def change_password(request, domain, login_id, template="users/partials/reset_password.html"): # copied from auth's password_change commcare_user = CommCareUser.get_by_user_id(login_id, domain) json_dump = {} if not commcare_user or not user_can_access_other_user( domain, request.couch_user, commcare_user): raise Http404() django_user = commcare_user.get_django_user() if request.method == "POST": form = SetUserPasswordForm(request.project, login_id, user=django_user, data=request.POST) if form.is_valid(): form.save() json_dump['status'] = 'OK' form = SetUserPasswordForm(request.project, login_id, user='') else: form = SetUserPasswordForm(request.project, login_id, user=django_user) context = _users_context(request, domain) context.update({ 'reset_password_form': form, }) json_dump['formHTML'] = render_to_string(template, context) return HttpResponse(json.dumps(json_dump))
def _verify_users_are_accessible(domain, request_user, user_ids): # This function would be very slow if called with many user ids for user_id in user_ids: other_user = CommCareUser.get(user_id) if not user_can_access_other_user(domain, request_user, other_user): raise PermissionDenied("One or more users are not accessible")
def change_password(request, domain, login_id, template="users/partials/reset_password.html"): # copied from auth's password_change commcare_user = CommCareUser.get_by_user_id(login_id, domain) json_dump = {} if not commcare_user or not user_can_access_other_user(domain, request.couch_user, commcare_user): raise Http404() django_user = commcare_user.get_django_user() if request.method == "POST": form = SetUserPasswordForm(request.project, login_id, user=django_user, data=request.POST) if form.is_valid(): form.save() json_dump['status'] = 'OK' form = SetUserPasswordForm(request.project, login_id, user='') else: form = SetUserPasswordForm(request.project, login_id, user=django_user) context = _users_context(request, domain) context.update({ 'reset_password_form': form, }) json_dump['formHTML'] = render_to_string(template, context) return HttpResponse(json.dumps(json_dump))
def _ensure_accessible_location(domain, couch_user, as_user_obj): if not user_can_access_other_user(domain, couch_user, as_user_obj): raise RestorePermissionDenied( _('Restore user {} not in allowed locations').format( as_user_obj.username))
def _ensure_accessible_location(domain, couch_user, as_user_obj): if not user_can_access_other_user(domain, couch_user, as_user_obj): raise RestorePermissionDenied( _(u'Restore user {} not in allowed locations').format(as_user_obj.username) )