0001-use-utils.can_change_password-everywhere-32760.patch
| src/authentic2/profile_urls.py | ||
|---|---|---|
| 7 | 7 |
from django.utils.translation import ugettext as _ |
| 8 | 8 |
from django.views.decorators.debug import sensitive_post_parameters |
| 9 | 9 | |
| 10 |
from authentic2.utils import import_module_or_class, redirect |
|
| 10 |
from authentic2.utils import import_module_or_class, redirect, user_can_change_password
|
|
| 11 | 11 |
from . import app_settings, decorators, profile_views, hooks |
| 12 | 12 |
from .views import (logged_in, edit_profile, email_change, email_change_verify, profile) |
| 13 | 13 | |
| ... | ... | |
| 27 | 27 |
post_change_redirect = request.GET[REDIRECT_FIELD_NAME] |
| 28 | 28 |
elif post_change_redirect is None: |
| 29 | 29 |
post_change_redirect = reverse('account_management')
|
| 30 |
if not request.user.can_change_password():
|
|
| 30 |
if not user_can_change_password(request=request):
|
|
| 31 | 31 |
messages.warning(request, _('Password change is forbidden'))
|
| 32 | 32 |
return redirect(request, post_change_redirect) |
| 33 | 33 |
if 'cancel' in request.POST: |
| src/authentic2/templates/authentic2/login_password_profile.html | ||
|---|---|---|
| 1 | 1 |
{% load i18n %}
|
| 2 | 2 | |
| 3 |
{% if user.can_change_password %}
|
|
| 3 |
{% if can_change_password %}
|
|
| 4 | 4 |
<h4>{% trans "Password" %}</h4>
|
| 5 | 5 | |
| 6 | 6 |
<div> |
| 7 | 7 |
<p> |
| 8 | 8 |
<a href="{% url 'password_change' %}">
|
| 9 |
{% if user.has_usable_password %}
|
|
| 9 |
{% if has_usable_password %}
|
|
| 10 | 10 |
{% trans "Change your password" %}
|
| 11 | 11 |
{% else %}
|
| 12 | 12 |
{% trans "Set your password" %}
|
| src/authentic2/utils.py | ||
|---|---|---|
| 1098 | 1098 |
return default |
| 1099 | 1099 | |
| 1100 | 1100 | |
| 1101 |
def user_can_change_password(user, request=None): |
|
| 1101 |
def user_can_change_password(user=None, request=None):
|
|
| 1102 | 1102 |
from . import hooks |
| 1103 | 1103 |
if not app_settings.A2_REGISTRATION_CAN_CHANGE_PASSWORD: |
| 1104 | 1104 |
return False |
| 1105 |
if request is not None and user is None and hasattr(request, 'user'): |
|
| 1106 |
user = request.user |
|
| 1107 |
if user is not None and hasattr(user, 'can_change_password') and user.can_change_password() is False: |
|
| 1108 |
return False |
|
| 1105 | 1109 |
for can in hooks.call_hooks('user_can_change_password', user=user, request=request):
|
| 1106 | 1110 |
if can is False: |
| 1107 | 1111 |
return can |
| src/authentic2/views.py | ||
|---|---|---|
| 502 | 502 |
'allow_profile_edit': EditProfile.can_edit_profile(), |
| 503 | 503 |
'allow_email_change': app_settings.A2_PROFILE_CAN_CHANGE_EMAIL, |
| 504 | 504 |
# TODO: deprecated should be removed when publik-base-theme is updated |
| 505 |
'allow_password_change': utils.user_can_change_password(user=request.user, request=request),
|
|
| 505 |
'allow_password_change': utils.user_can_change_password(request=request), |
|
| 506 | 506 |
'federation_management': federation_management, |
| 507 | 507 |
}) |
| 508 | 508 |
hooks.call_hooks('modify_context_data', self, context)
|
| ... | ... | |
| 581 | 581 | |
| 582 | 582 |
def login_password_profile(request, *args, **kwargs): |
| 583 | 583 |
context = kwargs.pop('context', {})
|
| 584 |
can_change_password = utils.user_can_change_password(user=request.user, request=request)
|
|
| 584 |
can_change_password = utils.user_can_change_password(request=request) |
|
| 585 | 585 |
has_usable_password = request.user.has_usable_password() |
| 586 |
context.update( |
|
| 587 |
{'can_change_password': can_change_password,
|
|
| 588 |
'has_usable_password': has_usable_password}) |
|
| 586 |
context.update({
|
|
| 587 |
'can_change_password': can_change_password, |
|
| 588 |
'has_usable_password': has_usable_password, |
|
| 589 |
}) |
|
| 589 | 590 |
return render_to_string(['auth/login_password_profile.html', |
| 590 | 591 |
'authentic2/login_password_profile.html'], |
| 591 | 592 |
context, request=request) |
| 592 |
- |
|