Projet

Général

Profil

0001-If-the-user-has-no-password-don-t-ask-one-at-email-m.patch

Mikaël Ates, 13 mai 2016 07:38

Télécharger (5,13 ko)

Voir les différences:

Subject: [PATCH 1/1] If the user has no password, don't ask one at email
 modification and account deletion. (fixes #10802)

 src/authentic2/forms.py                           | 11 +++++++----
 src/authentic2/registration_backend/views.py      | 15 ++++++++++-----
 src/authentic2/templates/authentic2/accounts.html |  4 ++--
 src/authentic2/views.py                           |  6 +++++-
 4 files changed, 24 insertions(+), 12 deletions(-)
src/authentic2/forms.py
9 9

  
10 10
from . import models, app_settings
11 11

  
12
class EmailChangeForm(forms.Form):
13
    password = forms.CharField(label=_("Password"),
14
                               widget=forms.PasswordInput)
12

  
13
class EmailChangeFormNoPassword(forms.Form):
15 14
    email = forms.EmailField(label=_('New email'))
16 15

  
17 16
    def __init__(self, user, *args, **kwargs):
18 17
        self.user = user
19
        super(EmailChangeForm, self).__init__(*args, **kwargs)
18
        super(EmailChangeFormNoPassword, self).__init__(*args, **kwargs)
19

  
20
class EmailChangeForm(EmailChangeFormNoPassword):
21
    password = forms.CharField(label=_("Password"),
22
                               widget=forms.PasswordInput)
20 23

  
21 24
    def clean_password(self):
22 25
        password = self.cleaned_data["password"]
src/authentic2/registration_backend/views.py
11 11
from django.views.generic.edit import FormView, CreateView
12 12
from django.views.generic.base import TemplateView
13 13
from django.contrib.auth import get_user_model
14
from django.forms import CharField
14
from django.forms import CharField, Form
15 15
from django.core.urlresolvers import reverse_lazy
16 16
from django.template import RequestContext
17 17

  
......
246 246

  
247 247
class DeleteView(FormView):
248 248
    template_name = 'authentic2/accounts_delete.html'
249
    form_class = DeleteAccountForm
250 249
    success_url = reverse_lazy('auth_logout')
251 250

  
252 251
    def dispatch(self, request, *args, **kwargs):
......
259 258
            return redirect(request, 'account_management')
260 259
        return super(DeleteView, self).post(request, *args, **kwargs)
261 260

  
261
    def get_form_class(self):
262
        if self.request.user.has_usable_password():
263
            return DeleteAccountForm
264
        return Form
265

  
262 266
    def get_form_kwargs(self, **kwargs):
263 267
        kwargs = super(DeleteView, self).get_form_kwargs(**kwargs)
264
        kwargs['user'] = self.request.user
268
        if self.request.user.has_usable_password():
269
            kwargs['user'] = self.request.user
265 270
        return kwargs
266 271

  
267 272
    def form_valid(self, form):
268
        models.DeletedUser.objects.delete_user(form.user)
269
        logger.info(u'deletion of account %s requested', form.user)
273
        models.DeletedUser.objects.delete_user(self.request.user)
274
        logger.info(u'deletion of account %s requested', self.request.user)
270 275
        messages.info(self.request, _('Your account has been scheduled for deletion. You cannot use it anymore.'))
271 276
        return super(DeleteView, self).form_valid(form)
272 277

  
src/authentic2/templates/authentic2/accounts.html
31 31
          {% endfor %}
32 32
        </dl>
33 33
      {% endif %}
34
      {% if allow_email_change and user.has_usable_password %}
34
      {% if allow_email_change %}
35 35
        <p><a href="{% url 'email-change' %}">{% trans "Change email" %}</a></p>
36 36
      {% endif %}
37 37
      {% if allow_profile_edit %}
38 38
        <p><a href="{% url 'profile_edit' %}">{% trans "Edit account data" %}</a></p>
39 39
      {% endif %}
40
      {% if allow_account_deletion and user.has_usable_password %}
40
      {% if allow_account_deletion %}
41 41
        <p><a href="{% url 'delete_account' %}">{% trans "Delete account" %}</a></p>
42 42
      {% endif %}
43 43
    </div>
src/authentic2/views.py
117 117

  
118 118

  
119 119
class EmailChangeView(cbv.TemplateNamesMixin, FormView):
120
    form_class = forms.EmailChangeForm
121 120
    template_names = [
122 121
        'profiles/email_change.html',
123 122
        'authentic2//change_email.html'
124 123
    ]
125 124
    success_url = '..'
126 125

  
126
    def get_form_class(self):
127
        if self.request.user.has_usable_password():
128
            return forms.EmailChangeForm
129
        return forms.EmailChangeFormNoPassword
130

  
127 131
    def get_form_kwargs(self):
128 132
        kwargs = super(EmailChangeView, self).get_form_kwargs()
129 133
        kwargs.update({
130
-