Skip to content
GitLab
Projects
Groups
Snippets
Help
Loading...
Help
What's new
7
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
Open sidebar
AE
Sith
Commits
79256399
Commit
79256399
authored
Aug 13, 2016
by
Skia
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Allow root to reset user password
parent
a033c4df
Pipeline
#114
failed with stage
in 2 minutes and 38 seconds
Changes
7
Pipelines
1
Expand all
Hide whitespace changes
Inline
Side-by-side
Showing
7 changed files
with
265 additions
and
195 deletions
+265
-195
core/models.py
core/models.py
+3
-0
core/templates/core/password_change.jinja
core/templates/core/password_change.jinja
+4
-1
core/templates/core/user_edit.jinja
core/templates/core/user_edit.jinja
+2
-0
core/urls.py
core/urls.py
+1
-0
core/views/user.py
core/views/user.py
+20
-0
locale/fr/LC_MESSAGES/django.mo
locale/fr/LC_MESSAGES/django.mo
+0
-0
locale/fr/LC_MESSAGES/django.po
locale/fr/LC_MESSAGES/django.po
+235
-194
No files found.
core/models.py
View file @
79256399
...
...
@@ -223,6 +223,9 @@ class User(AbstractBaseUser):
return
True
return
self
.
groups
.
filter
(
name
=
group_name
).
exists
()
def
is_root
(
self
):
return
self
.
is_superuser
or
self
.
groups
.
filter
(
name
=
settings
.
SITH_GROUPS
[
'root'
][
'name'
]).
exists
()
def
save
(
self
,
*
args
,
**
kwargs
):
with
transaction
.
atomic
():
if
self
.
id
:
...
...
core/templates/core/password_change.jinja
View file @
79256399
...
...
@@ -2,7 +2,10 @@
{%
block
content
%}
<form
method=
"post"
action=
"
{{
url
(
'core:password_change'
)
}}
"
>
{%
if
target
%}
<p>
{%
trans
user
=
target.get_display_name
()
%}
Change password for
{{
user
}}{%
endtrans
%}
</p>
{%
endif
%}
<form
method=
"post"
action=
""
>
{%
csrf_token
%}
{{
form.as_p
()
}}
<input
type=
"submit"
value=
"
{%
trans
%}
Change
{%
endtrans
%}
"
/>
...
...
core/templates/core/user_edit.jinja
View file @
79256399
...
...
@@ -28,6 +28,8 @@
{%
endif
%}
{%
if
form.instance
==
user
%}
<p><a
href=
"
{{
url
(
'core:password_change'
)
}}
"
>
{%
trans
%}
Change my password
{%
endtrans
%}
</a></p>
{%
elif
user.is_root
()
%}
<p><a
href=
"
{{
url
(
'core:password_root_change'
,
user_id
=
form.instance.id
)
}}
"
>
{%
trans
%}
Change user password
{%
endtrans
%}
</a></p>
{%
endif
%}
</form>
{%
endblock
%}
...
...
core/urls.py
View file @
79256399
...
...
@@ -9,6 +9,7 @@ urlpatterns = [
url
(
r
'^login/$'
,
login
,
name
=
'login'
),
url
(
r
'^logout/$'
,
logout
,
name
=
'logout'
),
url
(
r
'^password_change/$'
,
password_change
,
name
=
'password_change'
),
url
(
r
'^password_change/(?P<user_id>[0-9]+)$'
,
password_root_change
,
name
=
'password_root_change'
),
url
(
r
'^password_change/done$'
,
password_change_done
,
name
=
'password_change_done'
),
url
(
r
'^password_reset/$'
,
password_reset
,
name
=
'password_reset'
),
url
(
r
'^password_reset/done$'
,
password_reset_done
,
name
=
'password_reset_done'
),
...
...
core/views/user.py
View file @
79256399
...
...
@@ -3,10 +3,12 @@ from django.shortcuts import render, redirect, get_object_or_404
from
django.contrib.auth
import
logout
as
auth_logout
,
views
from
django.core.urlresolvers
import
reverse
from
django.core.exceptions
import
PermissionDenied
,
ObjectDoesNotExist
from
django.http
import
Http404
from
django.views.generic.edit
import
UpdateView
from
django.views.generic
import
ListView
,
DetailView
,
TemplateView
from
django.forms.models
import
modelform_factory
from
django.forms
import
CheckboxSelectMultiple
from
django.template.response
import
TemplateResponse
from
django.conf
import
settings
import
logging
...
...
@@ -40,6 +42,24 @@ def password_change_done(request):
"""
return
views
.
password_change_done
(
request
,
template_name
=
"core/password_change_done.jinja"
)
def
password_root_change
(
request
,
user_id
):
"""
Allows a root user to change someone's password
"""
if
not
request
.
user
.
is_superuser
and
not
request
.
user
.
is_in_group
(
settings
.
SITH_GROUPS
[
'root'
][
'name'
]):
raise
PermissionDenied
user
=
User
.
objects
.
filter
(
id
=
user_id
).
first
()
if
not
user
:
raise
Http404
(
"User not found"
)
if
request
.
method
==
"POST"
:
form
=
views
.
SetPasswordForm
(
user
=
user
,
data
=
request
.
POST
)
if
form
.
is_valid
():
form
.
save
()
return
redirect
(
"core:password_change_done"
)
else
:
form
=
views
.
SetPasswordForm
(
user
=
user
)
return
TemplateResponse
(
request
,
"core/password_change.jinja"
,
{
'form'
:
form
,
'target'
:
user
})
def
password_reset
(
request
):
"""
Allows someone to enter an email adresse for resetting password
...
...
locale/fr/LC_MESSAGES/django.mo
View file @
79256399
No preview for this file type
locale/fr/LC_MESSAGES/django.po
View file @
79256399
This diff is collapsed.
Click to expand it.
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment