Add option to enable the password field during account creation

2024-11-22 03:13:12 +00:00 · 2020-04-16 17:16:33 +00:00 · 2020-04-16 17:16:33 +00:00 · 8c827cc845
commit 8c827cc845
parent 653a059725
5 changed files with 64 additions and 41 deletions
--- a/preferences/migrations/0068_optionaluser_allow_set_password_during_user_creation.py
+++ b/preferences/migrations/0068_optionaluser_allow_set_password_during_user_creation.py
@ -0,0 +1,20 @@
+# -*- coding: utf-8 -*-
+# Generated by Django 1.11.28 on 2020-04-16 17:06
+from __future__ import unicode_literals
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('preferences', '0067_auto_20191120_0159'),
+    ]
+
+    operations = [
+        migrations.AddField(
+            model_name='optionaluser',
+            name='allow_set_password_during_user_creation',
+            field=models.BooleanField(default=False, help_text='If True, users have the choice to receive an email containing a link to reset their password during creation, or to directly set their password in the page. If False, an email is always sent.'),
+        ),
+    ]
--- a/preferences/models.py
+++ b/preferences/models.py
@ -117,6 +117,15 @@ class OptionalUser(AclMixin, PreferencesModel):
            " If False, only when a valid registration has been paid."
        ),
    )
+    allow_set_password_during_user_creation = models.BooleanField(
+        default=False,
+        help_text=_(
+            "If True, users have the choice to receive an email containing"
+            " a link to reset their password during creation, or to directly"
+            " set their password in the page."
+            " If False, an email is always sent."
+        ),
+    )
    allow_archived_connexion = models.BooleanField(
        default=False, help_text=_("If True, archived users are allowed to connect.")
    )
--- a/preferences/templates/preferences/display_preferences.html
+++ b/preferences/templates/preferences/display_preferences.html
@ -125,6 +125,10 @@ with this program; if not, write to the Free Software Foundation, Inc.,
                <tr>
                    <th>{% trans "All users are active by default" %}</th>
                    <td>{{ useroptions.all_users_active|tick }}</td>
+                    <th>{% trans "Allow directly entering a password during account creation" %}</th>
+                    <td>{{ useroptions.allow_set_password_during_user_creation|tick }}</td>
+                </tr>
+                <tr>
                    <th>{% trans "Allow archived users to log in" %}</th>
                    <td>{{ useroptions.allow_archived_connexion|tick }}</td>
                </tr>
--- a/users/forms.py
+++ b/users/forms.py
@ -382,26 +382,27 @@ class AdherentCreationForm(AdherentForm):
    AdherentForm auquel on ajoute une checkbox afin d'éviter les
    doublons d'utilisateurs et, optionnellement,
    un champ mot de passe"""
-    # Champ pour choisir si un lien est envoyé par mail pour le mot de passe
-    init_password_by_mail = forms.BooleanField(required=False, initial=True)
-    init_password_by_mail.label = _("Send password reset link by email.")
+    if OptionalUser.get_cached_value("allow_set_password_during_user_creation"):
+        # Champ pour choisir si un lien est envoyé par mail pour le mot de passe
+        init_password_by_mail = forms.BooleanField(required=False, initial=True)
+        init_password_by_mail.label = _("Send password reset link by email.")

-    # Champs pour initialiser le mot de passe
-    # Validators are handled manually since theses fields aren't always required
-    password1 = forms.CharField(
-        required=False,
-        label=_("Password"),
-        widget=forms.PasswordInput,
-    #    validators=[MinLengthValidator(8)],
-        max_length=255,
-    )
-    password2 = forms.CharField(
-        required=False,
-        label=_("Password confirmation"),
-        widget=forms.PasswordInput,
-    #    validators=[MinLengthValidator(8)],
-        max_length=255,
-    )
+        # Champs pour initialiser le mot de passe
+        # Validators are handled manually since theses fields aren't always required
+        password1 = forms.CharField(
+            required=False,
+            label=_("Password"),
+            widget=forms.PasswordInput,
+            #validators=[MinLengthValidator(8)],
+            max_length=255,
+        )
+        password2 = forms.CharField(
+            required=False,
+            label=_("Password confirmation"),
+            widget=forms.PasswordInput,
+            #validators=[MinLengthValidator(8)],
+            max_length=255,
+        )

    # Champ permettant d'éviter au maxium les doublons d'utilisateurs
    former_user_check_info = _(
@ -476,7 +477,8 @@ class AdherentCreationForm(AdherentForm):
        # Save the provided password in hashed format
        user = super(AdherentForm, self).save(commit=False)

-        send_email = self.cleaned_data.get("init_password_by_mail")
+        is_set_password_allowed = OptionalUser.get_cached_value("allow_set_password_during_user_creation")
+        send_email = not is_set_password_allowed or self.cleaned_data.get("init_password_by_mail")
        if not send_email:
            user.set_password(self.cleaned_data["password1"])

--- a/users/views.py
+++ b/users/views.py
@ -119,12 +119,13 @@ def new_user(request):
    user = AdherentCreationForm(request.POST or None, user=request.user)
    GTU_sum_up = GeneralOption.get_cached_value("GTU_sum_up")
    GTU = GeneralOption.get_cached_value("GTU")
+    is_set_password_allowed = OptionalUser.get_cached_value("allow_set_password_during_user_creation")

    if user.is_valid():
        user = user.save()

        # Use "is False" so that if None, the email is sent
-        if user.should_send_password_reset_email is False:
+        if is_set_password_allowed and user.should_send_password_reset_email is False:
            messages.success(
                request,
                _("The user %s was created.")
@ -143,30 +144,17 @@ def new_user(request):
    # Anonymous users are allowed to create new accounts
    # but they should be treated differently
    params = {
-            "userform": user,
-            "GTU_sum_up": GTU_sum_up,
-            "GTU": GTU,
-            "showCGU": True,
-            "action_name": _("Commit"),
-        }
+        "userform": user,
+        "GTU_sum_up": GTU_sum_up,
+        "GTU": GTU,
+        "showCGU": True,
+        "action_name": _("Commit"),
+    }

-    if request.user.is_anonymous:
+    if is_set_password_allowed:
        params["load_js_file"] = "/static/js/toggle_password_fields.js"

    return form(params, "users/user.html", request)
-    """
-    return form(
-        {
-            "userform": user,
-            "GTU_sum_up": GTU_sum_up,
-            "GTU": GTU,
-            "showCGU": True,
-            "action_name": _("Commit"),
-        },
-        "users/user.html",
-        request,
-    )
-    """


@login_required