def profile():
user = authnz.current_user
user_info = _(username=user.username,
email_addr=user.email_addr,
role=user.role)
session = get_session()['messages']
if request.method == 'POST':
form = PasswordChangeForm(request, user)
try:
if form.is_valid():
form.save()
session['pass'].append('Password has been changed successfully.')
return authnz.logout(success_redirect='/profile')
else:
session['fail'].append(form.errors)
except HTTPResponse:
raise
except Exception as ex:
error_message = 'Password change failed. Error: %s' % str(ex)
session['fail'].append(error_message)
logging.error(error_message, exc_info=True)
roles = sorted(
list(authnz.list_roles()),
key=lambda x: x[1], reverse=True)
return {
'title': 'Profile',
'user': user_info,
'roles': roles,
'readonly': True,
}
def put(self):
data = ImmutableMultiDict(request.json)
change_password_form = PasswordChangeForm(data, csrf_enabled=False)
if change_password_form.validate():
obj = User.query.filter(User.username == current_identity.username).first()
change_password_form.save(obj)
return jsonify({"status": "success", "message": "Password Changed"})
return change_password_form.errors
def test_pw_change(self):
user = create_user()
pw = 'new_pass1'
form = PasswordChangeForm(user=user, data={
'old_password': PASSWORD,
'new_password1': pw,
'new_password2': pw,
})
form.is_valid()
form.save()
self.assertTrue(form.password_changed())
def test_pw_change(self):
user = create_user()
pw = 'new_pass1'
form = PasswordChangeForm(user=user,
data={
'old_password': PASSWORD,
'new_password1': pw,
'new_password2': pw,
})
form.is_valid()
form.save()
self.assertTrue(form.password_changed())
def settings_view(request):
if request.method == 'POST':
form = PasswordChangeForm(user=request.user, data=request.POST, files=request.FILES)
#imgform = UploadFileForm(request.POST, request.FILES)
if form.is_valid():
form.save()
update_session_auth_hash(request, form.user)
return HttpResponseRedirect(reverse('settings_view'))
else:
pass
else:
form = PasswordChangeForm(user=request.user)
#imgform = UploadFileForm()
context = {'form': form, }
return render(request, "profile.html", context)
def password_change(request, template_name='registration/password_change_form.html',
post_change_redirect=None):
if post_change_redirect is None:
#post_change_redirect = reverse('django.contrib.auth.views.password_change_done')
post_change_redirect = reverse('auth.views.password_change_done')
if request.method == "POST":
form = PasswordChangeForm(request.user, request.POST)
if form.is_valid():
form.save()
return HttpResponseRedirect(post_change_redirect)
else:
form = PasswordChangeForm(request.user)
return render_to_response(template_name, {
'form': form,
}, context_instance=RequestContext(request))
def password_change(request,
template_name='registration/password_change_form.html',
post_change_redirect=None):
if post_change_redirect is None:
#post_change_redirect = reverse('django.contrib.auth.views.password_change_done')
post_change_redirect = reverse('auth.views.password_change_done')
if request.method == "POST":
form = PasswordChangeForm(request.user, request.POST)
if form.is_valid():
form.save()
return HttpResponseRedirect(post_change_redirect)
else:
form = PasswordChangeForm(request.user)
return render_to_response(template_name, {
'form': form,
},
context_instance=RequestContext(request))
def settings_view(request):
if request.method == 'POST':
form = PasswordChangeForm(user=request.user,
data=request.POST,
files=request.FILES)
#imgform = UploadFileForm(request.POST, request.FILES)
if form.is_valid():
form.save()
update_session_auth_hash(request, form.user)
return HttpResponseRedirect(reverse('settings_view'))
else:
pass
else:
form = PasswordChangeForm(user=request.user)
#imgform = UploadFileForm()
context = {
'form': form,
}
return render(request, "profile.html", context)
def edit(request):
"""
Change password only, for now...
"""
if request.POST:
form = PasswordChangeForm(request.user, request.POST)
if form.is_valid():
instance = form.save()
return HttpResponse('')
else:
form = PasswordChangeForm(user=request.user)
return render_to_response('users/change_password.html', {'form': form}, context_instance=RequestContext(request))
def editview(request, action):
if request.user.is_authenticated():
request_data = None
context = {}
if request.method == 'POST':
request_data = request.POST
if action == 'password':
form = PasswordChangeForm(user=request.user, data=request_data)
context = {'form': form, 'action': 'Change password', 'edition': True}
elif action == 'settings':
tz = 'UTC'
if hasattr(request.user, 'sciriususer'):
tz = request.user.sciriususer.timezone
initial = {'timezone': tz}
if request.user.is_superuser:
form = UserSettingsForm(request_data, instance=request.user, initial=initial)
else:
form = NormalUserSettingsForm(request_data, instance=request.user, initial=initial)
context = {'form': form, 'action': 'Edit settings for ' + request.user.username, 'edition': True}
elif action == 'token':
initial = {}
token = Token.objects.filter(user=request.user)
if len(token):
initial['token'] = token[0]
form = TokenForm(request_data, initial=initial)
context = {'form': form, 'action': 'User token', 'edition': True}
else:
context = {'action': 'User settings', 'edition': False}
if request.method == 'POST':
orig_superuser = request.user.is_superuser
orig_staff = request.user.is_staff
if form.is_valid():
if action == 'token':
current_tokens = Token.objects.filter(user=request.user)
for token in current_tokens:
token.delete()
Token.objects.create(user=request.user)
UserAction.create(
action_type='edit_user_token',
comment=form.cleaned_data['comment'],
user=request.user,
other_user=request.user
)
return redirect('accounts_edit', action='token')
context['edition'] = False
context['action'] = 'User settings'
ruser = form.save(commit = False)
if not orig_superuser:
ruser.is_superuser = False
ruser.is_staff = orig_staff
ruser.save()
if action == 'password':
update_session_auth_hash(request, ruser)
UserAction.create(
action_type='edit_user_password',
comment=form.cleaned_data['comment'],
user=request.user,
other_user=request.user
)
if action == 'settings':
try:
sciriususer = ruser.sciriususer
sciriususer.timezone = form.cleaned_data['timezone']
except:
sciriususer = SciriusUser.objects.create(user = ruser, timezone = form.cleaned_data['timezone'])
UserAction.create(
action_type='edit_user',
comment=form.cleaned_data['comment'],
user=request.user,
other_user=request.user
)
sciriususer.save()
return scirius_render(request, 'accounts/edit.html', context)
