From 9612064aecc5642369ad7304fdeac7353fbfde11 Mon Sep 17 00:00:00 2001
From: Benjamin Dauvergne <bdauvergne@entrouvert.com>
Date: Tue, 3 Nov 2020 21:52:48 +0100
Subject: [PATCH 2/3] manage: ensure created users have a password (#47943)

---
 src/authentic2/manager/forms.py |  3 +++
 tests/test_user_manager.py      | 15 +++++++++++++++
 2 files changed, 18 insertions(+)

diff --git a/src/authentic2/manager/forms.py b/src/authentic2/manager/forms.py
index 5dbdcd8e..34362eb2 100644
--- a/src/authentic2/manager/forms.py
+++ b/src/authentic2/manager/forms.py
@@ -331,6 +331,9 @@ class UserAddForm(UserChangePasswordForm, UserEditForm):
             raise forms.ValidationError(
                 _('You must set a username or an email to set a password or send an activation link.'))
 
+        if not has_password:
+            self.instance.set_random_password()
+
     def has_email(self):
         return bool(self.cleaned_data.get('email'))
 
diff --git a/tests/test_user_manager.py b/tests/test_user_manager.py
index 34fbf8b9..ed7173a1 100644
--- a/tests/test_user_manager.py
+++ b/tests/test_user_manager.py
@@ -189,6 +189,21 @@ def test_create_user_email_is_unique(app, superuser, settings):
     assert 'This email address is already in use' in response
 
 
+def test_create_user_no_password(app, superuser):
+    response = login(app, superuser, '/manage/users/')
+    response = response.click('Add user')
+    response.form.set('first_name', 'John')
+    response.form.set('last_name', 'Doe')
+    response.form.set('generate_password', False)
+    response.form.set('password1', '')
+    response.form.set('password2', '')
+    response.form.set('send_password_reset', False)
+    response = response.form.submit(status=302)
+
+    user = User.objects.filter(is_superuser=False).get()
+    assert user.has_usable_password()
+
+
 def test_manager_user_change_email(app, superuser_or_admin, simple_user, mailoutbox):
     ou = get_default_ou()
     ou.validate_emails = True
-- 
2.29.1