'applications', label: t('applications'), field: 'applications', align: DefaultAlignment },
+]);
+
+onMounted(() => {
+  groupStore.init();
+  applicationStore.init();
+  refresh();
+});
+
+function refresh() {
+  userStore.init();
+}
+
+function onOverRow(row: UserDto) {
+  toolsVisible.value[row.name] = true;
+}
+
+function onLeaveRow(row: UserDto) {
+  toolsVisible.value[row.name] = false;
+}
+
+function onShowEdit(row: UserDto) {
+  selected.value = row;
+  showEdit.value = true;
+}
+
+function onShowDelete(row: UserDto) {
+  selected.value = row;
+  showDelete.value = true;
+}
+
+function onShowResetPassword(row: UserDto) {
+  selected.value = row;
+  showResetPassword.value = true;
+}
+
+function onShowReject(row: UserDto) {
+  selected.value = row;
+  showReject.value = true;
+}
+
+function onDelete() {
+  userStore
+    .remove(selected.value)
+    .then(() => notifySuccess(t('user.removed')))
+    .catch(() => notifyError(t('user.remove_error')))
+    .finally(refresh);
+}
+
+function onAdd() {
+  selected.value = undefined;
+  showEdit.value = true;
+}
+
+function onSaved() {
+  refresh();
+}
+
+function getApplicationName(id: string) {
+  return applicationStore.applications?.find((app) => app.id === id)?.name;
+}
+
+function onAccount(row: UserDto) {
+  window.open(row.accountUrl, '_blank');
+}
+
+function onResetPassword() {
+  userStore
+    .resetPassword(selected.value)
+    .then(() => notifySuccess(t('user.reset_password_success')))
+    .catch(() => notifyError(t('user.reset_password_error')));
+}
+
+function onApprove(row: UserDto) {
+  userStore
+    .approve(row)
+    .then(() => notifySuccess(t('user.approved')))
+    .catch(() => notifyError(t('user.approve_error')))
+    .finally(refresh);
+}
+</script>
diff --git a/agate-ui/src/i18n/en/index.js b/agate-ui/src/i18n/en/index.js
index 30cf5d78..a55a53d1 100644
--- a/agate-ui/src/i18n/en/index.js
+++ b/agate-ui/src/i18n/en/index.js
@@ -10,10 +10,45 @@ export default {
     applications_hint: 'Members of a group get access to the applications associated to this group.',
     edit: 'Edit group',
     remove: 'Remove group',
-    remove_confirm: 'Please confirm group removal. User members of this group will not be removed.',
+    remove_confirm: 'Please confirm group removal: {name}. User members of this group will not be removed.',
     saved: 'Group saved',
     save_failed: 'Failed to save group',
   },
+  user: {
+    add: 'Add user',
+    approve: 'Approve user',
+    approved: 'User approved',
+    approve_error: 'Failed to approve user',
+    edit: 'Edit user',
+    reject: 'Reject user',
+    reject_confirm: 'Please confirm user rejection: {name}',
+    remove: 'Remove user',
+    remove_confirm: 'Please confirm user removal: {name}',
+    removed: 'User removed',
+    remove_error: 'Failed to remove user',
+    reset_password: 'Reset password',
+    reset_password_confirm: 'Please confirm that you want to send a password reset notification to this user.',
+    reset_password_error: 'Failed to reset user password',
+    reset_password_success: 'Password reset notification sent',
+    role: {
+      'agate-user': 'User',
+      'agate-administrator': 'Administrator',
+    },
+    saved: 'User saved',
+    save_failed: 'Failed to save user',
+    status: {
+      ACTIVE: 'Active',
+      APPROVED: 'Approved',
+      INACTIVE: 'Inactive',
+      PENDING: 'Pending',
+    },
+    status_hint: {
+      ACTIVE: 'User is operational',
+      APPROVED: 'User was approved by administrator but user confirmation is still required (email, password reset)',
+      INACTIVE: 'User is disabled',
+      PENDING: 'User is pending approval',
+    },
+  },
   add: 'Add',
   administration: 'Administration',
   content_management: 'Content Management',
@@ -36,4 +71,11 @@ export default {
   description: 'Description',
   name_required: 'Name is required',
   search: 'Search',
+  inherited_from: 'Inherited from: {parent}',
+  fullName: 'Full Name',
+  email: 'Email',
+  realm: 'Realm',
+  status: 'Status',
+  role: 'Role',
+  otpEnabled: '2FA',
 };
diff --git a/agate-ui/src/i18n/fr/index.js b/agate-ui/src/i18n/fr/index.js
index 3642ee90..300bbf45 100644
--- a/agate-ui/src/i18n/fr/index.js
+++ b/agate-ui/src/i18n/fr/index.js
@@ -10,10 +10,45 @@ export default {
     applications_hint: "Les membres d'un groupe ont accès aux applications associées à ce groupe.",
     edit: 'Modifier le groupe',
     remove: 'Suppression du groupe',
-    remove_confirm: 'Veuillez confirmer la suppression du groupe. Les usagers membres de ce groupe ne seront pas affectés.',
+    remove_confirm: 'Veuillez confirmer la suppression du groupe: {name}. Les usagers membres de ce groupe ne seront pas affectés.',
     saved: 'Groupe enregistré',
     save_failed: "Échec de l'enregistrement du groupe",
   },
+  user: {
+    add: 'Ajouter un usager',
+    approve: "Approuver l'usager",
+    approved: 'Usager approuvé',
+    approve_error: "Échec de l'approbation de l'usager",
+    edit: "Modifier l'usager",
+    reject: "Rejeter l'usager",
+    reject_confirm: "Veuillez confirmer le rejet de l'usager: {name}",
+    remove: "Suppression de l'usager",
+    remove_confirm: "Veuillez confirmer la suppression de l'usager: {name}",
+    removed: 'Usager supprimé',
+    remove_error: "Échec de la suppression de l'usager",
+    reset_password: 'Réinitialiser le mot de passe',
+    reset_password_confirm: 'Veuillez confirmer que vous souhaitez envoyer une notification de réinitialisation du mot de passe à cet usager.',
+    reset_password_error: "Échec de la réinitialisation du mot de passe de l'usager",
+    reset_password_success: 'Notification de réinitialisation du mot de passe envoyée',
+    role: {
+      'agate-user': 'Usager',
+      'agate-administrator': 'Administrateur',
+    },
+    saved: 'Usager enregistré',
+    save_failed: "Échec de l'enregistrement de l'usager",
+    status: {
+      ACTIVE: 'Actif',
+      APPROVED: 'Approuvé',
+      INACTIVE: 'Inactif',
+      PENDING: 'En attente',
+    },
+    status_hint: {
+      ACTIVE: 'Usager opérationnel',
+      APPROVED: "Usager approuvé par l'administrateur mais confirmation de l'usager requise (courriel, réinitialisation du mot de passe)",
+      INACTIVE: 'Usager désactivé',
+      PENDING: "Usager en attente d'approbation",
+    },
+  },
   add: 'ajouter',
   administration: 'Administration',
   content_management: 'Gestion de contenu',
@@ -36,4 +71,11 @@ export default {
   description: 'Description',
   name_required: 'Le nom est requis',
   search: 'Rechercher',
+  inherited_from: 'Hérité de: {parent}',
+  fullName: 'Nom complet',
+  email: 'Courriel',
+  realm: 'Domaine',
+  status: 'Statut',
+  role: 'Rôle',
+  otpEnabled: '2FA',
 };
diff --git a/agate-ui/src/pages/UsersPage.vue b/agate-ui/src/pages/UsersPage.vue
index beeb282f..a4ecc122 100644
--- a/agate-ui/src/pages/UsersPage.vue
+++ b/agate-ui/src/pages/UsersPage.vue
@@ -7,16 +7,12 @@
       </q-breadcrumbs>
     </q-toolbar>
     <q-page class="q-pa-md">
-      <pre>{{ userStore.users }}</pre>
+      <users-table />
     </q-page>
   </div>
 </template>
 
 <script setup lang="ts">
+import UsersTable from 'src/components/UsersTable.vue';
 const { t } = useI18n();
-const userStore = useUserStore();
-
-onMounted(() => {
-  userStore.init();
-});
 </script>
diff --git a/agate-ui/src/stores/user.ts b/agate-ui/src/stores/user.ts
index 9a3bbee2..b999471c 100644
--- a/agate-ui/src/stores/user.ts
+++ b/agate-ui/src/stores/user.ts
@@ -14,8 +14,27 @@ export const useUserStore = defineStore('user', () => {
     });
   }
 
+  async function remove(user: UserDto) {
+    return api.delete(`/user/${user.id}`);
+  }
+
+  async function resetPassword(user: UserDto) {
+    return api.put(`/user/${user.id}/reset_password`);
+  }
+
+  async function approve(user: UserDto) {
+    return api.put(
+      `/user/${user.id}/status`,
+      { status: 'approved' },
+      { headers: { 'Content-Type': 'application/x-www-form-urlencoded' } },
+    );
+  }
+
   return {
     users,
     init,
+    remove,
+    resetPassword,
+    approve,
   };
 });

From d92ef5b041dd7aa5dd97c4a003fe82b0aaba0722 Mon Sep 17 00:00:00 2001
From: Yannick Marcon <yannick.marcon@obiba.org>
Date: Thu, 2 Jan 2025 17:43:17 +0100
Subject: [PATCH 2/6] feat: add and edit user in a dialog

---
 agate-ui/src/components/GroupDialog.vue |  16 +-
 agate-ui/src/components/UserDialog.vue  | 224 ++++++++++++++++++++++++
 agate-ui/src/components/UsersTable.vue  |   4 +-
 agate-ui/src/i18n/en/index.js           |  65 ++++---
 agate-ui/src/i18n/fr/index.js           |  65 ++++---
 agate-ui/src/stores/group.ts            |   1 +
 agate-ui/src/stores/system.ts           |   4 +-
 agate-ui/src/stores/user.ts             |   6 +
 8 files changed, 327 insertions(+), 58 deletions(-)
 create mode 100644 agate-ui/src/components/UserDialog.vue

diff --git a/agate-ui/src/components/GroupDialog.vue b/agate-ui/src/components/GroupDialog.vue
index ec1dca44..c2982821 100644
--- a/agate-ui/src/components/GroupDialog.vue
+++ b/agate-ui/src/components/GroupDialog.vue
@@ -11,10 +11,14 @@
         <q-form>
           <q-input
             v-model="selected.name"
-            :label="t('name')"
+            :label="t('name') + ' *'"
             :disable="editMode"
             dense
-            :rules="[(val) => !!val || t('name_required')]"
+            lazy-rules
+            :rules="[
+              (val) => !!val || t('name_required'),
+              (val) => (val?.trim().length ?? 0) >= 3 || t('name_min_length', { min: 3 }),
+            ]"
           />
           <q-input v-model="selected.description" :label="t('description')" dense class="q-mb-md" />
           <q-select
@@ -36,17 +40,12 @@
 
       <q-card-actions align="right" class="bg-grey-3">
         <q-btn flat :label="t('cancel')" color="secondary" @click="onCancel" v-close-popup />
-        <q-btn flat :label="t('confirm')" color="primary" @click="onSave" />
+        <q-btn flat :label="t('save')" :disable="!isValid" color="primary" @click="onSave" />
       </q-card-actions>
     </q-card>
   </q-dialog>
 </template>
 
-<script lang="ts">
-export default defineComponent({
-  name: 'ConfirmDialog',
-});
-</script>
 <script setup lang="ts">
 import type { GroupDto } from 'src/models/Agate';
 import { notifyError, notifySuccess } from 'src/utils/notify';
@@ -70,6 +69,7 @@ const editMode = ref(false);
 const applicationOptions = computed(
   () => applicationStore.applications?.map((app) => ({ label: app.name, value: app.id })) ?? [],
 );
+const isValid = computed(() => selected.value.name && selected.value.name.trim().length >= 3);
 
 onMounted(() => {
   applicationStore.init();
diff --git a/agate-ui/src/components/UserDialog.vue b/agate-ui/src/components/UserDialog.vue
new file mode 100644
index 00000000..c259fd58
--- /dev/null
+++ b/agate-ui/src/components/UserDialog.vue
@@ -0,0 +1,224 @@
+<template>
+  <q-dialog v-model="showDialog" persistent @hide="onHide">
+    <q-card class="dialog-md">
+      <q-card-section>
+        <div class="text-h6">{{ t(editMode ? 'user.edit' : 'user.add') }}</div>
+      </q-card-section>
+
+      <q-separator />
+
+      <q-card-section>
+        <q-form>
+          <q-input
+            v-model="selected.name"
+            :label="t('name') + ' *'"
+            :hint="t('name_hint')"
+            :disable="editMode"
+            dense
+            class="q-mb-md"
+            lazy-rules
+            :rules="[
+              (val) => !!val || t('name_required'),
+              (val) => (val?.trim().length ?? 0) >= 3 || t('name_min_length', { min: 3 }),
+            ]"
+          />
+          <q-input
+            v-model="selected.email"
+            :label="t('email') + ' *'"
+            :hint="t('email_hint')"
+            dense
+            class="q-mb-md"
+            lazy-rules
+            :rules="[(val) => !!val || t('email_required'), (val) => validateEmailFormat(val) || t('email_invalid')]"
+          />
+          <div class="row q-col-gutter-md q-mb-md">
+            <div class="col-5">
+              <q-input v-model="selected.firstName" :label="t('user.firstName')" dense />
+            </div>
+            <div class="col-5">
+              <q-input v-model="selected.lastName" :label="t('user.lastName')" dense />
+            </div>
+            <div class="col-2">
+              <q-select
+                v-model="selected.preferredLanguage"
+                :label="t('user.language')"
+                :options="languageOptions"
+                dense
+                emit-value
+                map-options
+              />
+            </div>
+          </div>
+          <div class="row q-col-gutter-md q-mb-md">
+            <div class="col">
+              <q-select
+                v-model="selected.realm"
+                :label="t('realm')"
+                :hint="t(`user.realm_hint`)"
+                :options="realmOptions"
+                dense
+                emit-value
+                map-options
+              />
+            </div>
+            <div class="col">
+              <q-select
+                v-model="selected.role"
+                :label="t('role')"
+                :hint="t(`user.role_hint.${selected.role}`)"
+                :options="roleOptions"
+                dense
+                emit-value
+                map-options
+              />
+            </div>
+            <div class="col">
+              <q-select
+                v-model="selected.status"
+                :label="t('status')"
+                :hint="t(`user.status_hint.${selected.status}`)"
+                :options="statusOptions"
+                dense
+                emit-value
+                map-options
+              />
+            </div>
+          </div>
+          <q-select
+            v-model="selected.groups"
+            :label="t('groups')"
+            :hint="t('user.groups_hint')"
+            :options="groupOptions"
+            dense
+            emit-value
+            map-options
+            use-chips
+            multiple
+            class="q-mb-md"
+          />
+          <q-select
+            v-model="selected.applications"
+            :label="t('applications')"
+            :hint="t('user.applications_hint')"
+            :options="applicationOptions"
+            dense
+            emit-value
+            map-options
+            use-chips
+            multiple
+            class="q-mb-md"
+          />
+        </q-form>
+      </q-card-section>
+
+      <q-separator />
+
+      <q-card-actions align="right" class="bg-grey-3">
+        <q-btn flat :label="t('cancel')" color="secondary" @click="onCancel" v-close-popup />
+        <q-btn flat :label="t('save')" :disable="!isValid" color="primary" @click="onSave" />
+      </q-card-actions>
+    </q-card>
+  </q-dialog>
+</template>
+
+<script setup lang="ts">
+import type { UserDto } from 'src/models/Agate';
+import { notifyError, notifySuccess } from 'src/utils/notify';
+
+const { t } = useI18n();
+const userStore = useUserStore();
+const groupStore = useGroupStore();
+const applicationStore = useApplicationStore();
+const realmStore = useRealmStore();
+const systemStore = useSystemStore();
+
+interface DialogProps {
+  modelValue: boolean;
+  user: UserDto;
+}
+
+const props = defineProps<DialogProps>();
+const emit = defineEmits(['update:modelValue', 'saved', 'cancel']);
+
+const showDialog = ref(props.modelValue);
+const selected = ref<UserDto>(props.user);
+const editMode = ref(false);
+
+const roleOptions = computed(() =>
+  ['agate-user', 'agate-administrator'].map((role) => ({ label: t(`user.role.${role}`), value: role })),
+);
+const statusOptions = computed(() =>
+  ['ACTIVE', 'APPROVED', 'INACTIVE', 'PENDING'].map((status) => ({ label: t(`user.status.${status}`), value: status })),
+);
+const groupOptions = computed(() => groupStore.groups?.map((group) => ({ label: group.name, value: group.id })) ?? []);
+const applicationOptions = computed(
+  () => applicationStore.applications?.map((app) => ({ label: app.name, value: app.id })) ?? [],
+);
+const realmOptions = computed(() => [
+  { label: 'agate-user-realm', value: 'agate-user-realm' },
+  ...(realmStore.realms?.map((realm) => ({ label: realm.name, value: realm.id })) ?? []),
+]);
+const languageOptions = computed(
+  () => systemStore.configurationPublic.languages?.map((lang) => ({ label: lang.toUpperCase(), value: lang })) ?? [],
+);
+const isValid = computed(
+  () =>
+    selected.value.name &&
+    selected.value.name.trim().length >= 3 &&
+    selected.value.email &&
+    validateEmailFormat(selected.value.email),
+);
+
+onMounted(() => {
+  groupStore.init();
+  applicationStore.init();
+  realmStore.init();
+  systemStore.initPub();
+});
+
+watch(
+  () => props.modelValue,
+  (value) => {
+    showDialog.value = value;
+    selected.value = props.user
+      ? { ...props.user }
+      : ({
+          realm: 'agate-user-realm',
+          role: 'agate-user',
+          status: 'INACTIVE',
+          preferredLanguage: languageOptions.value.length ? languageOptions.value[0]?.value : '',
+        } as UserDto);
+    editMode.value = props.user !== undefined;
+  },
+);
+
+function onHide() {
+  emit('update:modelValue', false);
+}
+
+function onCancel() {
+  emit('cancel');
+}
+
+function onSave() {
+  userStore
+    .save(selected.value)
+    .then(() => {
+      notifySuccess(t('user.saved'));
+      emit('saved');
+    })
+    .catch(() => {
+      notifyError(t('user.save_failed'));
+    })
+    .finally(() => {
+      emit('update:modelValue', false);
+    });
+}
+
+function validateEmailFormat(val: string): boolean {
+  if (val) {
+    return val.match(/^[^\s@]+@[^\s@]+\.[^\s@]+$/) !== null;
+  }
+  return true;
+}
+</script>
diff --git a/agate-ui/src/components/UsersTable.vue b/agate-ui/src/components/UsersTable.vue
index 5ab1bfd8..db45443f 100644
--- a/agate-ui/src/components/UsersTable.vue
+++ b/agate-ui/src/components/UsersTable.vue
@@ -142,7 +142,7 @@
       :text="t('user.reject_confirm', { name: selected?.name })"
       @confirm="onDelete"
     />
-    <group-dialog v-model="showEdit" :group="selected" @saved="onSaved" />
+    <user-dialog v-model="showEdit" :user="selected" @saved="onSaved" />
   </div>
 </template>
 
