Changer le pwd d'un account

2016-09-01 16:31:18 +02:00 · 2016-09-01 16:31:18 +02:00 · f1444b2462
commit f1444b2462
parent 150731c2e9
5 changed files with 49 additions and 0 deletions
--- a/kfet/views.py
+++ b/kfet/views.py
@ -32,6 +32,7 @@ from collections import defaultdict
 from kfet import consumers
 from datetime import timedelta
 import django_cas_ng
+import hashlib
 import heapq
 import statistics

@ -276,6 +277,7 @@ def account_update(request, trigramme):
        group_form   = UserGroupForm(instance=account.user)
        account_form = AccountForm(instance=account)
        cof_form     = CofRestrictForm(instance=account.cofprofile)
+        pwd_form     = AccountPwdForm()
        if hasattr(account, 'negative'):
            negative_form = AccountNegativeForm(instance=account.negative)
        else:
@ -286,6 +288,7 @@ def account_update(request, trigramme):
        cof_form     = None
        group_form   = None
        negative_form = None
+        pwd_form     = None

    if request.method == "POST":
        # Update attempt
@ -297,6 +300,7 @@ def account_update(request, trigramme):
            cof_form     = CofRestrictForm(request.POST, instance=account.cofprofile)
            user_form    = UserRestrictTeamForm(request.POST, instance=account.user)
            group_form   = UserGroupForm(request.POST, instance=account.user)
+            pwd_form     = AccountPwdForm(request.POST)
            if hasattr(account, 'negative'):
                negative_form = AccountNegativeForm(request.POST, instance=account.negative)

@ -311,6 +315,15 @@ def account_update(request, trigramme):
                # Updating
                account_form.save(data = data)

+                # Checking perm to update password
+                if (request.user.has_perm('kfet.change_account_password')
+                        and pwd_form.is_valid()):
+                    pwd = pwd_form.cleaned_data['pwd1']
+                    pwd_sha1 = hashlib.sha1(pwd.encode()).hexdigest()
+                    Account.objects.filter(pk=account.pk).update(
+                            password = pwd_sha1)
+                    messages.success(request, 'Mot de passe mis à jour')
+
                # Checking perm to manage perms
                if (request.user.has_perm('kfet.manage_perms')
                        and group_form.is_valid()):
@ -363,6 +376,7 @@ def account_update(request, trigramme):
        'user_form'    : user_form,
        'group_form'   : group_form,
        'negative_form': negative_form,
+        'pwd_form'     : pwd_form,
    })

@permission_required('kfet.manage_perms')