From d3b41d6a5956874d25eb000acf51acc970446c80 Mon Sep 17 00:00:00 2001 From: Gabriel Detraz Date: Wed, 31 Jan 2018 05:51:47 +0100 Subject: [PATCH] Demande le mot de passe de soit quand on reinit un mdp --- users/forms.py | 25 +++++++++++++++++++++++-- users/models.py | 4 ++++ users/views.py | 36 +++++++++++++++++------------------- 3 files changed, 44 insertions(+), 21 deletions(-) diff --git a/users/forms.py b/users/forms.py index 72094d22..861fd292 100644 --- a/users/forms.py +++ b/users/forms.py @@ -50,10 +50,15 @@ from re2o.field_permissions import FieldPermissionFormMixin NOW = timezone.now() -class PassForm(forms.Form): +class PassForm(FieldPermissionFormMixin, forms.ModelForm): """Formulaire de changement de mot de passe. Verifie que les 2 nouveaux mots de passe renseignés sont identiques et respectent une norme""" + selfpasswd = forms.CharField( + label=u'Saisir le mot de passe existant', + max_length=255, + widget=forms.PasswordInput + ) passwd1 = forms.CharField( label=u'Nouveau mot de passe', max_length=255, @@ -67,15 +72,31 @@ class PassForm(forms.Form): widget=forms.PasswordInput ) + class Meta: + model = User + fields = [] + def clean_passwd2(self): """Verifie que passwd1 et 2 sont identiques""" # Check that the two password entries match password1 = self.cleaned_data.get("passwd1") password2 = self.cleaned_data.get("passwd2") if password1 and password2 and password1 != password2: - raise forms.ValidationError("Passwords don't match") + raise forms.ValidationError("Les 2 nouveaux mots de passe sont différents") return password2 + def clean_selfpasswd(self): + """Verifie si il y a lieu que le mdp self est correct""" + if not self.instance.check_password(self.cleaned_data.get("selfpasswd")): + raise forms.ValidationError("Le mot de passe actuel est incorrect") + return + + def save(self, commit=True): + """Changement du mot de passe""" + user = super(PassForm, self).save(commit=False) + user.set_password(self.cleaned_data.get("passwd1")) + user.save() + class UserCreationForm(forms.ModelForm): """A form for creating new users. Includes all the required diff --git a/users/models.py b/users/models.py index eb6b835c..5c145f54 100644 --- a/users/models.py +++ b/users/models.py @@ -735,6 +735,9 @@ class User(FieldPermissionModelMixin, AbstractBaseUser, PermissionsMixin): else: return False, u"Vous ne pouvez éditer un autre utilisateur que vous même" + def check_selfpasswd(self, user_request, *args, **kwargs): + return user_request == self, None + @staticmethod def can_change_state(user_request, *args, **kwargs): return user_request.has_perm('users.change_user_state'), "Droit requis pour changer l'état" @@ -801,6 +804,7 @@ class User(FieldPermissionModelMixin, AbstractBaseUser, PermissionsMixin): self.field_permissions = { 'shell' : self.can_change_shell, 'force' : self.can_change_force, + 'selfpasswd' : self.check_selfpasswd, } def __str__(self): diff --git a/users/views.py b/users/views.py index 9b4b818a..5640b003 100644 --- a/users/views.py +++ b/users/views.py @@ -102,21 +102,6 @@ from re2o.acl import ( can_change ) -def password_change_action(u_form, user, request, req=False): - """ Fonction qui effectue le changeemnt de mdp bdd""" - user.set_user_password(u_form.cleaned_data['passwd1']) - with transaction.atomic(), reversion.create_revision(): - user.save() - reversion.set_comment("Réinitialisation du mot de passe") - messages.success(request, "Le mot de passe a changé") - if req: - req.delete() - return redirect(reverse('index')) - return redirect(reverse( - 'users:profil', - kwargs={'userid':str(user.id)} - )) - @can_create(Adherent) def new_user(request): """ Vue de création d'un nouvel utilisateur, @@ -268,9 +253,17 @@ def password(request, user, userid): """ Reinitialisation d'un mot de passe à partir de l'userid, pour self par défaut, pour tous sans droit si droit cableur, pour tous si droit bureau """ - u_form = PassForm(request.POST or None) + u_form = PassForm(request.POST or None, instance=user, user=request.user) if u_form.is_valid(): - return password_change_action(u_form, user, request) + with transaction.atomic(), reversion.create_revision(): + u_form.save() + reversion.set_user(request.user) + reversion.set_comment("Changement du mot de passe") + messages.success(request, "Le mot de passe a changé") + return redirect(reverse( + 'users:profil', + kwargs={'userid':str(user.id)} + )) return form({'userform': u_form}, 'users/user.html', request) @@ -827,10 +820,15 @@ def process(request, token): def process_passwd(request, req): """Process le changeemnt de mot de passe, renvoie le formulaire demandant le nouveau password""" - u_form = PassForm(request.POST or None) user = req.user + u_form = PassForm(request.POST or None, instance=user, user=request.user) if u_form.is_valid(): - return password_change_action(u_form, user, request, req=req) + with transaction.atomic(), reversion.create_revision(): + u_form.save() + reversion.set_comment("Réinitialisation du mot de passe") + req.delete() + messages.success(request, "Le mot de passe a changé") + return redirect(reverse('index')) return form({'userform': u_form}, 'users/user.html', request)