mirror of
https://gitlab2.federez.net/re2o/re2o
synced 2024-11-22 19:33:11 +00:00
Demande le mot de passe de soit quand on reinit un mdp
This commit is contained in:
parent
a53f69c482
commit
d3b41d6a59
3 changed files with 44 additions and 21 deletions
|
@ -50,10 +50,15 @@ from re2o.field_permissions import FieldPermissionFormMixin
|
||||||
NOW = timezone.now()
|
NOW = timezone.now()
|
||||||
|
|
||||||
|
|
||||||
class PassForm(forms.Form):
|
class PassForm(FieldPermissionFormMixin, forms.ModelForm):
|
||||||
"""Formulaire de changement de mot de passe. Verifie que les 2
|
"""Formulaire de changement de mot de passe. Verifie que les 2
|
||||||
nouveaux mots de passe renseignés sont identiques et respectent
|
nouveaux mots de passe renseignés sont identiques et respectent
|
||||||
une norme"""
|
une norme"""
|
||||||
|
selfpasswd = forms.CharField(
|
||||||
|
label=u'Saisir le mot de passe existant',
|
||||||
|
max_length=255,
|
||||||
|
widget=forms.PasswordInput
|
||||||
|
)
|
||||||
passwd1 = forms.CharField(
|
passwd1 = forms.CharField(
|
||||||
label=u'Nouveau mot de passe',
|
label=u'Nouveau mot de passe',
|
||||||
max_length=255,
|
max_length=255,
|
||||||
|
@ -67,15 +72,31 @@ class PassForm(forms.Form):
|
||||||
widget=forms.PasswordInput
|
widget=forms.PasswordInput
|
||||||
)
|
)
|
||||||
|
|
||||||
|
class Meta:
|
||||||
|
model = User
|
||||||
|
fields = []
|
||||||
|
|
||||||
def clean_passwd2(self):
|
def clean_passwd2(self):
|
||||||
"""Verifie que passwd1 et 2 sont identiques"""
|
"""Verifie que passwd1 et 2 sont identiques"""
|
||||||
# Check that the two password entries match
|
# Check that the two password entries match
|
||||||
password1 = self.cleaned_data.get("passwd1")
|
password1 = self.cleaned_data.get("passwd1")
|
||||||
password2 = self.cleaned_data.get("passwd2")
|
password2 = self.cleaned_data.get("passwd2")
|
||||||
if password1 and password2 and password1 != password2:
|
if password1 and password2 and password1 != password2:
|
||||||
raise forms.ValidationError("Passwords don't match")
|
raise forms.ValidationError("Les 2 nouveaux mots de passe sont différents")
|
||||||
return password2
|
return password2
|
||||||
|
|
||||||
|
def clean_selfpasswd(self):
|
||||||
|
"""Verifie si il y a lieu que le mdp self est correct"""
|
||||||
|
if not self.instance.check_password(self.cleaned_data.get("selfpasswd")):
|
||||||
|
raise forms.ValidationError("Le mot de passe actuel est incorrect")
|
||||||
|
return
|
||||||
|
|
||||||
|
def save(self, commit=True):
|
||||||
|
"""Changement du mot de passe"""
|
||||||
|
user = super(PassForm, self).save(commit=False)
|
||||||
|
user.set_password(self.cleaned_data.get("passwd1"))
|
||||||
|
user.save()
|
||||||
|
|
||||||
|
|
||||||
class UserCreationForm(forms.ModelForm):
|
class UserCreationForm(forms.ModelForm):
|
||||||
"""A form for creating new users. Includes all the required
|
"""A form for creating new users. Includes all the required
|
||||||
|
|
|
@ -735,6 +735,9 @@ class User(FieldPermissionModelMixin, AbstractBaseUser, PermissionsMixin):
|
||||||
else:
|
else:
|
||||||
return False, u"Vous ne pouvez éditer un autre utilisateur que vous même"
|
return False, u"Vous ne pouvez éditer un autre utilisateur que vous même"
|
||||||
|
|
||||||
|
def check_selfpasswd(self, user_request, *args, **kwargs):
|
||||||
|
return user_request == self, None
|
||||||
|
|
||||||
@staticmethod
|
@staticmethod
|
||||||
def can_change_state(user_request, *args, **kwargs):
|
def can_change_state(user_request, *args, **kwargs):
|
||||||
return user_request.has_perm('users.change_user_state'), "Droit requis pour changer l'état"
|
return user_request.has_perm('users.change_user_state'), "Droit requis pour changer l'état"
|
||||||
|
@ -801,6 +804,7 @@ class User(FieldPermissionModelMixin, AbstractBaseUser, PermissionsMixin):
|
||||||
self.field_permissions = {
|
self.field_permissions = {
|
||||||
'shell' : self.can_change_shell,
|
'shell' : self.can_change_shell,
|
||||||
'force' : self.can_change_force,
|
'force' : self.can_change_force,
|
||||||
|
'selfpasswd' : self.check_selfpasswd,
|
||||||
}
|
}
|
||||||
|
|
||||||
def __str__(self):
|
def __str__(self):
|
||||||
|
|
|
@ -102,21 +102,6 @@ from re2o.acl import (
|
||||||
can_change
|
can_change
|
||||||
)
|
)
|
||||||
|
|
||||||
def password_change_action(u_form, user, request, req=False):
|
|
||||||
""" Fonction qui effectue le changeemnt de mdp bdd"""
|
|
||||||
user.set_user_password(u_form.cleaned_data['passwd1'])
|
|
||||||
with transaction.atomic(), reversion.create_revision():
|
|
||||||
user.save()
|
|
||||||
reversion.set_comment("Réinitialisation du mot de passe")
|
|
||||||
messages.success(request, "Le mot de passe a changé")
|
|
||||||
if req:
|
|
||||||
req.delete()
|
|
||||||
return redirect(reverse('index'))
|
|
||||||
return redirect(reverse(
|
|
||||||
'users:profil',
|
|
||||||
kwargs={'userid':str(user.id)}
|
|
||||||
))
|
|
||||||
|
|
||||||
@can_create(Adherent)
|
@can_create(Adherent)
|
||||||
def new_user(request):
|
def new_user(request):
|
||||||
""" Vue de création d'un nouvel utilisateur,
|
""" Vue de création d'un nouvel utilisateur,
|
||||||
|
@ -268,9 +253,17 @@ def password(request, user, userid):
|
||||||
""" Reinitialisation d'un mot de passe à partir de l'userid,
|
""" Reinitialisation d'un mot de passe à partir de l'userid,
|
||||||
pour self par défaut, pour tous sans droit si droit cableur,
|
pour self par défaut, pour tous sans droit si droit cableur,
|
||||||
pour tous si droit bureau """
|
pour tous si droit bureau """
|
||||||
u_form = PassForm(request.POST or None)
|
u_form = PassForm(request.POST or None, instance=user, user=request.user)
|
||||||
if u_form.is_valid():
|
if u_form.is_valid():
|
||||||
return password_change_action(u_form, user, request)
|
with transaction.atomic(), reversion.create_revision():
|
||||||
|
u_form.save()
|
||||||
|
reversion.set_user(request.user)
|
||||||
|
reversion.set_comment("Changement du mot de passe")
|
||||||
|
messages.success(request, "Le mot de passe a changé")
|
||||||
|
return redirect(reverse(
|
||||||
|
'users:profil',
|
||||||
|
kwargs={'userid':str(user.id)}
|
||||||
|
))
|
||||||
return form({'userform': u_form}, 'users/user.html', request)
|
return form({'userform': u_form}, 'users/user.html', request)
|
||||||
|
|
||||||
|
|
||||||
|
@ -827,10 +820,15 @@ def process(request, token):
|
||||||
def process_passwd(request, req):
|
def process_passwd(request, req):
|
||||||
"""Process le changeemnt de mot de passe, renvoie le formulaire
|
"""Process le changeemnt de mot de passe, renvoie le formulaire
|
||||||
demandant le nouveau password"""
|
demandant le nouveau password"""
|
||||||
u_form = PassForm(request.POST or None)
|
|
||||||
user = req.user
|
user = req.user
|
||||||
|
u_form = PassForm(request.POST or None, instance=user, user=request.user)
|
||||||
if u_form.is_valid():
|
if u_form.is_valid():
|
||||||
return password_change_action(u_form, user, request, req=req)
|
with transaction.atomic(), reversion.create_revision():
|
||||||
|
u_form.save()
|
||||||
|
reversion.set_comment("Réinitialisation du mot de passe")
|
||||||
|
req.delete()
|
||||||
|
messages.success(request, "Le mot de passe a changé")
|
||||||
|
return redirect(reverse('index'))
|
||||||
return form({'userform': u_form}, 'users/user.html', request)
|
return form({'userform': u_form}, 'users/user.html', request)
|
||||||
|
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue