0001-utils-add-hook-to-decide-if-user-can-change-set-pass.patch
src/authentic2/backends/ldap_backend.py | ||
---|---|---|
221 | 221 |
return self.block['can_reset_password'] |
222 | 222 | |
223 | 223 |
def can_change_password(self): |
224 |
return app_settings.A2_REGISTRATION_CAN_CHANGE_PASSWORD and self.block['user_can_change_password']
|
|
224 |
return self.block['user_can_change_password'] |
|
225 | 225 | |
226 | 226 | |
227 | 227 |
class LDAPBackend(object): |
src/authentic2/custom_user/models.py | ||
---|---|---|
274 | 274 |
return rc |
275 | 275 | |
276 | 276 |
def can_change_password(self): |
277 |
return app_settings.A2_REGISTRATION_CAN_CHANGE_PASSWORD |
|
277 |
return True |
src/authentic2/utils.py | ||
---|---|---|
1080 | 1080 |
if ou_value is not None: |
1081 | 1081 |
return ou_value |
1082 | 1082 |
return default |
1083 | ||
1084 | ||
1085 |
def user_can_change_password(user, request=None): |
|
1086 |
from . import hooks |
|
1087 |
if not app_settings.A2_REGISTRATION_CAN_CHANGE_PASSWORD: |
|
1088 |
return False |
|
1089 |
for can in hooks.call_hooks('user_can_change_password', user=user, request=request): |
|
1090 |
if can is False: |
|
1091 |
return can |
|
1092 |
return True |
src/authentic2/views.py | ||
---|---|---|
503 | 503 |
'allow_profile_edit': EditProfile.can_edit_profile(), |
504 | 504 |
'allow_email_change': app_settings.A2_PROFILE_CAN_CHANGE_EMAIL, |
505 | 505 |
# TODO: deprecated should be removed when publik-base-theme is updated |
506 |
'allow_password_change': request.user.can_change_password(),
|
|
506 |
'allow_password_change': utils.user_can_change_password(user=request.user, request=request),
|
|
507 | 507 |
'federation_management': federation_management, |
508 | 508 |
}) |
509 | 509 |
hooks.call_hooks('modify_context_data', self, context) |
... | ... | |
582 | 582 | |
583 | 583 |
def login_password_profile(request, *args, **kwargs): |
584 | 584 |
context = kwargs.pop('context', {}) |
585 |
can_change_password = app_settings.A2_REGISTRATION_CAN_CHANGE_PASSWORD
|
|
585 |
can_change_password = utils.user_can_change_password(user=request.user, request=request)
|
|
586 | 586 |
has_usable_password = request.user.has_usable_password() |
587 | 587 |
context.update( |
588 | 588 |
{'can_change_password': can_change_password, |
tests/test_utils.py | ||
---|---|---|
1 |
from authentic2.utils import good_next_url, same_origin, select_next_url |
|
1 |
from authentic2.utils import good_next_url, same_origin, select_next_url, user_can_change_password
|
|
2 | 2 | |
3 | 3 | |
4 | 4 |
def test_good_next_url(rf, settings): |
... | ... | |
46 | 46 |
assert select_next_url(request, '/') == '/' |
47 | 47 |
settings.A2_REDIRECT_WHITELIST = ['//example.com/'] |
48 | 48 |
assert select_next_url(request, '/') == 'http://example.com/' |
49 | ||
50 | ||
51 |
def test_user_can_change_password(simple_user, settings): |
|
52 |
assert user_can_change_password(user=simple_user) is True |
|
53 |
settings.A2_REGISTRATION_CAN_CHANGE_PASSWORD = False |
|
54 |
assert user_can_change_password(user=simple_user) is False |
|
49 |
- |