def user_update(request, user, **data): manager = keystoneclient(request, admin=True).users error = None if not keystone_can_edit_user(): raise keystone_exceptions.ClientException( 405, _("Identity service does not allow editing user data.")) # The v2 API updates user model, password and default project separately if VERSIONS.active < 3: password = data.pop('password') project = data.pop('project') # Update user details try: user = manager.update(user, **data) except Exception: error = exceptions.handle(request, ignore=True) # Update default tenant try: user_update_tenant(request, user, project) user.tenantId = project except Exception: error = exceptions.handle(request, ignore=True) # Check for existing roles # Show a warning if no role exists for the project user_roles = roles_for_user(request, user, project) if not user_roles: messages.warning( request, _('User %s has no role defined for ' 'that project.') % data.get('name', None)) # If present, update password # FIXME(gabriel): password change should be its own form + view if password: try: user_update_password(request, user, password) if user.id == request.user.id: return utils.logout_with_message( request, _("Password changed. Please log in again to continue.") ) except Exception: error = exceptions.handle(request, ignore=True) if error is not None: raise error # v3 API is so much simpler... else: if not data['password']: data.pop('password') user = manager.update(user, **data) if data.get('password') and user.id == request.user.id: return utils.logout_with_message( request, _("Password changed. Please log in again to continue."))
def user_update(request, user, **data): manager = keystoneclient(request, admin=True).users error = None if not keystone_can_edit_user(): raise keystone_exceptions.ClientException(405, _("Identity service " "does not allow editing user data.")) # The v2 API updates user model, password and default project separately if VERSIONS.active < 3: password = data.pop("password") project = data.pop("project") # Update user details try: user = manager.update(user, **data) except Exception: error = exceptions.handle(request, ignore=True) # Update default tenant try: user_update_tenant(request, user, project) user.tenantId = project except Exception: error = exceptions.handle(request, ignore=True) # Check for existing roles # Show a warning if no role exists for the project user_roles = roles_for_user(request, user, project) if not user_roles: messages.warning(request, _("User %s has no role defined for " "that project.") % data.get("name", None)) # If present, update password # FIXME(gabriel): password change should be its own form + view if password: try: user_update_password(request, user, password) if user.id == request.user.id: return utils.logout_with_message(request, _("Password changed. Please log in again to continue.")) except Exception: error = exceptions.handle(request, ignore=True) if error is not None: raise error # v3 API is so much simpler... else: if not data["password"]: data.pop("password") user = manager.update(user, **data) if data.get("password") and user.id == request.user.id: return utils.logout_with_message(request, _("Password changed. Please log in again to continue."))
def handle(self, request, data): user_id = data.pop('id') password = data.pop('password') admin_password = None # Throw away the password confirmation, we're done with it. data.pop('confirm_password', None) # Verify admin password before changing user password if getattr(settings, 'ENFORCE_PASSWORD_CHECK', False): admin_password = data.pop('admin_password') if not api.keystone.user_verify_admin_password( request, admin_password): self.api_error(_('The admin password is incorrect.')) return False try: response = api.keystone.user_update_password( request, user_id, password) if user_id == request.user.id: return utils.logout_with_message( request, _('Password changed. Please log in to continue.'), redirect=False) messages.success(request, _('User password has been updated successfully.')) except Exception: response = exceptions.handle(request, ignore=True) messages.error(request, _('Unable to update the user password.')) if isinstance(response, http.HttpResponse): return response else: return True
def handle(self, request, data): user_id = data.pop('id') password = data.pop('password') # Throw away the password confirmation, we're done with it. data.pop('confirm_password', None) try: response = api.keystone.user_update_password( request, user_id, password) if user_id == request.user.id: return utils.logout_with_message( request, _('Password changed. Please log in to continue.'), redirect=False) messages.success(request, _('User password has been updated successfully.')) except Exception: response = exceptions.handle(request, ignore=True) messages.error(request, _('Unable to update the user password.')) if isinstance(response, http.HttpResponse): return response else: return True
def handle(self, request, data): user_id = data.pop('id') password = data.pop('password') admin_password = None # Throw away the password confirmation, we're done with it. data.pop('confirm_password', None) # Verify admin password before changing user password if getattr(settings, 'ENFORCE_PASSWORD_CHECK', False): admin_password = data.pop('admin_password') if not api.keystone.user_verify_admin_password(request, admin_password): self.api_error(_('The admin password is incorrect.')) return False try: response = api.keystone.user_update_password( request, user_id, password) if user_id == request.user.id: return utils.logout_with_message( request, _('Password changed. Please log in to continue.'), redirect=False) messages.success(request, _('User password has been updated successfully.')) except Exception: response = exceptions.handle(request, ignore=True) messages.error(request, _('Unable to update the user password.')) if isinstance(response, http.HttpResponse): return response else: return True
def user_update(request, user, use_idm_account=False, **data): if use_idm_account: manager = internal_keystoneclient(request).users else: manager = api.keystone.keystoneclient(request, admin=True).users if not data['password']: data.pop('password') user = manager.update(user, **data) if data.get('password') and user.id == request.user.id: return utils.logout_with_message( request, "Password changed. Please log in again to continue.")