@@ -153,7 +153,7 @@ export default defineComponent({
 </script>
 <script setup lang="ts">
 import type { UserDto } from 'src/models/Agate';
-import GroupDialog from 'src/components/GroupDialog.vue';
+import UserDialog from 'src/components/UserDialog.vue';
 import ConfirmDialog from 'src/components/ConfirmDialog.vue';
 import { DefaultAlignment } from 'src/components/models';
 import { notifyError, notifySuccess } from 'src/utils/notify';
diff --git a/agate-ui/src/i18n/en/index.js b/agate-ui/src/i18n/en/index.js
index a55a53d1..48abc6e0 100644
--- a/agate-ui/src/i18n/en/index.js
+++ b/agate-ui/src/i18n/en/index.js
@@ -16,10 +16,16 @@ export default {
   },
   user: {
     add: 'Add user',
+    applications_hint: 'Users can be directly granted application access.',
     approve: 'Approve user',
     approved: 'User approved',
     approve_error: 'Failed to approve user',
     edit: 'Edit user',
+    firstName: 'First Name',
+    groups_hint: 'Users can be members of groups to access applications associated to these groups.',
+    language: 'Language',
+    lastName: 'Last Name',
+    realm_hint: 'Realm in which user authenticates.',
     reject: 'Reject user',
     reject_confirm: 'Please confirm user rejection: {name}',
     remove: 'Remove user',
@@ -34,6 +40,10 @@ export default {
       'agate-user': 'User',
       'agate-administrator': 'Administrator',
     },
+    role_hint: {
+      'agate-user': 'A simple user can only access to its own account.',
+      'agate-administrator': 'An administrator can manage all users, groups, applications, realms etc.',
+    },
     saved: 'User saved',
     save_failed: 'Failed to save user',
     status: {
@@ -43,39 +53,48 @@ export default {
       PENDING: 'Pending',
     },
     status_hint: {
-      ACTIVE: 'User is operational',
-      APPROVED: 'User was approved by administrator but user confirmation is still required (email, password reset)',
-      INACTIVE: 'User is disabled',
-      PENDING: 'User is pending approval',
+      ACTIVE: 'User is operational.',
+      APPROVED: 'User was approved by administrator but user confirmation is still required (email, password reset).',
+      INACTIVE: 'User is disabled.',
+      PENDING: 'User is pending approval.',
     },
   },
   add: 'Add',
   administration: 'Administration',
+  applications_caption: 'Manage applications, identifications and identity providers',
+  applications: 'Applications',
+  cancel: 'Cancel',
   content_management: 'Content Management',
+  delete: 'Remove',
+  description: 'Description',
   docs: 'Docs',
   documentation_cookbook: 'Documentation and cookbook',
-  source_code: 'Source Code',
-  users: 'Users',
-  users_caption: 'Manage users, assign role and groups to grant applications access',
-  groups: 'Groups',
+  edit: 'Edit',
+  email_hint: 'Email must be unique',
+  email_invalid: 'Invalid email',
+  email_required: 'Email is required',
+  email: 'Email',
+  fullName: 'Full Name',
   groups_caption: 'Manage groups, grant applications access to group members',
-  applications: 'Applications',
-  applications_caption: 'Manage applications, identifications and identity providers',
-  realms: 'Realms',
-  realms_caption: 'Manage realms, federate external identity providers',
-  settings: 'Settings',
-  my_profile: 'My Profile',
+  groups: 'Groups',
   help: 'Help',
-  other_links: 'Other links',
-  name: 'Name',
-  description: 'Description',
-  name_required: 'Name is required',
-  search: 'Search',
   inherited_from: 'Inherited from: {parent}',
-  fullName: 'Full Name',
-  email: 'Email',
+  my_profile: 'My Profile',
+  name_hint: 'Name must be unique',
+  name_min_length: 'Name must be at least {min} characters',
+  name_required: 'Name is required',
+  name: 'Name',
+  other_links: 'Other links',
+  otpEnabled: '2FA',
   realm: 'Realm',
-  status: 'Status',
+  realms_caption: 'Manage realms, federate external identity providers',
+  realms: 'Realms',
   role: 'Role',
-  otpEnabled: '2FA',
+  save: 'Save',
+  search: 'Search',
+  settings: 'Settings',
+  source_code: 'Source Code',
+  status: 'Status',
+  users_caption: 'Manage users, assign role and groups to grant applications access',
+  users: 'Users',
 };
diff --git a/agate-ui/src/i18n/fr/index.js b/agate-ui/src/i18n/fr/index.js
index 300bbf45..b1cd0273 100644
--- a/agate-ui/src/i18n/fr/index.js
+++ b/agate-ui/src/i18n/fr/index.js
@@ -16,10 +16,16 @@ export default {
   },
   user: {
     add: 'Ajouter un usager',
+    applications_hint: 'Les usagers peuvent être directement accordés un accès aux applications.',
     approve: "Approuver l'usager",
     approved: 'Usager approuvé',
     approve_error: "Échec de l'approbation de l'usager",
     edit: "Modifier l'usager",
+    firstName: 'Prénom',
+    groups_hint: 'Les usagers peuvent être membres de groupes pour accéder aux applications associées à ces groupes.',
+    language: 'Langue',
+    lastName: 'Nom de famille',
+    realm_hint: "Domaine dans lequel l'usager est authentifié.",
     reject: "Rejeter l'usager",
     reject_confirm: "Veuillez confirmer le rejet de l'usager: {name}",
     remove: "Suppression de l'usager",
@@ -34,6 +40,10 @@ export default {
       'agate-user': 'Usager',
       'agate-administrator': 'Administrateur',
     },
+    role_hint: {
+      'agate-user': 'Un usager simple peut uniquement accéder à son propre compte.',
+      'agate-administrator': 'Un administrateur peut gérer tous les usagers, les groupes, les applcations, les domaines etc.',
+    },
     saved: 'Usager enregistré',
     save_failed: "Échec de l'enregistrement de l'usager",
     status: {
@@ -43,39 +53,48 @@ export default {
       PENDING: 'En attente',
     },
     status_hint: {
-      ACTIVE: 'Usager opérationnel',
-      APPROVED: "Usager approuvé par l'administrateur mais confirmation de l'usager requise (courriel, réinitialisation du mot de passe)",
-      INACTIVE: 'Usager désactivé',
-      PENDING: "Usager en attente d'approbation",
+      ACTIVE: 'Usager opérationnel.',
+      APPROVED: "Usager approuvé par l'administrateur mais confirmation de l'usager requise (courriel, réinitialisation du mot de passe).",
+      INACTIVE: 'Usager désactivé.',
+      PENDING: "Usager en attente d'approbation.",
     },
   },
   add: 'ajouter',
   administration: 'Administration',
+  applications_caption: "Gérer les applications, les identifications et les fournisseurs d'identité",
+  applications: 'Applications',
+  cancel: 'Annuler',
   content_management: 'Gestion de contenu',
+  delete: 'Supprimer',
+  description: 'Description',
   docs: 'Docs',
   documentation_cookbook: 'Documentation & recettes',
-  source_code: 'Code source',
-  users: 'Utilisateurs',
-  users_caption: 'Gérer les utilisateurs, les rôles et les accès aux applications',
-  groups: 'Groupes',
+  edit: 'Editer',
+  email_hint: 'Le courriel doit être unique',
+  email_invalid: 'Le courriel est invalide',
+  email_required: 'Le courriel est requis',
+  email: 'Courriel',
+  fullName: 'Nom complet',
   groups_caption: 'Gérer les groupes et leurs membres, les accès aux applications',
-  applications: 'Applications',
-  applications_caption: "Gérer les applications, les identifications et les fournisseurs d'identité",
-  realms: 'Domaines',
-  realms_caption: "Gérer les domaines, fédérer les fournisseurs d'identité externes",
-  settings: 'Paramètres',
-  my_profile: 'Mon profil',
+  groups: 'Groupes',
   help: 'Aide',
-  other_links: 'Autres liens',
-  name: 'Nom',
-  description: 'Description',
-  name_required: 'Le nom est requis',
-  search: 'Rechercher',
   inherited_from: 'Hérité de: {parent}',
-  fullName: 'Nom complet',
-  email: 'Courriel',
+  my_profile: 'Mon profil',
+  name_hint: 'Le nom doit être unique',
+  name_min_length: 'Le nom doit comporter au moins {min} caractères',
+  name_required: 'Le nom est requis',
+  name: 'Nom',
+  other_links: 'Autres liens',
+  otpEnabled: '2FA',
   realm: 'Domaine',
-  status: 'Statut',
+  realms_caption: "Gérer les domaines, fédérer les fournisseurs d'identité externes",
+  realms: 'Domaines',
   role: 'Rôle',
-  otpEnabled: '2FA',
+  save: 'Enregistrer',
+  search: 'Rechercher',
+  settings: 'Paramètres',
+  source_code: 'Code source',
+  status: 'Statut',
+  users_caption: 'Gérer les utilisateurs, les rôles et les accès aux applications',
+  users: 'Utilisateurs',
 };
diff --git a/agate-ui/src/stores/group.ts b/agate-ui/src/stores/group.ts
index 563ba1df..7637d497 100644
--- a/agate-ui/src/stores/group.ts
+++ b/agate-ui/src/stores/group.ts
@@ -13,6 +13,7 @@ export const useGroupStore = defineStore('group', () => {
   }
 
