def change_password(request,
domain,
login_id,
template="users/partials/reset_password.html"):
# copied from auth's password_change
commcare_user = CommCareUser.get_by_user_id(login_id, domain)
json_dump = {}
if not commcare_user or not user_can_access_other_user(
domain, request.couch_user, commcare_user):
raise Http404()
django_user = commcare_user.get_django_user()
if request.method == "POST":
form = SetUserPasswordForm(request.project,
login_id,
user=django_user,
data=request.POST)
if form.is_valid():
form.save()
json_dump['status'] = 'OK'
form = SetUserPasswordForm(request.project, login_id, user='')
else:
form = SetUserPasswordForm(request.project, login_id, user=django_user)
context = _users_context(request, domain)
context.update({
'reset_password_form': form,
})
json_dump['formHTML'] = render_to_string(template, context)
return HttpResponse(json.dumps(json_dump))
def _verify_users_are_accessible(domain, request_user, user_ids):
# This function would be very slow if called with many user ids
for user_id in user_ids:
other_user = CommCareUser.get(user_id)
if not user_can_access_other_user(domain, request_user,
other_user):
raise PermissionDenied("One or more users are not accessible")
def change_password(request, domain, login_id, template="users/partials/reset_password.html"):
# copied from auth's password_change
commcare_user = CommCareUser.get_by_user_id(login_id, domain)
json_dump = {}
if not commcare_user or not user_can_access_other_user(domain, request.couch_user, commcare_user):
raise Http404()
django_user = commcare_user.get_django_user()
if request.method == "POST":
form = SetUserPasswordForm(request.project, login_id, user=django_user, data=request.POST)
if form.is_valid():
form.save()
json_dump['status'] = 'OK'
form = SetUserPasswordForm(request.project, login_id, user='')
else:
form = SetUserPasswordForm(request.project, login_id, user=django_user)
context = _users_context(request, domain)
context.update({
'reset_password_form': form,
})
json_dump['formHTML'] = render_to_string(template, context)
return HttpResponse(json.dumps(json_dump))
def _ensure_accessible_location(domain, couch_user, as_user_obj):
if not user_can_access_other_user(domain, couch_user, as_user_obj):
raise RestorePermissionDenied(
_('Restore user {} not in allowed locations').format(
as_user_obj.username))
def _ensure_accessible_location(domain, couch_user, as_user_obj):
if not user_can_access_other_user(domain, couch_user, as_user_obj):
raise RestorePermissionDenied(
_(u'Restore user {} not in allowed locations').format(as_user_obj.username)
)
def _verify_users_are_accessible(domain, request_user, user_ids):
# This function would be very slow if called with many user ids
for user_id in user_ids:
other_user = CommCareUser.get(user_id)
if not user_can_access_other_user(domain, request_user, other_user):
raise PermissionDenied("One or more users are not accessible")