def user_update(request, user, use_idm_account=False, **data): if use_idm_account: manager = internal_keystoneclient(request).users else: manager = api.keystone.keystoneclient( request, admin=True).users if not data['password']: data.pop('password') user = manager.update(user, **data) if data.get('password') and user.id == request.user.id: return utils.logout_with_message( request, "Password changed. Please log in again to continue." )
def handle(self, request, data): user_id = data.pop('id') password = data.pop('password') admin_password = None # Throw away the password confirmation, we're done with it. data.pop('confirm_password', None) # Verify admin password before changing user password if settings.ENFORCE_PASSWORD_CHECK: admin_password = data.pop('admin_password') if not api.keystone.user_verify_admin_password( request, admin_password): self.api_error(_('The admin password is incorrect.')) return False try: response = api.keystone.user_update_password(request, user_id, password, admin=False) if user_id == request.user.id: return utils.logout_with_message( request, _('Password changed. Please log in to continue.'), redirect=False) messages.success(request, _('User password has been updated successfully.')) except Exception as exc: response = exceptions.handle(request, ignore=True) match = re.match((r'The password does not match the ' r'requirements:(.*?) [(]HTTP 400[)]'), str(exc), re.UNICODE | re.MULTILINE) if match: info = match.group(1) messages.error( request, _('The password does not match the ' 'requirements: %s') % info) else: messages.error(request, _('Unable to update the user password.')) if isinstance(response, http.HttpResponse): return response else: return True
def user_update(request, user, **data): manager = keystoneclient(request, admin=True).users error = None if not keystone_can_edit_user(): raise keystone_exceptions.ClientException( 405, _("Identity service does not allow editing user data.")) # The v2 API updates user model and default project separately if VERSIONS.active < 3: # Update user details try: user = manager.update(user, **data) except keystone_exceptions.Conflict: raise exceptions.Conflict() except Exception: error = exceptions.handle(request, ignore=True) if "project" in data: project = data.pop('project') password = data.pop('password') # Update default tenant try: user_update_tenant(request, user, project) user.tenantId = project except Exception: error = exceptions.handle(request, ignore=True) # Check for existing roles # Show a warning if no role exists for the project user_roles = roles_for_user(request, user, project) if not user_roles: messages.warning( request, _('User %s has no role defined for ' 'that project.') % data.get('name', None)) if password: email = data.pop('email') LOG.info("v2 password:%s email:%s" % (password, email)) try: user_update_password(request, user, password) if user.id == request.user.id: return utils.logout_with_message( request, _("Password changed. Please log in again to continue." )) if email: LOG.info("v2 send email") send_mail(request, email, password) except Exception: error = exceptions.handle(request, ignore=True) if error is not None: raise error # v3 API is so much simpler... else: try: user = manager.update(user, **data) password = data.pop('password') if password: email = data.pop('email') LOG.info("v3 password:%s email:%s" % (password, email)) try: user_update_password(request, user, password) if user.id == request.user.id: return utils.logout_with_message( request, _("Password changed. Please log in again to continue." )) if email: LOG.info("v3 send email") send_mail(request, email, password) except Exception: error = exceptions.handle(request, ignore=True) if error is not None: raise error except keystone_exceptions.Conflict: raise exceptions.Conflict()