0001-misc-don-t-display-password-reset-view-when-disabled.patch
src/authentic2/profile_views.py | ||
---|---|---|
3 | 3 |
from django.views.generic import FormView |
4 | 4 |
from django.contrib import messages |
5 | 5 |
from django.contrib.auth import get_user_model, REDIRECT_FIELD_NAME, authenticate |
6 |
from django.http import Http404 |
|
6 | 7 |
from django.utils.translation import ugettext as _ |
7 | 8 |
from django.utils.http import urlsafe_base64_decode |
8 | 9 | |
9 | 10 |
from .compat import default_token_generator |
10 | 11 |
from .registration_backend.forms import SetPasswordForm |
11 |
from . import cbv, profile_forms, utils, hooks |
|
12 |
from . import app_settings, cbv, profile_forms, utils, hooks
|
|
12 | 13 | |
13 | 14 | |
14 | 15 |
class PasswordResetView(cbv.NextURLViewMixin, FormView): |
... | ... | |
30 | 31 | |
31 | 32 |
def get_context_data(self, **kwargs): |
32 | 33 |
ctx = super(PasswordResetView, self).get_context_data(**kwargs) |
34 |
if app_settings.A2_USER_CAN_RESET_PASSWORD is False: |
|
35 |
raise Http404('Password reset is not allowed.') |
|
33 | 36 |
ctx['title'] = _('Password reset') |
34 | 37 |
return ctx |
35 | 38 |
tests/test_password_reset.py | ||
---|---|---|
1 | 1 |
from django.core.urlresolvers import reverse |
2 |
from django.test.utils import override_settings |
|
2 | 3 | |
3 | 4 |
import utils |
4 | 5 | |
... | ... | |
42 | 43 |
# verify next_url was kept |
43 | 44 |
assert resp['Location'].endswith('/moncul/') |
44 | 45 | |
46 |
with override_settings(A2_USER_CAN_RESET_PASSWORD=False): |
|
47 |
url = reverse('password_reset') + '?next=/moncul/' |
|
48 |
app.get(url, status=404) |
|
45 | 49 | |
46 | 50 |
def test_user_filter(app, simple_user, mailoutbox, settings): |
47 | 51 |
settings.A2_USER_FILTER = {'username': 'xxx'} # will not match simple_user |
48 |
- |