Allow root to reset user password

This commit is contained in:
Skia 2016-08-13 17:15:45 +02:00
parent a033c4dfd2
commit 792563999b
7 changed files with 265 additions and 195 deletions

View File

@ -223,6 +223,9 @@ class User(AbstractBaseUser):
return True return True
return self.groups.filter(name=group_name).exists() return self.groups.filter(name=group_name).exists()
def is_root(self):
return self.is_superuser or self.groups.filter(name=settings.SITH_GROUPS['root']['name']).exists()
def save(self, *args, **kwargs): def save(self, *args, **kwargs):
with transaction.atomic(): with transaction.atomic():
if self.id: if self.id:

View File

@ -2,7 +2,10 @@
{% block content %} {% block content %}
<form method="post" action="{{ url('core:password_change') }}"> {% if target %}
<p>{% trans user=target.get_display_name() %}Change password for {{ user }}{% endtrans %}</p>
{% endif %}
<form method="post" action="">
{% csrf_token %} {% csrf_token %}
{{ form.as_p() }} {{ form.as_p() }}
<input type="submit" value="{% trans %}Change{% endtrans %}" /> <input type="submit" value="{% trans %}Change{% endtrans %}" />

View File

@ -28,6 +28,8 @@
{% endif %} {% endif %}
{% if form.instance == user %} {% if form.instance == user %}
<p><a href="{{ url('core:password_change') }}">{% trans %}Change my password{% endtrans %}</a></p> <p><a href="{{ url('core:password_change') }}">{% trans %}Change my password{% endtrans %}</a></p>
{% elif user.is_root() %}
<p><a href="{{ url('core:password_root_change', user_id=form.instance.id) }}">{% trans %}Change user password{% endtrans %}</a></p>
{% endif %} {% endif %}
</form> </form>
{% endblock %} {% endblock %}

View File

@ -9,6 +9,7 @@ urlpatterns = [
url(r'^login/$', login, name='login'), url(r'^login/$', login, name='login'),
url(r'^logout/$', logout, name='logout'), url(r'^logout/$', logout, name='logout'),
url(r'^password_change/$', password_change, name='password_change'), url(r'^password_change/$', password_change, name='password_change'),
url(r'^password_change/(?P<user_id>[0-9]+)$', password_root_change, name='password_root_change'),
url(r'^password_change/done$', password_change_done, name='password_change_done'), url(r'^password_change/done$', password_change_done, name='password_change_done'),
url(r'^password_reset/$', password_reset, name='password_reset'), url(r'^password_reset/$', password_reset, name='password_reset'),
url(r'^password_reset/done$', password_reset_done, name='password_reset_done'), url(r'^password_reset/done$', password_reset_done, name='password_reset_done'),

View File

@ -3,10 +3,12 @@ from django.shortcuts import render, redirect, get_object_or_404
from django.contrib.auth import logout as auth_logout, views from django.contrib.auth import logout as auth_logout, views
from django.core.urlresolvers import reverse from django.core.urlresolvers import reverse
from django.core.exceptions import PermissionDenied, ObjectDoesNotExist from django.core.exceptions import PermissionDenied, ObjectDoesNotExist
from django.http import Http404
from django.views.generic.edit import UpdateView from django.views.generic.edit import UpdateView
from django.views.generic import ListView, DetailView, TemplateView from django.views.generic import ListView, DetailView, TemplateView
from django.forms.models import modelform_factory from django.forms.models import modelform_factory
from django.forms import CheckboxSelectMultiple from django.forms import CheckboxSelectMultiple
from django.template.response import TemplateResponse
from django.conf import settings from django.conf import settings
import logging import logging
@ -40,6 +42,24 @@ def password_change_done(request):
""" """
return views.password_change_done(request, template_name="core/password_change_done.jinja") return views.password_change_done(request, template_name="core/password_change_done.jinja")
def password_root_change(request, user_id):
"""
Allows a root user to change someone's password
"""
if not request.user.is_superuser and not request.user.is_in_group(settings.SITH_GROUPS['root']['name']):
raise PermissionDenied
user = User.objects.filter(id=user_id).first()
if not user:
raise Http404("User not found")
if request.method == "POST":
form = views.SetPasswordForm(user=user, data=request.POST)
if form.is_valid():
form.save()
return redirect("core:password_change_done")
else:
form = views.SetPasswordForm(user=user)
return TemplateResponse(request, "core/password_change.jinja", {'form': form, 'target': user})
def password_reset(request): def password_reset(request):
""" """
Allows someone to enter an email adresse for resetting password Allows someone to enter an email adresse for resetting password

Binary file not shown.

File diff suppressed because it is too large Load Diff