   async function save(group: GroupDto) {
+    group.name = group.name.trim();
     return group.id ? api.put(`/group/${group.id}`, group) : api.post('/groups', group);
   }
 
diff --git a/agate-ui/src/stores/system.ts b/agate-ui/src/stores/system.ts
index b05f08fe..6b74ebb2 100644
--- a/agate-ui/src/stores/system.ts
+++ b/agate-ui/src/stores/system.ts
@@ -3,8 +3,8 @@ import { api } from 'src/boot/api';
 import type { PublicConfigurationDto, ConfigurationDto } from 'src/models/Agate';
 
 export const useSystemStore = defineStore('system', () => {
-  const configurationPublic = ref<PublicConfigurationDto | null>(null);
-  const configuration = ref<ConfigurationDto | null>(null);
+  const configurationPublic = ref<PublicConfigurationDto>({} as PublicConfigurationDto);
+  const configuration = ref<ConfigurationDto>({} as ConfigurationDto);
 
   async function initPub() {
     return api.get('/config/_public').then((response) => {
diff --git a/agate-ui/src/stores/user.ts b/agate-ui/src/stores/user.ts
index b999471c..5bf35ae3 100644
--- a/agate-ui/src/stores/user.ts
+++ b/agate-ui/src/stores/user.ts
@@ -30,11 +30,17 @@ export const useUserStore = defineStore('user', () => {
     );
   }
 
+  async function save(user: UserDto) {
+    user.name = user.name.trim();
+    return user.id ? api.put(`/user/${user.id}`, user) : api.post('/users', { user });
+  }
+
   return {
     users,
     init,
     remove,
     resetPassword,
     approve,
+    save,
   };
 });

From 6c75d31467702d34667868e1801a892cff12b9db Mon Sep 17 00:00:00 2001
From: Yannick Marcon <yannick.marcon@obiba.org>
Date: Fri, 3 Jan 2025 14:53:46 +0100
Subject: [PATCH 3/6] feat: add user with password

---
 .../agate/web/rest/user/UsersResource.java    |   2 +-
 agate-ui/src/components/UserDialog.vue        | 181 +++++++++++++-----
 agate-ui/src/components/UsersTable.vue        |   3 +-
 agate-ui/src/i18n/en/index.js                 |   8 +
 agate-ui/src/i18n/fr/index.js                 |   8 +
 agate-ui/src/stores/user.ts                   |  47 ++++-
 6 files changed, 195 insertions(+), 54 deletions(-)

diff --git a/agate-rest/src/main/java/org/obiba/agate/web/rest/user/UsersResource.java b/agate-rest/src/main/java/org/obiba/agate/web/rest/user/UsersResource.java
index 3cd97f6d..e2015de6 100644
--- a/agate-rest/src/main/java/org/obiba/agate/web/rest/user/UsersResource.java
+++ b/agate-rest/src/main/java/org/obiba/agate/web/rest/user/UsersResource.java
@@ -98,7 +98,7 @@ public Response create(Agate.UserCreateFormDto userCreateFormDto) {
 
     if(RESERVED_USER_NAMES.contains(username)) throw new BadRequestException("Reserved user name");
 
-    if (AgateRealm.AGATE_USER_REALM.name().equals(userDto.getRealm()) && Strings.isNullOrEmpty(userCreateFormDto.getPassword()))
+    if (AgateRealm.AGATE_USER_REALM.getName().equals(userDto.getRealm()) && Strings.isNullOrEmpty(userCreateFormDto.getPassword()))
       throw new BadRequestException("User requires a password");
 
     user = userService.createUser(dtos.fromDto(userDto), userCreateFormDto.getPassword());
diff --git a/agate-ui/src/components/UserDialog.vue b/agate-ui/src/components/UserDialog.vue
index c259fd58..d8b53c6b 100644
--- a/agate-ui/src/components/UserDialog.vue
+++ b/agate-ui/src/components/UserDialog.vue
@@ -9,28 +9,35 @@
 
       <q-card-section>
         <q-form>
-          <q-input
-            v-model="selected.name"
-            :label="t('name') + ' *'"
-            :hint="t('name_hint')"
-            :disable="editMode"
-            dense
-            class="q-mb-md"
-            lazy-rules
-            :rules="[
-              (val) => !!val || t('name_required'),
-              (val) => (val?.trim().length ?? 0) >= 3 || t('name_min_length', { min: 3 }),
-            ]"
-          />
-          <q-input
-            v-model="selected.email"
-            :label="t('email') + ' *'"
-            :hint="t('email_hint')"
-            dense
-            class="q-mb-md"
-            lazy-rules
-            :rules="[(val) => !!val || t('email_required'), (val) => validateEmailFormat(val) || t('email_invalid')]"
-          />
+          <div class="row q-col-gutter-md q-mb-md">
+            <div class="col">
+              <q-input
+                v-model="selected.name"
+                :label="t('name') + ' *'"
+                :hint="t('name_hint')"
+                :disable="editMode"
+                dense
+                lazy-rules
+                :rules="[
+                  (val) => !!val || t('name_required'),
+                  (val) => (val?.trim().length ?? 0) >= 3 || t('name_min_length', { min: 3 }),
+                ]"
+              />
+            </div>
+            <div class="col">
+              <q-input
+                v-model="selected.email"
+                :label="t('email') + ' *'"
+                :hint="t('email_hint')"
+                dense
+                lazy-rules
+                :rules="[
+                  (val) => !!val || t('email_required'),
+                  (val) => validateEmailFormat(val) || t('email_invalid'),
+                ]"
+              />
+            </div>
+          </div>
           <div class="row q-col-gutter-md q-mb-md">
             <div class="col-5">
               <q-input v-model="selected.firstName" :label="t('user.firstName')" dense />
@@ -49,7 +56,7 @@
               />
             </div>
           </div>
-          <div class="row q-col-gutter-md q-mb-md">
+          <div v-if="!editMode" class="row q-col-gutter-md q-mb-md">
             <div class="col">
               <q-select
                 v-model="selected.realm"
@@ -59,8 +66,55 @@
                 dense
                 emit-value
                 map-options
+                @update:model-value="onRealmChange"
               />
             </div>
+            <div v-if="showPassword" class="col">
+              <q-input
+                v-model="password"
+                :label="t('user.password') + ' *'"
+                :type="passwordVisible ? 'text' : 'password'"
+                dense
+                lazy-rules
+                :rules="[
+                  (val) => !!val || t('user.password_required'),
+                  (val) => (val?.trim().length ?? 0) >= 8 || t('user.password_min_length', { min: 8 }),
+                ]"
+              >
+                <template v-slot:after>
+                  <q-btn
+                    round
+                    dense
+                    size="sm"
+                    :title="t('user.show_password')"
+                    flat
+                    icon="visibility"
+                    @click="passwordVisible = !passwordVisible"
+                  />
+                  <q-btn
+                    round
+                    dense
+                    size="sm"
+                    :title="t('user.copy_password')"
+                    flat
+                    icon="content_copy"
+                    @click="copyPasswordToClipboard"
+                  />
+                  <q-btn
+                    round
+                    dense
+                    size="sm"
+                    :title="t('user.generate_password')"
+                    flat
+                    icon="lock_reset"
+                    @click="generatePassword"
+                  />
+                </template>
+              </q-input>
+              <div class="text-hint">{{ t('user.password_hint') }}</div>
+            </div>
+          </div>
+          <div class="row q-col-gutter-md q-mb-md">
             <div class="col">
               <q-select
                 v-model="selected.role"
@@ -84,30 +138,34 @@
               />
             </div>
           </div>
-          <q-select
-            v-model="selected.groups"
-            :label="t('groups')"
-            :hint="t('user.groups_hint')"
-            :options="groupOptions"
-            dense
-            emit-value
-            map-options
-            use-chips
-            multiple
-            class="q-mb-md"
-          />
-          <q-select
-            v-model="selected.applications"
-            :label="t('applications')"
-            :hint="t('user.applications_hint')"
-            :options="applicationOptions"
-            dense
-            emit-value
-            map-options
-            use-chips
-            multiple
-            class="q-mb-md"
-          />
+          <div class="row q-col-gutter-md q-mb-md">
+            <div class="col">
+              <q-select
+                v-model="selected.groups"
+                :label="t('groups')"
+                :hint="t('user.groups_hint')"
+                :options="groupOptions"
+                dense
+                emit-value
+                map-options
+                use-chips
+                multiple
+              />
+            </div>
+            <div class="col">
+              <q-select
+                v-model="selected.applications"
+                :label="t('applications')"
+                :hint="t('user.applications_hint')"
+                :options="applicationOptions"
+                dense
+                emit-value
+                map-options
+                use-chips
+                multiple
+              />
+            </div>
+          </div>
         </q-form>
       </q-card-section>
 
@@ -123,7 +181,8 @@
 
 <script setup lang="ts">
 import type { UserDto } from 'src/models/Agate';
-import { notifyError, notifySuccess } from 'src/utils/notify';
+import { notifyError, notifyInfo, notifySuccess } from 'src/utils/notify';
+import { copyToClipboard } from 'quasar';
 
 const { t } = useI18n();
 const userStore = useUserStore();
@@ -143,6 +202,8 @@ const emit = defineEmits(['update:modelValue', 'saved', 'cancel']);
 const showDialog = ref(props.modelValue);
 const selected = ref<UserDto>(props.user);
 const editMode = ref(false);
+const password = ref('');
+const passwordVisible = ref(false);
 
 const roleOptions = computed(() =>
   ['agate-user', 'agate-administrator'].map((role) => ({ label: t(`user.role.${role}`), value: role })),
@@ -161,12 +222,14 @@ const realmOptions = computed(() => [
 const languageOptions = computed(
   () => systemStore.configurationPublic.languages?.map((lang) => ({ label: lang.toUpperCase(), value: lang })) ?? [],
 );
+const showPassword = computed(() => !editMode.value && selected.value.realm === 'agate-user-realm');
 const isValid = computed(
   () =>
     selected.value.name &&
     selected.value.name.trim().length >= 3 &&
     selected.value.email &&
-    validateEmailFormat(selected.value.email),
+    validateEmailFormat(selected.value.email) &&
+    (!showPassword.value || (password.value && password.value.trim().length >= 8)),
 );
 
 onMounted(() => {
@@ -189,6 +252,8 @@ watch(
           preferredLanguage: languageOptions.value.length ? languageOptions.value[0]?.value : '',
         } as UserDto);
     editMode.value = props.user !== undefined;
+    password.value = '';
+    passwordVisible.value = false;
   },
 );
 
@@ -202,7 +267,7 @@ function onCancel() {
 
 function onSave() {
   userStore
-    .save(selected.value)
+    .save(selected.value, password.value)
     .then(() => {
       notifySuccess(t('user.saved'));
       emit('saved');
@@ -221,4 +286,20 @@ function validateEmailFormat(val: string): boolean {
   }
   return true;
 }
+
+function onRealmChange() {
+  password.value = '';
+}
+
+function generatePassword() {
+  password.value = userStore.generatePassword();
+}
+
+function copyPasswordToClipboard() {
+  if (password.value) {
+    copyToClipboard(password.value).then(() => {
+      notifyInfo(t('user.password_copied'));
+    });
+  }
+}
 </script>
diff --git a/agate-ui/src/components/UsersTable.vue b/agate-ui/src/components/UsersTable.vue
index db45443f..6726b212 100644
--- a/agate-ui/src/components/UsersTable.vue
+++ b/agate-ui/src/components/UsersTable.vue
@@ -39,13 +39,14 @@
                 @click="onShowDelete(props.row)"
               />
               <q-btn
+                v-if="props.row.realm === 'agate-user-realm'"
                 rounded
                 dense
                 flat
                 size="sm"
                 color="secondary"
                 :title="t('user.reset_password')"
-                :icon="toolsVisible[props.row.name] ? 'lock_reset' : 'none'"
+                :icon="toolsVisible[props.row.name] ? 'send' : 'none'"
                 class="q-ml-xs"
                 @click="onShowResetPassword(props.row)"
               />
diff --git a/agate-ui/src/i18n/en/index.js b/agate-ui/src/i18n/en/index.js
index 48abc6e0..6dfb8329 100644
--- a/agate-ui/src/i18n/en/index.js
+++ b/agate-ui/src/i18n/en/index.js
@@ -20,11 +20,18 @@ export default {
     approve: 'Approve user',
     approved: 'User approved',
     approve_error: 'Failed to approve user',
+    copy_password: 'Copy password',
     edit: 'Edit user',
     firstName: 'First Name',
+    generate_password: 'Generate password',
     groups_hint: 'Users can be members of groups to access applications associated to these groups.',
     language: 'Language',
     lastName: 'Last Name',
+    password: 'Password',
+    password_copied: 'Password copied',
+    password_hint: 'Password must contain at least one digit, one upper case alphabet, one lower case alphabet, one special character (which includes @#$%^&+=!) and no white spaces.',
+    password_min_length: 'Password must be at least {min} characters',
+    password_required: 'Password is required',
     realm_hint: 'Realm in which user authenticates.',
     reject: 'Reject user',
     reject_confirm: 'Please confirm user rejection: {name}',
@@ -46,6 +53,7 @@ export default {
     },
     saved: 'User saved',
     save_failed: 'Failed to save user',
+    show_password: 'Show password',
     status: {
       ACTIVE: 'Active',
       APPROVED: 'Approved',
diff --git a/agate-ui/src/i18n/fr/index.js b/agate-ui/src/i18n/fr/index.js
index b1cd0273..df578e10 100644
--- a/agate-ui/src/i18n/fr/index.js
+++ b/agate-ui/src/i18n/fr/index.js
@@ -20,11 +20,18 @@ export default {
     approve: "Approuver l'usager",
     approved: 'Usager approuvé',
     approve_error: "Échec de l'approbation de l'usager",
+    copy_password: 'Copier le mot de passe',
     edit: "Modifier l'usager",
     firstName: 'Prénom',
+    generate_password: 'Générer un mot de passe',
     groups_hint: 'Les usagers peuvent être membres de groupes pour accéder aux applications associées à ces groupes.',
     language: 'Langue',
     lastName: 'Nom de famille',
+    password: 'Mot de passe',
+    password_copied: 'Mot de passe copié',
+    password_hint: 'Le mot de passe doit contenir au moins un chiffre, une lettre majuscule, une lettre minuscule, un caractère spécial (qui inclut @#$%^&+=!) et aucun espace blanc.',
+    password_min_length: 'Le mot de passe doit comporter au moins {min} caractères',
+    password_required: 'Le mot de passe est requis',
     realm_hint: "Domaine dans lequel l'usager est authentifié.",
     reject: "Rejeter l'usager",
     reject_confirm: "Veuillez confirmer le rejet de l'usager: {name}",
@@ -46,6 +53,7 @@ export default {
     },
     saved: 'Usager enregistré',
     save_failed: "Échec de l'enregistrement de l'usager",
+    show_password: 'Afficher le mot de passe',
     status: {
       ACTIVE: 'Actif',
       APPROVED: 'Approuvé',
diff --git a/agate-ui/src/stores/user.ts b/agate-ui/src/stores/user.ts
index 5bf35ae3..a2c168ba 100644
--- a/agate-ui/src/stores/user.ts
+++ b/agate-ui/src/stores/user.ts
@@ -22,6 +22,14 @@ export const useUserStore = defineStore('user', () => {
     return api.put(`/user/${user.id}/reset_password`);
   }
 
+  async function updatePassword(user: UserDto, password: string) {
+    return api.put(
+      `/user/${user.id}/password`,
+      { password },
+      { headers: { 'Content-Type': 'application/x-www-form-urlencoded' } },
+    );
+  }
+
   async function approve(user: UserDto) {
     return api.put(
       `/user/${user.id}/status`,
@@ -30,9 +38,42 @@ export const useUserStore = defineStore('user', () => {
     );
   }
 
-  async function save(user: UserDto) {
+  async function save(user: UserDto, password: string | undefined = undefined) {
     user.name = user.name.trim();
-    return user.id ? api.put(`/user/${user.id}`, user) : api.post('/users', { user });
+    return user.id ? api.put(`/user/${user.id}`, user) : api.post('/users', { password, user });
+  }
+
+  function generatePassword(length: number = 12): string {
+    if (length < 8) {
+      throw new Error('Password length should be at least 8 characters for strength.');
+    }
+
+    const upperCase = 'ABCDEFGHIJKLMNOPQRSTUVWXYZ';
+    const lowerCase = 'abcdefghijklmnopqrstuvwxyz';
+    const numbers = '0123456789';
+    const specialChars = '@#$%^&+=!';
+
+    const allChars = upperCase + lowerCase + numbers + specialChars;
+
+    const getRandomChar = (chars: string) => chars[Math.floor(Math.random() * chars.length)];
+
+    // Ensure the password contains at least one of each character type
+    let password = [
+      getRandomChar(upperCase),
+      getRandomChar(lowerCase),
+      getRandomChar(numbers),
+      getRandomChar(specialChars),
+    ];
+
+    // Fill the rest of the password length with random characters from all types
+    for (let i = password.length; i < length; i++) {
+      password.push(getRandomChar(allChars));
+    }
+
+    // Shuffle the password to make it more random
+    password = password.sort(() => Math.random() - 0.5);
+
+    return password.join('');
   }
 
   return {
@@ -42,5 +83,7 @@ export const useUserStore = defineStore('user', () => {
     resetPassword,
     approve,
     save,
+    generatePassword,
+    updatePassword,
   };
 });

From 7b0003bab29a4c1b0e85927120a10344b8c2f927 Mon Sep 17 00:00:00 2001
From: Yannick Marcon <yannick.marcon@obiba.org>
Date: Fri, 3 Jan 2025 15:19:36 +0100
Subject: [PATCH 4/6] feat: update user password

---
 agate-ui/src/components/ConfirmDialog.vue     |   5 -
 agate-ui/src/components/EssentialLink.vue     |   5 -
 agate-ui/src/components/GroupsTable.vue       |   5 -
 agate-ui/src/components/MainDrawer.vue        |   5 -
 agate-ui/src/components/SchemaForm.vue        |  14 +-
 agate-ui/src/components/SchemaFormItem.vue    |   5 -
 .../src/components/UpdatePasswordDialog.vue   | 131 ++++++++++++++++++
 agate-ui/src/components/UsersTable.vue        |  31 +++--
 agate-ui/src/i18n/en/index.js                 |   1 +
 agate-ui/src/i18n/fr/index.js                 |   1 +
 10 files changed, 157 insertions(+), 46 deletions(-)
 create mode 100644 agate-ui/src/components/UpdatePasswordDialog.vue

diff --git a/agate-ui/src/components/ConfirmDialog.vue b/agate-ui/src/components/ConfirmDialog.vue
index 8f985cb5..ecf06432 100644
--- a/agate-ui/src/components/ConfirmDialog.vue
+++ b/agate-ui/src/components/ConfirmDialog.vue
@@ -21,11 +21,6 @@
   </q-dialog>
 </template>
 
-<script lang="ts">
-export default defineComponent({
-  name: 'ConfirmDialog',
-});
-</script>
 <script setup lang="ts">
 const { t } = useI18n();
 
diff --git a/agate-ui/src/components/EssentialLink.vue b/agate-ui/src/components/EssentialLink.vue
index 5f546326..2a5d9eb7 100644
--- a/agate-ui/src/components/EssentialLink.vue
+++ b/agate-ui/src/components/EssentialLink.vue
@@ -11,11 +11,6 @@
   </q-item>
 </template>
 
-<script lang="ts">
-export default defineComponent({
-  name: 'EssentialLink',
-});
-</script>
 <script setup lang="ts">
 export interface EssentialLinkProps {
   title: string;
diff --git a/agate-ui/src/components/GroupsTable.vue b/agate-ui/src/components/GroupsTable.vue
index adbba4a2..bf73313c 100644
--- a/agate-ui/src/components/GroupsTable.vue
+++ b/agate-ui/src/components/GroupsTable.vue
@@ -69,11 +69,6 @@
   </div>
 </template>
 
-<script lang="ts">
-export default defineComponent({
-  name: 'GroupsTable',
-});
-</script>
 <script setup lang="ts">
 import type { GroupDto } from 'src/models/Agate';
 import GroupDialog from 'src/components/GroupDialog.vue';
diff --git a/agate-ui/src/components/MainDrawer.vue b/agate-ui/src/components/MainDrawer.vue
index ab998817..d3c225cd 100644
--- a/agate-ui/src/components/MainDrawer.vue
+++ b/agate-ui/src/components/MainDrawer.vue
@@ -74,11 +74,6 @@
   </div>
 </template>
 
-<script lang="ts">
-export default defineComponent({
-  name: 'MainDrawer',
-});
-</script>
 <script setup lang="ts">
 import EssentialLink from 'components/EssentialLink.vue';
 import type { EssentialLinkProps } from 'components/EssentialLink.vue';
diff --git a/agate-ui/src/components/SchemaForm.vue b/agate-ui/src/components/SchemaForm.vue
index e039f87e..7b972c34 100644
--- a/agate-ui/src/components/SchemaForm.vue
+++ b/agate-ui/src/components/SchemaForm.vue
@@ -4,23 +4,13 @@
       <div v-if="schema.title" class="text-help">{{ schema.title }}</div>
       <div v-if="schema.description" class="text-hint q-mb-sm">{{ schema.description }}</div>
       <div v-for="item in schema.items" :key="item.key">
-        <schema-form-item
-          v-model="data[item.key]"
-          :field="item"
-          :disable="disable"
-          @update:model-value="onUpdate(item.key)"
-        />
+        <schema-form-item v-model="data[item.key]" :field="item" :disable="disable" @update:model-value="onUpdate" />
       </div>
     </form>
   </div>
   <span v-if="!isFormValid" class="text-negative text-caption">{{ t('validation.missing_required_fields') }}</span>
 </template>
 
-<script lang="ts">
-export default defineComponent({
-  name: 'SchemaForm',
-});
-</script>
 <script setup lang="ts">
 import type { FormObject, SchemaFormObject } from 'src/components/models';
 import SchemaFormItem from 'src/components/SchemaFormItem.vue';
@@ -68,7 +58,7 @@ function validate() {
   return isFormValid.value;
 }
 
-function onUpdate(key: string) {
+function onUpdate() {
   validate();
   if (!isFormValid.value) emit('update:modelValue', undefined);
   else emit('update:modelValue', data.value);
diff --git a/agate-ui/src/components/SchemaFormItem.vue b/agate-ui/src/components/SchemaFormItem.vue
index 56bcf588..b5051950 100644
--- a/agate-ui/src/components/SchemaFormItem.vue
+++ b/agate-ui/src/components/SchemaFormItem.vue
@@ -114,11 +114,6 @@
   </div>
 </template>
 
