Changer le pwd d'un account

2016-09-01 16:31:18 +02:00 · 2016-09-01 16:31:18 +02:00 · f1444b2462
commit f1444b2462
parent 150731c2e9
5 changed files with 49 additions and 0 deletions
--- a/kfet/forms.py
+++ b/kfet/forms.py
@ -66,6 +66,21 @@ class AccountRestrictForm(AccountForm):
    class Meta(AccountForm.Meta):
        fields = ['promo']
 class AccountPwdForm(forms.Form):
    pwd1 = forms.CharField(
            widget=forms.PasswordInput)
    pwd2 = forms.CharField(
            widget=forms.PasswordInput)
    def clean(self):
        pwd1 = self.cleaned_data['pwd1']
        pwd2 = self.cleaned_data['pwd2']
        if len(pwd1) < 8:
            raise ValidationError("Mot de passe trop court")
        if pwd1 != pwd2:
            raise ValidationError("Les mots de passes sont différents")
        super(AccountPwdForm, self).clean()
 class CofForm(forms.ModelForm):
    def clean_is_cof(self):
        instance = getattr(self, 'instance', None)
--- a/kfet/migrations/0044_auto_20160901_1614.py
+++ b/kfet/migrations/0044_auto_20160901_1614.py
@ -0,0 +1,18 @@
 # -*- coding: utf-8 -*-
 from __future__ import unicode_literals
 from django.db import models, migrations
 class Migration(migrations.Migration):
    dependencies = [
        ('kfet', '0043_auto_20160901_0046'),
    ]
    operations = [
        migrations.AlterModelOptions(
            name='globalpermissions',
            options={'managed': False, 'permissions': (('is_team', 'Is part of the team'), ('perform_deposit', 'Effectuer une charge'), ('perform_negative_operations', 'Enregistrer des commandes en n\xe9gatif'), ('override_frozen_protection', "Forcer le gel d'un compte"), ('cancel_old_operations', 'Annuler des commandes non r\xe9centes'), ('manage_perms', 'G\xe9rer les permissions K-F\xeat'), ('manage_addcosts', 'G\xe9rer les majorations'), ('perform_commented_operations', 'Enregistrer des commandes avec commentaires'), ('view_negs', 'Voir la liste des n\xe9gatifs'), ('order_to_inventory', "G\xe9n\xe9rer un inventaire \xe0 partir d'une commande"), ('edit_balance_account', "Modifier la balance d'un compte"), ('change_account_password', "Modifier le mot de passe d'une personne de l'\xe9quipe"))},
        ),
    ]
--- a/kfet/models.py
+++ b/kfet/models.py
@ -562,6 +562,7 @@ class GlobalPermissions(models.Model):
            ('view_negs', 'Voir la liste des négatifs'),
            ('order_to_inventory', "Générer un inventaire à partir d'une commande"),
            ('edit_balance_account', "Modifier la balance d'un compte"),
            ('change_account_password', "Modifier le mot de passe d'une personne de l'équipe"),
        )
 class Settings(models.Model):
--- a/kfet/templates/kfet/account_update.html
+++ b/kfet/templates/kfet/account_update.html
@ -38,6 +38,7 @@
          {{ cof_form.as_p }}
          {{ account_form.as_p }}
          {{ group_form.as_p }}
          {{ pwd_form.as_p }}
          {{ negative_form.non_field_errors }}
          {% for field in negative_form %}
            {{ field.errors }}
--- a/kfet/views.py
+++ b/kfet/views.py
@ -32,6 +32,7 @@ from collections import defaultdict
 from kfet import consumers
 from datetime import timedelta
 import django_cas_ng
 import hashlib
 import heapq
 import statistics
@ -276,6 +277,7 @@ def account_update(request, trigramme):
        group_form   = UserGroupForm(instance=account.user)
        account_form = AccountForm(instance=account)
        cof_form     = CofRestrictForm(instance=account.cofprofile)
        pwd_form     = AccountPwdForm()
        if hasattr(account, 'negative'):
            negative_form = AccountNegativeForm(instance=account.negative)
        else:
@ -286,6 +288,7 @@ def account_update(request, trigramme):
        cof_form     = None
        group_form   = None
        negative_form = None
        pwd_form     = None
    if request.method == "POST":
        # Update attempt
@ -297,6 +300,7 @@ def account_update(request, trigramme):
            cof_form     = CofRestrictForm(request.POST, instance=account.cofprofile)
            user_form    = UserRestrictTeamForm(request.POST, instance=account.user)
            group_form   = UserGroupForm(request.POST, instance=account.user)
            pwd_form     = AccountPwdForm(request.POST)
            if hasattr(account, 'negative'):
                negative_form = AccountNegativeForm(request.POST, instance=account.negative)
@ -311,6 +315,15 @@ def account_update(request, trigramme):
                # Updating
                account_form.save(data = data)
                # Checking perm to update password
                if (request.user.has_perm('kfet.change_account_password')
                        and pwd_form.is_valid()):
                    pwd = pwd_form.cleaned_data['pwd1']
                    pwd_sha1 = hashlib.sha1(pwd.encode()).hexdigest()
                    Account.objects.filter(pk=account.pk).update(
                            password = pwd_sha1)
                    messages.success(request, 'Mot de passe mis à jour')
                # Checking perm to manage perms
                if (request.user.has_perm('kfet.manage_perms')
                        and group_form.is_valid()):
@ -363,6 +376,7 @@ def account_update(request, trigramme):
        'user_form'    : user_form,
        'group_form'   : group_form,
        'negative_form': negative_form,
        'pwd_form'     : pwd_form,
    })
@permission_required('kfet.manage_perms')