def get_related_passwords(self, db_field=False):
related = [
self.main_systemuser,
]
for model, key, related_kwargs, __ in settings.ACCOUNTS_CREATE_RELATED:
if 'password' not in related_kwargs:
continue
model = apps.get_model(model)
kwargs = {key: eval(related_kwargs[key], {'account': self})}
try:
rel = model.objects.get(account=self, **kwargs)
except model.DoesNotExist:
continue
if db_field:
if not has_db_field(rel, 'password'):
continue
related.append(rel)
return related
def get_related_passwords(self, db_field=False):
related = [
self.main_systemuser,
]
for model, key, related_kwargs, __ in settings.ACCOUNTS_CREATE_RELATED:
if 'password' not in related_kwargs:
continue
model = apps.get_model(model)
kwargs = {
key: eval(related_kwargs[key], {'account': self})
}
try:
rel = model.objects.get(account=self, **kwargs)
except model.DoesNotExist:
continue
if db_field:
if not has_db_field(rel, 'password'):
continue
related.append(rel)
return related
def change_password(self, request, id, form_url=''):
if not self.has_change_permission(request):
raise PermissionDenied
# TODO use this insetad of self.get_object(), in other places
obj = get_object_or_404(self.get_queryset(request), pk=id)
raw = request.GET.get('raw', '0') == '1'
can_raw = has_db_field(obj, 'password')
if raw and not can_raw:
raise TypeError(
"%s has no password db field for raw password edditing." % obj)
related = []
for obj_name_attr in ('username', 'name', 'hostname'):
try:
obj_name = getattr(obj, obj_name_attr)
except AttributeError:
pass
else:
break
if hasattr(obj, 'account'):
account = obj.account
if obj.account.username == obj_name:
related.append(obj.account)
else:
account = obj
if account.username == obj_name:
for rel in account.get_related_passwords(db_field=raw):
if not isinstance(obj, type(rel)):
related.append(rel)
if request.method == 'POST':
form = self.change_password_form(obj,
request.POST,
related=related,
raw=raw)
if form.is_valid():
form.save()
self.log_change(request, obj, _("Password changed."))
msg = _('Password changed successfully.')
messages.success(request, msg)
update_session_auth_hash(request, form.user) # This is safe
return HttpResponseRedirect('..')
else:
form = self.change_password_form(obj, related=related, raw=raw)
fieldsets = [
(obj._meta.verbose_name.capitalize(), {
'classes': ('wide', ),
'fields': ('password', ) if raw else
('password1', 'password2'),
}),
]
for ix, rel in enumerate(related):
fieldsets.append((rel._meta.verbose_name.capitalize(), {
'classes': ('wide', ),
'fields': ('password_%i' % ix, ) if raw else
('password1_%i' % ix, 'password2_%i' % ix)
}))
obj_username = self.get_change_password_username(obj)
adminForm = admin.helpers.AdminForm(form, fieldsets, {})
context = {
'title':
_('Change password: %s') % obj_username,
'adminform':
adminForm,
'raw':
raw,
'can_raw':
can_raw,
'errors':
admin.helpers.AdminErrorList(form, []),
'form_url':
form_url,
'is_popup': (IS_POPUP_VAR in request.POST
or IS_POPUP_VAR in request.GET),
'add':
True,
'change':
False,
'has_delete_permission':
False,
'has_change_permission':
True,
'has_absolute_url':
False,
'opts':
self.model._meta,
'original':
obj,
'obj_username':
obj_username,
'save_as':
False,
'show_save':
True,
'password':
random_ascii(10),
}
context.update(admin.site.each_context(request))
return TemplateResponse(request, self.change_user_password_template,
context)
def change_password(self, request, id, form_url=''):
if not self.has_change_permission(request):
raise PermissionDenied
# TODO use this insetad of self.get_object(), in other places
obj = get_object_or_404(self.get_queryset(request), pk=id)
raw = request.GET.get('raw', '0') == '1'
can_raw = has_db_field(obj, 'password')
if raw and not can_raw:
raise TypeError("%s has no password db field for raw password edditing." % obj)
related = []
for obj_name_attr in ('username', 'name', 'hostname'):
try:
obj_name = getattr(obj, obj_name_attr)
except AttributeError:
pass
else:
break
if hasattr(obj, 'account'):
account = obj.account
if obj.account.username == obj_name:
related.append(obj.account)
else:
account = obj
if account.username == obj_name:
for rel in account.get_related_passwords(db_field=raw):
if not isinstance(obj, type(rel)):
related.append(rel)
if request.method == 'POST':
form = self.change_password_form(obj, request.POST, related=related, raw=raw)
if form.is_valid():
form.save()
self.log_change(request, obj, _("Password changed."))
msg = _('Password changed successfully.')
messages.success(request, msg)
update_session_auth_hash(request, form.user) # This is safe
return HttpResponseRedirect('..')
else:
form = self.change_password_form(obj, related=related, raw=raw)
fieldsets = [
(obj._meta.verbose_name.capitalize(), {
'classes': ('wide',),
'fields': ('password',) if raw else ('password1', 'password2'),
}),
]
for ix, rel in enumerate(related):
fieldsets.append((rel._meta.verbose_name.capitalize(), {
'classes': ('wide',),
'fields': ('password_%i' % ix,) if raw else ('password1_%i' % ix, 'password2_%i' % ix)
}))
obj_username = self.get_change_password_username(obj)
adminForm = admin.helpers.AdminForm(form, fieldsets, {})
context = {
'title': _('Change password: %s') % obj_username,
'adminform': adminForm,
'raw': raw,
'can_raw': can_raw,
'errors': admin.helpers.AdminErrorList(form, []),
'form_url': form_url,
'is_popup': (IS_POPUP_VAR in request.POST or
IS_POPUP_VAR in request.GET),
'add': True,
'change': False,
'has_delete_permission': False,
'has_change_permission': True,
'has_absolute_url': False,
'opts': self.model._meta,
'original': obj,
'obj_username': obj_username,
'save_as': False,
'show_save': True,
'password': random_ascii(10),
}
context.update(admin.site.each_context(request))
return TemplateResponse(request, self.change_user_password_template, context)
