mirror of
https://gitlab2.federez.net/re2o/re2o
synced 2024-11-05 01:16:27 +00:00
Demande le mot de passe de soit quand on reinit un mdp
This commit is contained in:
parent
a53f69c482
commit
d3b41d6a59
3 changed files with 44 additions and 21 deletions
|
@ -50,10 +50,15 @@ from re2o.field_permissions import FieldPermissionFormMixin
|
|||
NOW = timezone.now()
|
||||
|
||||
|
||||
class PassForm(forms.Form):
|
||||
class PassForm(FieldPermissionFormMixin, forms.ModelForm):
|
||||
"""Formulaire de changement de mot de passe. Verifie que les 2
|
||||
nouveaux mots de passe renseignés sont identiques et respectent
|
||||
une norme"""
|
||||
selfpasswd = forms.CharField(
|
||||
label=u'Saisir le mot de passe existant',
|
||||
max_length=255,
|
||||
widget=forms.PasswordInput
|
||||
)
|
||||
passwd1 = forms.CharField(
|
||||
label=u'Nouveau mot de passe',
|
||||
max_length=255,
|
||||
|
@ -67,15 +72,31 @@ class PassForm(forms.Form):
|
|||
widget=forms.PasswordInput
|
||||
)
|
||||
|
||||
class Meta:
|
||||
model = User
|
||||
fields = []
|
||||
|
||||
def clean_passwd2(self):
|
||||
"""Verifie que passwd1 et 2 sont identiques"""
|
||||
# Check that the two password entries match
|
||||
password1 = self.cleaned_data.get("passwd1")
|
||||
password2 = self.cleaned_data.get("passwd2")
|
||||
if password1 and password2 and password1 != password2:
|
||||
raise forms.ValidationError("Passwords don't match")
|
||||
raise forms.ValidationError("Les 2 nouveaux mots de passe sont différents")
|
||||
return password2
|
||||
|
||||
def clean_selfpasswd(self):
|
||||
"""Verifie si il y a lieu que le mdp self est correct"""
|
||||
if not self.instance.check_password(self.cleaned_data.get("selfpasswd")):
|
||||
raise forms.ValidationError("Le mot de passe actuel est incorrect")
|
||||
return
|
||||
|
||||
def save(self, commit=True):
|
||||
"""Changement du mot de passe"""
|
||||
user = super(PassForm, self).save(commit=False)
|
||||
user.set_password(self.cleaned_data.get("passwd1"))
|
||||
user.save()
|
||||
|
||||
|
||||
class UserCreationForm(forms.ModelForm):
|
||||
"""A form for creating new users. Includes all the required
|
||||
|
|
|
@ -735,6 +735,9 @@ class User(FieldPermissionModelMixin, AbstractBaseUser, PermissionsMixin):
|
|||
else:
|
||||
return False, u"Vous ne pouvez éditer un autre utilisateur que vous même"
|
||||
|
||||
def check_selfpasswd(self, user_request, *args, **kwargs):
|
||||
return user_request == self, None
|
||||
|
||||
@staticmethod
|
||||
def can_change_state(user_request, *args, **kwargs):
|
||||
return user_request.has_perm('users.change_user_state'), "Droit requis pour changer l'état"
|
||||
|
@ -801,6 +804,7 @@ class User(FieldPermissionModelMixin, AbstractBaseUser, PermissionsMixin):
|
|||
self.field_permissions = {
|
||||
'shell' : self.can_change_shell,
|
||||
'force' : self.can_change_force,
|
||||
'selfpasswd' : self.check_selfpasswd,
|
||||
}
|
||||
|
||||
def __str__(self):
|
||||
|
|
|
@ -102,21 +102,6 @@ from re2o.acl import (
|
|||
can_change
|
||||
)
|
||||
|
||||
def password_change_action(u_form, user, request, req=False):
|
||||
""" Fonction qui effectue le changeemnt de mdp bdd"""
|
||||
user.set_user_password(u_form.cleaned_data['passwd1'])
|
||||
with transaction.atomic(), reversion.create_revision():
|
||||
user.save()
|
||||
reversion.set_comment("Réinitialisation du mot de passe")
|
||||
messages.success(request, "Le mot de passe a changé")
|
||||
if req:
|
||||
req.delete()
|
||||
return redirect(reverse('index'))
|
||||
return redirect(reverse(
|
||||
'users:profil',
|
||||
kwargs={'userid':str(user.id)}
|
||||
))
|
||||
|
||||
@can_create(Adherent)
|
||||
def new_user(request):
|
||||
""" Vue de création d'un nouvel utilisateur,
|
||||
|
@ -268,9 +253,17 @@ def password(request, user, userid):
|
|||
""" Reinitialisation d'un mot de passe à partir de l'userid,
|
||||
pour self par défaut, pour tous sans droit si droit cableur,
|
||||
pour tous si droit bureau """
|
||||
u_form = PassForm(request.POST or None)
|
||||
u_form = PassForm(request.POST or None, instance=user, user=request.user)
|
||||
if u_form.is_valid():
|
||||
return password_change_action(u_form, user, request)
|
||||
with transaction.atomic(), reversion.create_revision():
|
||||
u_form.save()
|
||||
reversion.set_user(request.user)
|
||||
reversion.set_comment("Changement du mot de passe")
|
||||
messages.success(request, "Le mot de passe a changé")
|
||||
return redirect(reverse(
|
||||
'users:profil',
|
||||
kwargs={'userid':str(user.id)}
|
||||
))
|
||||
return form({'userform': u_form}, 'users/user.html', request)
|
||||
|
||||
|
||||
|
@ -827,10 +820,15 @@ def process(request, token):
|
|||
def process_passwd(request, req):
|
||||
"""Process le changeemnt de mot de passe, renvoie le formulaire
|
||||
demandant le nouveau password"""
|
||||
u_form = PassForm(request.POST or None)
|
||||
user = req.user
|
||||
u_form = PassForm(request.POST or None, instance=user, user=request.user)
|
||||
if u_form.is_valid():
|
||||
return password_change_action(u_form, user, request, req=req)
|
||||
with transaction.atomic(), reversion.create_revision():
|
||||
u_form.save()
|
||||
reversion.set_comment("Réinitialisation du mot de passe")
|
||||
req.delete()
|
||||
messages.success(request, "Le mot de passe a changé")
|
||||
return redirect(reverse('index'))
|
||||
return form({'userform': u_form}, 'users/user.html', request)
|
||||
|
||||
|
||||
|
|
Loading…
Reference in a new issue