0001-use-utils.can_change_password-everywhere-32760.patch
src/authentic2/profile_urls.py | ||
---|---|---|
7 | 7 |
from django.utils.translation import ugettext as _ |
8 | 8 |
from django.views.decorators.debug import sensitive_post_parameters |
9 | 9 | |
10 |
from authentic2.utils import import_module_or_class, redirect |
|
10 |
from authentic2.utils import import_module_or_class, redirect, user_can_change_password
|
|
11 | 11 |
from . import app_settings, decorators, profile_views, hooks |
12 | 12 |
from .views import (logged_in, edit_profile, email_change, email_change_verify, profile) |
13 | 13 | |
... | ... | |
27 | 27 |
post_change_redirect = request.GET[REDIRECT_FIELD_NAME] |
28 | 28 |
elif post_change_redirect is None: |
29 | 29 |
post_change_redirect = reverse('account_management') |
30 |
if not request.user.can_change_password():
|
|
30 |
if not user_can_change_password(request=request):
|
|
31 | 31 |
messages.warning(request, _('Password change is forbidden')) |
32 | 32 |
return redirect(request, post_change_redirect) |
33 | 33 |
if 'cancel' in request.POST: |
src/authentic2/templates/authentic2/login_password_profile.html | ||
---|---|---|
1 | 1 |
{% load i18n %} |
2 | 2 | |
3 |
{% if user.can_change_password %}
|
|
3 |
{% if can_change_password %} |
|
4 | 4 |
<h4>{% trans "Password" %}</h4> |
5 | 5 | |
6 | 6 |
<div> |
7 | 7 |
<p> |
8 | 8 |
<a href="{% url 'password_change' %}"> |
9 |
{% if user.has_usable_password %}
|
|
9 |
{% if has_usable_password %} |
|
10 | 10 |
{% trans "Change your password" %} |
11 | 11 |
{% else %} |
12 | 12 |
{% trans "Set your password" %} |
src/authentic2/utils.py | ||
---|---|---|
1098 | 1098 |
return default |
1099 | 1099 | |
1100 | 1100 | |
1101 |
def user_can_change_password(user, request=None): |
|
1101 |
def user_can_change_password(user=None, request=None):
|
|
1102 | 1102 |
from . import hooks |
1103 | 1103 |
if not app_settings.A2_REGISTRATION_CAN_CHANGE_PASSWORD: |
1104 | 1104 |
return False |
1105 |
if request is not None and user is None and hasattr(request, 'user'): |
|
1106 |
user = request.user |
|
1107 |
if user is not None and hasattr(user, 'can_change_password') and user.can_change_password() is False: |
|
1108 |
return False |
|
1105 | 1109 |
for can in hooks.call_hooks('user_can_change_password', user=user, request=request): |
1106 | 1110 |
if can is False: |
1107 | 1111 |
return can |
src/authentic2/views.py | ||
---|---|---|
502 | 502 |
'allow_profile_edit': EditProfile.can_edit_profile(), |
503 | 503 |
'allow_email_change': app_settings.A2_PROFILE_CAN_CHANGE_EMAIL, |
504 | 504 |
# TODO: deprecated should be removed when publik-base-theme is updated |
505 |
'allow_password_change': utils.user_can_change_password(user=request.user, request=request),
|
|
505 |
'allow_password_change': utils.user_can_change_password(request=request), |
|
506 | 506 |
'federation_management': federation_management, |
507 | 507 |
}) |
508 | 508 |
hooks.call_hooks('modify_context_data', self, context) |
... | ... | |
581 | 581 | |
582 | 582 |
def login_password_profile(request, *args, **kwargs): |
583 | 583 |
context = kwargs.pop('context', {}) |
584 |
can_change_password = utils.user_can_change_password(user=request.user, request=request)
|
|
584 |
can_change_password = utils.user_can_change_password(request=request) |
|
585 | 585 |
has_usable_password = request.user.has_usable_password() |
586 |
context.update( |
|
587 |
{'can_change_password': can_change_password, |
|
588 |
'has_usable_password': has_usable_password}) |
|
586 |
context.update({ |
|
587 |
'can_change_password': can_change_password, |
|
588 |
'has_usable_password': has_usable_password, |
|
589 |
}) |
|
589 | 590 |
return render_to_string(['auth/login_password_profile.html', |
590 | 591 |
'authentic2/login_password_profile.html'], |
591 | 592 |
context, request=request) |
592 |
- |