-<script lang="ts">
-export default defineComponent({
-  name: 'SchemaFormItem',
-});
-</script>
 <script setup lang="ts">
 import type { FileObject, FormObject, SchemaFormField, EnumOption } from 'src/components/models';
 
diff --git a/agate-ui/src/components/UpdatePasswordDialog.vue b/agate-ui/src/components/UpdatePasswordDialog.vue
new file mode 100644
index 00000000..9c7a3b15
--- /dev/null
+++ b/agate-ui/src/components/UpdatePasswordDialog.vue
@@ -0,0 +1,131 @@
+<template>
+  <q-dialog v-model="showDialog" persistent @hide="onHide">
+    <q-card class="dialog-md">
+      <q-card-section>
+        <div class="text-h6">{{ t('user.update_password') }}</div>
+      </q-card-section>
+
+      <q-separator />
+
+      <q-card-section>
+        <q-form>
+          <q-input
+            v-model="password"
+            :label="t('user.password') + ' *'"
+            :type="passwordVisible ? 'text' : 'password'"
+            dense
+            lazy-rules
+            :rules="[
+              (val) => !!val || t('user.password_required'),
+              (val) => (val?.trim().length ?? 0) >= 8 || t('user.password_min_length', { min: 8 }),
+            ]"
+          >
+            <template v-slot:after>
+              <q-btn
+                round
+                dense
+                size="sm"
+                :title="t('user.show_password')"
+                flat
+                icon="visibility"
+                @click="passwordVisible = !passwordVisible"
+              />
+              <q-btn
+                round
+                dense
+                size="sm"
+                :title="t('user.copy_password')"
+                flat
+                icon="content_copy"
+                @click="copyPasswordToClipboard"
+              />
+              <q-btn
+                round
+                dense
+                size="sm"
+                :title="t('user.generate_password')"
+                flat
+                icon="lock_reset"
+                @click="generatePassword"
+              />
+            </template>
+          </q-input>
+          <div class="text-hint">{{ t('user.password_hint') }}</div>
+        </q-form>
+      </q-card-section>
+
+      <q-separator />
+
+      <q-card-actions align="right" class="bg-grey-3">
+        <q-btn flat :label="t('cancel')" color="secondary" @click="onCancel" v-close-popup />
+        <q-btn flat :label="t('save')" :disable="!isValid" color="primary" @click="onSave" />
+      </q-card-actions>
+    </q-card>
+  </q-dialog>
+</template>
+
+<script setup lang="ts">
+import type { UserDto } from 'src/models/Agate';
+import { notifyError, notifyInfo, notifySuccess } from 'src/utils/notify';
+import { copyToClipboard } from 'quasar';
+
+const { t } = useI18n();
+const userStore = useUserStore();
+
+interface DialogProps {
+  modelValue: boolean;
+  user: UserDto;
+}
+
+const props = defineProps<DialogProps>();
+const emit = defineEmits(['update:modelValue', 'saved', 'cancel']);
+
+const showDialog = ref(props.modelValue);
+const password = ref('');
+const passwordVisible = ref(false);
+const isValid = computed(() => password.value && password.value.trim().length >= 8);
+
+watch(
+  () => props.modelValue,
+  (value) => {
+    showDialog.value = value;
+    password.value = '';
+    passwordVisible.value = false;
+  },
+);
+
+function onHide() {
+  emit('update:modelValue', false);
+}
+
+function onCancel() {
+  emit('cancel');
+}
+
+function onSave() {
+  userStore
+    .updatePassword(props.user, password.value)
+    .then(() => {
+      notifySuccess(t('user.password_updated'));
+      emit('saved');
+    })
+    .catch(() => {
+      notifyError(t('user.password_update_failed'));
+    })
+    .finally(() => {
+      emit('update:modelValue', false);
+    });
+}
+
+function generatePassword() {
+  password.value = userStore.generatePassword();
+}
+
+function copyPasswordToClipboard() {
+  if (password.value) {
+    copyToClipboard(password.value).then(() => {
+      notifyInfo(t('user.password_copied'));
+    });
+  }
+}
+</script>
diff --git a/agate-ui/src/components/UsersTable.vue b/agate-ui/src/components/UsersTable.vue
index 6726b212..bcd713cb 100644
--- a/agate-ui/src/components/UsersTable.vue
+++ b/agate-ui/src/components/UsersTable.vue
@@ -45,11 +45,21 @@
                 flat
                 size="sm"
                 color="secondary"
-                :title="t('user.reset_password')"
-                :icon="toolsVisible[props.row.name] ? 'send' : 'none'"
+                :title="t('user.more_actions')"
+                :icon="toolsVisible[props.row.name] ? 'lock' : 'none'"
                 class="q-ml-xs"
-                @click="onShowResetPassword(props.row)"
-              />
+              >
+                <q-menu>
+                  <q-list style="min-width: 100px">
+                    <q-item clickable v-close-popup @click="onShowResetPassword(props.row)">
+                      <q-item-section>{{ t('user.reset_password') }}</q-item-section>
+                    </q-item>
+                    <q-item clickable v-close-popup @click="onShowUpdatePassword(props.row)">
+                      <q-item-section>{{ t('user.update_password') }}</q-item-section>
+                    </q-item>
+                  </q-list>
+                </q-menu>
+              </q-btn>
               <q-btn
                 v-if="props.row.status === 'PENDING'"
                 rounded
@@ -144,17 +154,14 @@
       @confirm="onDelete"
     />
     <user-dialog v-model="showEdit" :user="selected" @saved="onSaved" />
+    <update-password-dialog v-model="showUpdatePassword" :user="selected" />
   </div>
 </template>
 
-<script lang="ts">
-export default defineComponent({
-  name: 'UsersTable',
-});
-</script>
 <script setup lang="ts">
 import type { UserDto } from 'src/models/Agate';
 import UserDialog from 'src/components/UserDialog.vue';
+import UpdatePasswordDialog from 'src/components/UpdatePasswordDialog.vue';
 import ConfirmDialog from 'src/components/ConfirmDialog.vue';
 import { DefaultAlignment } from 'src/components/models';
 import { notifyError, notifySuccess } from 'src/utils/notify';
@@ -174,6 +181,7 @@ const initialPagination = ref({
 const showEdit = ref(false);
 const showDelete = ref(false);
 const showResetPassword = ref(false);
+const showUpdatePassword = ref(false);
 const showReject = ref(false);
 const selected = ref();
 
@@ -229,6 +237,11 @@ function onShowResetPassword(row: UserDto) {
   showResetPassword.value = true;
 }
 
+function onShowUpdatePassword(row: UserDto) {
+  selected.value = row;
+  showUpdatePassword.value = true;
+}
+
 function onShowReject(row: UserDto) {
   selected.value = row;
   showReject.value = true;
diff --git a/agate-ui/src/i18n/en/index.js b/agate-ui/src/i18n/en/index.js
index 6dfb8329..d5259bd3 100644
--- a/agate-ui/src/i18n/en/index.js
+++ b/agate-ui/src/i18n/en/index.js
@@ -66,6 +66,7 @@ export default {
       INACTIVE: 'User is disabled.',
       PENDING: 'User is pending approval.',
     },
+    update_password: 'Update password',
   },
   add: 'Add',
   administration: 'Administration',
diff --git a/agate-ui/src/i18n/fr/index.js b/agate-ui/src/i18n/fr/index.js
index df578e10..ab95af22 100644
--- a/agate-ui/src/i18n/fr/index.js
+++ b/agate-ui/src/i18n/fr/index.js
@@ -66,6 +66,7 @@ export default {
       INACTIVE: 'Usager désactivé.',
       PENDING: "Usager en attente d'approbation.",
     },
+    update_password: 'Mettre à jour le mot de passe',
   },
   add: 'ajouter',
   administration: 'Administration',

From f51cbcd089be7f7569d8ef34e22086b711943fe7 Mon Sep 17 00:00:00 2001
From: Yannick Marcon <yannick.marcon@obiba.org>
Date: Fri, 3 Jan 2025 15:30:34 +0100
Subject: [PATCH 5/6] feat: disable user otp

---
 agate-ui/src/components/UsersTable.vue | 16 +++++++++++++++-
 agate-ui/src/i18n/en/index.js          |  3 +++
 agate-ui/src/i18n/fr/index.js          |  3 +++
 agate-ui/src/stores/user.ts            |  5 +++++
 4 files changed, 26 insertions(+), 1 deletion(-)

diff --git a/agate-ui/src/components/UsersTable.vue b/agate-ui/src/components/UsersTable.vue
index bcd713cb..4a0cde70 100644
--- a/agate-ui/src/components/UsersTable.vue
+++ b/agate-ui/src/components/UsersTable.vue
@@ -57,6 +57,9 @@
                     <q-item clickable v-close-popup @click="onShowUpdatePassword(props.row)">
                       <q-item-section>{{ t('user.update_password') }}</q-item-section>
                     </q-item>
+                    <q-item v-if="props.row.otpEnabled" clickable v-close-popup @click="onDisableOTP(props.row)">
+                      <q-item-section>{{ t('user.disable_2fa') }}</q-item-section>
+                    </q-item>
                   </q-list>
                 </q-menu>
               </q-btn>
@@ -99,7 +102,10 @@
             <span class="text-caption">{{ t(`user.role.${props.row.role}`) }}</span>
           </q-td>
           <q-td key="otpEnabled" :props="props">
-            <q-icon v-if="props.row.otpEnabled" name="done" />
+            <div v-if="props.row.realm === 'agate-user-realm'">
+              <q-icon v-if="props.row.otpEnabled" name="radio_button_checked" color="positive" />
+              <q-icon v-else name="radio_button_unchecked" color="negative" />
+            </div>
           </q-td>
           <q-td key="realm" :props="props">
             <q-chip size="sm">{{ props.row.realm }}</q-chip>
@@ -286,4 +292,12 @@ function onApprove(row: UserDto) {
     .catch(() => notifyError(t('user.approve_error')))
     .finally(refresh);
 }
+
+function onDisableOTP(row: UserDto) {
+  userStore
+    .disableOTP(row)
+    .then(() => notifySuccess(t('user.otp_disabled')))
+    .catch(() => notifyError(t('user.otp_disable_error')))
+    .finally(refresh);
+}
 </script>
diff --git a/agate-ui/src/i18n/en/index.js b/agate-ui/src/i18n/en/index.js
index d5259bd3..c71b1ebb 100644
--- a/agate-ui/src/i18n/en/index.js
+++ b/agate-ui/src/i18n/en/index.js
@@ -21,12 +21,15 @@ export default {
     approved: 'User approved',
     approve_error: 'Failed to approve user',
     copy_password: 'Copy password',
+    disable_2fa: 'Disable 2FA',
     edit: 'Edit user',
     firstName: 'First Name',
     generate_password: 'Generate password',
     groups_hint: 'Users can be members of groups to access applications associated to these groups.',
     language: 'Language',
     lastName: 'Last Name',
+    otp_disabled: '2FA disabled',
+    otp_disable_error: 'Failed to disable 2FA',
     password: 'Password',
     password_copied: 'Password copied',
     password_hint: 'Password must contain at least one digit, one upper case alphabet, one lower case alphabet, one special character (which includes @#$%^&+=!) and no white spaces.',
diff --git a/agate-ui/src/i18n/fr/index.js b/agate-ui/src/i18n/fr/index.js
index ab95af22..a12d977c 100644
--- a/agate-ui/src/i18n/fr/index.js
+++ b/agate-ui/src/i18n/fr/index.js
@@ -21,12 +21,15 @@ export default {
     approved: 'Usager approuvé',
     approve_error: "Échec de l'approbation de l'usager",
     copy_password: 'Copier le mot de passe',
+    disable_2fa: 'Désactiver le 2FA',
     edit: "Modifier l'usager",
     firstName: 'Prénom',
     generate_password: 'Générer un mot de passe',
     groups_hint: 'Les usagers peuvent être membres de groupes pour accéder aux applications associées à ces groupes.',
     language: 'Langue',
     lastName: 'Nom de famille',
+    otp_disabled: '2FA désactivé',
+    otp_disable_error: "Échec de la désactivation du 2FA",
     password: 'Mot de passe',
     password_copied: 'Mot de passe copié',
     password_hint: 'Le mot de passe doit contenir au moins un chiffre, une lettre majuscule, une lettre minuscule, un caractère spécial (qui inclut @#$%^&+=!) et aucun espace blanc.',
diff --git a/agate-ui/src/stores/user.ts b/agate-ui/src/stores/user.ts
index a2c168ba..af4a2677 100644
--- a/agate-ui/src/stores/user.ts
+++ b/agate-ui/src/stores/user.ts
@@ -30,6 +30,10 @@ export const useUserStore = defineStore('user', () => {
     );
   }
 
+  async function disableOTP(user: UserDto) {
+    return api.delete(`/user/${user.id}/otp`);
+  }
+
   async function approve(user: UserDto) {
     return api.put(
       `/user/${user.id}/status`,
@@ -85,5 +89,6 @@ export const useUserStore = defineStore('user', () => {
     save,
     generatePassword,
     updatePassword,
+    disableOTP,
   };
 });

From 35a0c4cf327227a8fddda9bb60f09b518d44adab Mon Sep 17 00:00:00 2001
From: Yannick Marcon <yannick.marcon@obiba.org>
Date: Fri, 3 Jan 2025 15:50:57 +0100
Subject: [PATCH 6/6] fix: case user is undefined

---
 agate-ui/src/components/UpdatePasswordDialog.vue |  5 ++++-
 agate-ui/src/components/UserDialog.vue           | 12 ++++++++++--
 agate-ui/src/components/UsersTable.vue           |  4 ++--
 agate-ui/src/i18n/en/index.js                    |  1 +
 agate-ui/src/i18n/fr/index.js                    |  3 ++-
 5 files changed, 19 insertions(+), 6 deletions(-)

diff --git a/agate-ui/src/components/UpdatePasswordDialog.vue b/agate-ui/src/components/UpdatePasswordDialog.vue
index 9c7a3b15..f21ebe28 100644
--- a/agate-ui/src/components/UpdatePasswordDialog.vue
+++ b/agate-ui/src/components/UpdatePasswordDialog.vue
@@ -74,7 +74,7 @@ const userStore = useUserStore();
 
 interface DialogProps {
   modelValue: boolean;
-  user: UserDto;
+  user: UserDto | undefined;
 }
 
 const props = defineProps<DialogProps>();
@@ -103,6 +103,9 @@ function onCancel() {
 }
 
 function onSave() {
+  if (!props.user) {
+    return;
+  }
   userStore
     .updatePassword(props.user, password.value)
     .then(() => {
diff --git a/agate-ui/src/components/UserDialog.vue b/agate-ui/src/components/UserDialog.vue
index d8b53c6b..43d670fa 100644
--- a/agate-ui/src/components/UserDialog.vue
+++ b/agate-ui/src/components/UserDialog.vue
@@ -193,14 +193,22 @@ const systemStore = useSystemStore();
 
 interface DialogProps {
   modelValue: boolean;
-  user: UserDto;
+  user: UserDto | undefined;
 }
 
 const props = defineProps<DialogProps>();
 const emit = defineEmits(['update:modelValue', 'saved', 'cancel']);
 
 const showDialog = ref(props.modelValue);
-const selected = ref<UserDto>(props.user);
+const selected = ref<UserDto>(
+  props.user ??
+    ({
+      realm: 'agate-user-realm',
+      role: 'agate-user',
+      status: 'INACTIVE',
+      preferredLanguage: '',
+    } as UserDto),
+);
 const editMode = ref(false);
 const password = ref('');
 const passwordVisible = ref(false);
diff --git a/agate-ui/src/components/UsersTable.vue b/agate-ui/src/components/UsersTable.vue
index 4a0cde70..9385ac7c 100644
--- a/agate-ui/src/components/UsersTable.vue
+++ b/agate-ui/src/components/UsersTable.vue
@@ -45,8 +45,8 @@
                 flat
                 size="sm"
                 color="secondary"
-                :title="t('user.more_actions')"
-                :icon="toolsVisible[props.row.name] ? 'lock' : 'none'"
+                :title="t('more_actions')"
+                :icon="toolsVisible[props.row.name] ? 'more_vert' : 'none'"
                 class="q-ml-xs"
               >
                 <q-menu>
diff --git a/agate-ui/src/i18n/en/index.js b/agate-ui/src/i18n/en/index.js
index c71b1ebb..fa5c7c87 100644
--- a/agate-ui/src/i18n/en/index.js
+++ b/agate-ui/src/i18n/en/index.js
@@ -91,6 +91,7 @@ export default {
   groups: 'Groups',
   help: 'Help',
   inherited_from: 'Inherited from: {parent}',
+  more_actions: 'More actions',
   my_profile: 'My Profile',
   name_hint: 'Name must be unique',
   name_min_length: 'Name must be at least {min} characters',
diff --git a/agate-ui/src/i18n/fr/index.js b/agate-ui/src/i18n/fr/index.js
index a12d977c..c7094fde 100644
--- a/agate-ui/src/i18n/fr/index.js
+++ b/agate-ui/src/i18n/fr/index.js
@@ -29,7 +29,7 @@ export default {
     language: 'Langue',
     lastName: 'Nom de famille',
     otp_disabled: '2FA désactivé',
-    otp_disable_error: "Échec de la désactivation du 2FA",
+    otp_disable_error: 'Échec de la désactivation du 2FA',
     password: 'Mot de passe',
     password_copied: 'Mot de passe copié',
     password_hint: 'Le mot de passe doit contenir au moins un chiffre, une lettre majuscule, une lettre minuscule, un caractère spécial (qui inclut @#$%^&+=!) et aucun espace blanc.',
@@ -91,6 +91,7 @@ export default {
   groups: 'Groupes',
   help: 'Aide',
   inherited_from: 'Hérité de: {parent}',
+  more_actions: 'Plus d’actions',
   my_profile: 'Mon profil',
   name_hint: 'Le nom doit être unique',
   name_min_length: 'Le nom doit comporter au moins {min} caractères',