0002-auth_fc-show-warning-on-password-change-page-if-user.patch
| src/authentic2/views.py | ||
|---|---|---|
| 1560 | 1560 |
if not utils_misc.user_can_change_password(request=request): |
| 1561 | 1561 |
messages.warning(request, _('Password change is forbidden'))
|
| 1562 | 1562 |
return utils_misc.redirect(request, self.post_change_redirect) |
| 1563 |
hooks.call_hooks('password_change_view', request=self.request)
|
|
| 1563 | 1564 |
return super().dispatch(request, *args, **kwargs) |
| 1564 | 1565 | |
| 1565 | 1566 |
def post(self, request, *args, **kwargs): |
| src/authentic2_auth_fc/apps.py | ||
|---|---|---|
| 115 | 115 |
if url: |
| 116 | 116 |
return [url] |
| 117 | 117 |
return [] |
| 118 | ||
| 119 |
def a2_hook_password_change_view(self, request=None, **kwargs): |
|
| 120 |
from django.contrib import messages |
|
| 121 |
from django.utils.translation import gettext as _ |
|
| 122 | ||
| 123 |
if request and request.user.is_authenticated and request.user.fc_accounts.exists(): |
|
| 124 |
messages.warning( |
|
| 125 |
request, |
|
| 126 |
_( |
|
| 127 |
'''\ |
|
| 128 |
Watch out, this password is the one from your local account and not the one from your \ |
|
| 129 |
FranceConnect provider. It will only be useful when you log in \ |
|
| 130 |
locally and not through FranceConnect.''' |
|
| 131 |
), |
|
| 132 |
) |
|
| tests/auth_fc/test_views.py | ||
|---|---|---|
| 1 |
# authentic2 - authentic2 authentication for FranceConnect |
|
| 2 |
# Copyright (C) 2022 Entr'ouvert |
|
| 3 |
# |
|
| 4 |
# This program is free software: you can redistribute it and/or modify it |
|
| 5 |
# under the terms of the GNU Affero General Public License as published |
|
| 6 |
# by the Free Software Foundation, either version 3 of the License, or |
|
| 7 |
# (at your option) any later version. |
|
| 8 |
# |
|
| 9 |
# This program is distributed in the hope that it will be useful, |
|
| 10 |
# but WITHOUT ANY WARRANTY; without even the implied warranty of |
|
| 11 |
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|
| 12 |
# GNU Affero General Public License for more details. |
|
| 13 |
# |
|
| 14 |
# You should have received a copy of the GNU Affero General Public License |
|
| 15 |
# along with this program. If not, see <http://www.gnu.org/licenses/>. |
|
| 16 | ||
| 17 |
from authentic2.custom_user.models import User |
|
| 18 | ||
| 19 | ||
| 20 |
def test_password_change_view_with_fc(app, db): |
|
| 21 |
user = User.objects.create(username='jdoe') |
|
| 22 |
app.set_user('jdoe')
|
|
| 23 | ||
| 24 |
response = app.get('/accounts/password/change/')
|
|
| 25 |
assert not len(response.pyquery('.messages'))
|
|
| 26 |
assert User.objects.count() == 1 |
|
| 27 | ||
| 28 |
user.fc_accounts.create(sub='1234') |
|
| 29 |
response = app.get('/accounts/password/change/')
|
|
| 30 |
assert 'FranceConnect' in response.pyquery('.messages .warning').text()
|
|
| 0 |
- |
|