Example #1
0
 def test_change_password2(self):
     # With existing users
     for name in ['alice', 'bob', 'charlie']:
         self.assertEqual(UserManager.change_password2(self.store, name, 'newpass'), UserManager.SUCCESS)
         user = self.store.find(db.User, db.User.name == name).one()
         self.assertEqual(UserManager.try_auth(self.store, name, 'newpass'), (UserManager.SUCCESS, user))
     # Non-existent user
     self.assertEqual(UserManager.change_password2(self.store, 'null', 'newpass'), UserManager.NO_SUCH_USER)
Example #2
0
    def test_change_password2(self):
        # With existing users
        for name in ['alice', 'bob', 'charlie']:
            self.assertEqual(UserManager.change_password2(self.store, name, 'newpass'), UserManager.SUCCESS)
            user = self.store.find(db.User, db.User.name == name).one()
            self.assertEqual(UserManager.try_auth(self.store, name, 'newpass'), (UserManager.SUCCESS, user))
            self.assertEqual(UserManager.try_auth(self.store, name, name.upper()), (UserManager.WRONG_PASS, None))

        # Non-existent user
        self.assertEqual(UserManager.change_password2(self.store, 'null', 'newpass'), UserManager.NO_SUCH_USER)
    def test_change_password2(self):
        self.create_data()

        # With existing users
        for name in ["alice", "bob", "charlie"]:
            UserManager.change_password2(name, "newpass")
            user = db.User.get(name=name)
            self.assertEqual(UserManager.try_auth(name, "newpass"), user)
            self.assertEqual(UserManager.try_auth(name, name.upper()), None)

        # Non-existent user
        self.assertRaises(ObjectNotFound, UserManager.change_password2, "null",
                          "newpass")
Example #4
0
def change_password(uid):
	if uid == 'me':
		user = UserManager.get(store, session.get('userid'))[1].name
	else:
		if not UserManager.get(store, session.get('userid'))[1].admin or not UserManager.get(store, uid)[0] is UserManager.SUCCESS:
			return redirect(url_for('index'))
		user = UserManager.get(store, uid)[1].name
	if request.method == 'POST':
		error = False
		if uid == 'me' or uid == session.get('userid'):
			current, new, confirm = map(request.form.get, [ 'current', 'new', 'confirm' ])
			if current in ('', None):
				flash('The current password is required')
				error = True
		else:
			new, confirm = map(request.form.get, [ 'new', 'confirm' ])
		if new in ('', None):
			flash('The new password is required')
			error = True
		if new != confirm:
			flash("The new password and its confirmation don't match")
			error = True

		if not error:
			if uid == 'me' or uid == session.get('userid'):
				status = UserManager.change_password(store, session.get('userid'), current, new)
			else:
				status = UserManager.change_password2(store, UserManager.get(store, uid)[1].name, new)
			if status != UserManager.SUCCESS:
				flash(UserManager.error_str(status))
			else:
				flash('Password changed')
				return redirect(url_for('user_profile', uid = uid))

	return render_template('change_pass.html', user = user, admin = UserManager.get(store, session.get('userid'))[1].admin)
Example #5
0
def change_password_post(uid, user):
    error = False
    if user.id == request.user.id:
        current = request.form.get('current')
        if not current:
            flash('The current password is required')
            error = True

    new, confirm = map(request.form.get, [ 'new', 'confirm' ])

    if not new:
        flash('The new password is required')
        error = True
    if new != confirm:
        flash("The new password and its confirmation don't match")
        error = True

    if not error:
        if user.id == request.user.id:
            status = UserManager.change_password(store, user.id, current, new)
        else:
            status = UserManager.change_password2(store, user.name, new)

        if status != UserManager.SUCCESS:
            flash(UserManager.error_str(status))
        else:
            flash('Password changed')
            return redirect(url_for('user_profile', uid = uid))

    return change_password_form(uid, user)
Example #6
0
def change_password_post(uid, user):
    error = False
    if user.id == request.user.id:
        current = request.form.get('current')
        if not current:
            flash('The current password is required')
            error = True

    new, confirm = map(request.form.get, [ 'new', 'confirm' ])

    if not new:
        flash('The new password is required')
        error = True
    if new != confirm:
        flash("The new password and its confirmation don't match")
        error = True

    if not error:
        if user.id == request.user.id:
            status = UserManager.change_password(store, user.id, current, new)
        else:
            status = UserManager.change_password2(store, user.name, new)

        if status != UserManager.SUCCESS:
            flash(UserManager.error_str(status))
        else:
            flash('Password changed')
            return redirect(url_for('user_profile', uid = uid))

    return change_password_form(uid, user)
Example #7
0
    def test_change_password2(self):
        self.create_data()

        self.assertRaises(TypeError, UserManager.change_password2, uuid.uuid4(), "pass")

        # With existing users
        for name in ["alice", "bob", "charlie"]:
            UserManager.change_password2(name, "newpass")
            user = db.User.get(name=name)
            self.assertEqual(UserManager.try_auth(name, "newpass"), user)
            self.assertEqual(UserManager.try_auth(name, name.upper()), None)

            # test passing the user directly
            UserManager.change_password2(user, "NEWPASS")
            self.assertEqual(UserManager.try_auth(name, "NEWPASS"), user)

        # Non-existent user
        self.assertRaises(
            ObjectNotFound, UserManager.change_password2, "null", "newpass"
        )
Example #8
0
def user_changepass():
    username, password = map(request.args.get, ['username', 'password'])
    if not username or not password:
        return request.error_formatter(10, 'Missing parameter')

    if username != request.username and not request.user.admin:
        return request.error_formatter(50, 'Admin restricted')

    status = UserManager.change_password2(store, username, password)
    if status != UserManager.SUCCESS:
        return request.error_formatter(0, UserManager.error_str(status))

    return request.formatter({})
Example #9
0
def user_changepass():
	username, password = map(request.args.get, [ 'username', 'password' ])
	if not username or not password:
		return request.error_formatter(10, 'Missing parameter')

	if username != request.username and not request.user.admin:
		return request.error_formatter(50, 'Admin restricted')

	status = UserManager.change_password2(store, username, password)
	if status != UserManager.SUCCESS:
		return request.error_formatter(0, UserManager.error_str(status))

	return request.formatter({})
Example #10
0
def user_changepass():
    username, password = map(request.values.get, [ 'username', 'password' ])
    if not username or not password:
        return request.error_formatter(10, 'Missing parameter')

    if username != request.username and not request.user.admin:
        return request.error_formatter(50, 'Admin restricted')

    password = decode_password(password)
    status = UserManager.change_password2(store, username, password)
    if status != UserManager.SUCCESS:
        code = 0
        if status == UserManager.NO_SUCH_USER:
            code = 70
        return request.error_formatter(code, UserManager.error_str(status))

    return request.formatter({})
Example #11
0
def user_changepass():
    username, password = map(request.values.get, ['username', 'password'])
    if not username or not password:
        return request.error_formatter(10, 'Missing parameter')

    if username != request.username and not request.user.admin:
        return request.error_formatter(50, 'Admin restricted')

    password = decode_password(password)
    status = UserManager.change_password2(store, username, password)
    if status != UserManager.SUCCESS:
        code = 0
        if status == UserManager.NO_SUCH_USER:
            code = 70
        return request.error_formatter(code, UserManager.error_str(status))

    return request.formatter({})