Changer le pwd d'un account

This commit is contained in:
Aurélien Delobelle 2016-09-01 16:31:18 +02:00
parent 150731c2e9
commit f1444b2462
5 changed files with 49 additions and 0 deletions

View file

@ -66,6 +66,21 @@ class AccountRestrictForm(AccountForm):
class Meta(AccountForm.Meta): class Meta(AccountForm.Meta):
fields = ['promo'] fields = ['promo']
class AccountPwdForm(forms.Form):
pwd1 = forms.CharField(
widget=forms.PasswordInput)
pwd2 = forms.CharField(
widget=forms.PasswordInput)
def clean(self):
pwd1 = self.cleaned_data['pwd1']
pwd2 = self.cleaned_data['pwd2']
if len(pwd1) < 8:
raise ValidationError("Mot de passe trop court")
if pwd1 != pwd2:
raise ValidationError("Les mots de passes sont différents")
super(AccountPwdForm, self).clean()
class CofForm(forms.ModelForm): class CofForm(forms.ModelForm):
def clean_is_cof(self): def clean_is_cof(self):
instance = getattr(self, 'instance', None) instance = getattr(self, 'instance', None)

View file

@ -0,0 +1,18 @@
# -*- coding: utf-8 -*-
from __future__ import unicode_literals
from django.db import models, migrations
class Migration(migrations.Migration):
dependencies = [
('kfet', '0043_auto_20160901_0046'),
]
operations = [
migrations.AlterModelOptions(
name='globalpermissions',
options={'managed': False, 'permissions': (('is_team', 'Is part of the team'), ('perform_deposit', 'Effectuer une charge'), ('perform_negative_operations', 'Enregistrer des commandes en n\xe9gatif'), ('override_frozen_protection', "Forcer le gel d'un compte"), ('cancel_old_operations', 'Annuler des commandes non r\xe9centes'), ('manage_perms', 'G\xe9rer les permissions K-F\xeat'), ('manage_addcosts', 'G\xe9rer les majorations'), ('perform_commented_operations', 'Enregistrer des commandes avec commentaires'), ('view_negs', 'Voir la liste des n\xe9gatifs'), ('order_to_inventory', "G\xe9n\xe9rer un inventaire \xe0 partir d'une commande"), ('edit_balance_account', "Modifier la balance d'un compte"), ('change_account_password', "Modifier le mot de passe d'une personne de l'\xe9quipe"))},
),
]

View file

@ -562,6 +562,7 @@ class GlobalPermissions(models.Model):
('view_negs', 'Voir la liste des négatifs'), ('view_negs', 'Voir la liste des négatifs'),
('order_to_inventory', "Générer un inventaire à partir d'une commande"), ('order_to_inventory', "Générer un inventaire à partir d'une commande"),
('edit_balance_account', "Modifier la balance d'un compte"), ('edit_balance_account', "Modifier la balance d'un compte"),
('change_account_password', "Modifier le mot de passe d'une personne de l'équipe"),
) )
class Settings(models.Model): class Settings(models.Model):

View file

@ -38,6 +38,7 @@
{{ cof_form.as_p }} {{ cof_form.as_p }}
{{ account_form.as_p }} {{ account_form.as_p }}
{{ group_form.as_p }} {{ group_form.as_p }}
{{ pwd_form.as_p }}
{{ negative_form.non_field_errors }} {{ negative_form.non_field_errors }}
{% for field in negative_form %} {% for field in negative_form %}
{{ field.errors }} {{ field.errors }}

View file

@ -32,6 +32,7 @@ from collections import defaultdict
from kfet import consumers from kfet import consumers
from datetime import timedelta from datetime import timedelta
import django_cas_ng import django_cas_ng
import hashlib
import heapq import heapq
import statistics import statistics
@ -276,6 +277,7 @@ def account_update(request, trigramme):
group_form = UserGroupForm(instance=account.user) group_form = UserGroupForm(instance=account.user)
account_form = AccountForm(instance=account) account_form = AccountForm(instance=account)
cof_form = CofRestrictForm(instance=account.cofprofile) cof_form = CofRestrictForm(instance=account.cofprofile)
pwd_form = AccountPwdForm()
if hasattr(account, 'negative'): if hasattr(account, 'negative'):
negative_form = AccountNegativeForm(instance=account.negative) negative_form = AccountNegativeForm(instance=account.negative)
else: else:
@ -286,6 +288,7 @@ def account_update(request, trigramme):
cof_form = None cof_form = None
group_form = None group_form = None
negative_form = None negative_form = None
pwd_form = None
if request.method == "POST": if request.method == "POST":
# Update attempt # Update attempt
@ -297,6 +300,7 @@ def account_update(request, trigramme):
cof_form = CofRestrictForm(request.POST, instance=account.cofprofile) cof_form = CofRestrictForm(request.POST, instance=account.cofprofile)
user_form = UserRestrictTeamForm(request.POST, instance=account.user) user_form = UserRestrictTeamForm(request.POST, instance=account.user)
group_form = UserGroupForm(request.POST, instance=account.user) group_form = UserGroupForm(request.POST, instance=account.user)
pwd_form = AccountPwdForm(request.POST)
if hasattr(account, 'negative'): if hasattr(account, 'negative'):
negative_form = AccountNegativeForm(request.POST, instance=account.negative) negative_form = AccountNegativeForm(request.POST, instance=account.negative)
@ -311,6 +315,15 @@ def account_update(request, trigramme):
# Updating # Updating
account_form.save(data = data) account_form.save(data = data)
# Checking perm to update password
if (request.user.has_perm('kfet.change_account_password')
and pwd_form.is_valid()):
pwd = pwd_form.cleaned_data['pwd1']
pwd_sha1 = hashlib.sha1(pwd.encode()).hexdigest()
Account.objects.filter(pk=account.pk).update(
password = pwd_sha1)
messages.success(request, 'Mot de passe mis à jour')
# Checking perm to manage perms # Checking perm to manage perms
if (request.user.has_perm('kfet.manage_perms') if (request.user.has_perm('kfet.manage_perms')
and group_form.is_valid()): and group_form.is_valid()):
@ -363,6 +376,7 @@ def account_update(request, trigramme):
'user_form' : user_form, 'user_form' : user_form,
'group_form' : group_form, 'group_form' : group_form,
'negative_form': negative_form, 'negative_form': negative_form,
'pwd_form' : pwd_form,
}) })
@permission_required('kfet.manage_perms') @permission_required('kfet.manage_perms')