forked from ScoDoc/ScoDoc
Form change password. Codage UTF-8 par défaut provisoirement.
This commit is contained in:
parent
46cef02b39
commit
a60dfc9df5
@ -2,6 +2,12 @@
|
|||||||
# pylint: disable=invalid-name
|
# pylint: disable=invalid-name
|
||||||
|
|
||||||
import os
|
import os
|
||||||
|
import sys
|
||||||
|
|
||||||
|
# Un hack en attendant la migration vers Python3 #sco8
|
||||||
|
reload(sys)
|
||||||
|
sys.setdefaultencoding("UTF8")
|
||||||
|
|
||||||
import logging
|
import logging
|
||||||
from logging.handlers import SMTPHandler, RotatingFileHandler
|
from logging.handlers import SMTPHandler, RotatingFileHandler
|
||||||
|
|
||||||
|
@ -72,6 +72,7 @@ class User(UserMixin, db.Model):
|
|||||||
|
|
||||||
def set_password(self, password):
|
def set_password(self, password):
|
||||||
"Set password"
|
"Set password"
|
||||||
|
current_app.logger.info("set_password({})".format(self))
|
||||||
if password:
|
if password:
|
||||||
self.password_hash = generate_password_hash(password)
|
self.password_hash = generate_password_hash(password)
|
||||||
else:
|
else:
|
||||||
|
@ -95,7 +95,7 @@ def permission_required(permission):
|
|||||||
@wraps(f)
|
@wraps(f)
|
||||||
def decorated_function(*args, **kwargs):
|
def decorated_function(*args, **kwargs):
|
||||||
if "scodoc_dept" in kwargs:
|
if "scodoc_dept" in kwargs:
|
||||||
g.scodoc_dept = kwargs["scodoc_dept"]
|
g.scodoc_dept = kwargs["scodoc_dept"].encode("utf-8") # sco8
|
||||||
del kwargs["scodoc_dept"]
|
del kwargs["scodoc_dept"]
|
||||||
# current_app.logger.info(
|
# current_app.logger.info(
|
||||||
# "permission_required: %s in %s" % (permission, g.scodoc_dept)
|
# "permission_required: %s in %s" % (permission, g.scodoc_dept)
|
||||||
|
@ -270,7 +270,7 @@ def do_formsemestre_createwithmodules(context, REQUEST=None, edit=False):
|
|||||||
"allowed_values": allowed_user_names,
|
"allowed_values": allowed_user_names,
|
||||||
"allow_null": False, # il faut au moins un responsable de semestre
|
"allow_null": False, # il faut au moins un responsable de semestre
|
||||||
"text_suggest_options": {
|
"text_suggest_options": {
|
||||||
"script": "Users/get_userlist_xml?",
|
"script": "Users/get_user_list_xml?",
|
||||||
"varname": "start",
|
"varname": "start",
|
||||||
"json": False,
|
"json": False,
|
||||||
"noresults": "Valeur invalide !",
|
"noresults": "Valeur invalide !",
|
||||||
@ -288,7 +288,7 @@ def do_formsemestre_createwithmodules(context, REQUEST=None, edit=False):
|
|||||||
"allowed_values": allowed_user_names,
|
"allowed_values": allowed_user_names,
|
||||||
"allow_null": True, # optionnel
|
"allow_null": True, # optionnel
|
||||||
"text_suggest_options": {
|
"text_suggest_options": {
|
||||||
"script": "Users/get_userlist_xml?",
|
"script": "Users/get_user_list_xml?",
|
||||||
"varname": "start",
|
"varname": "start",
|
||||||
"json": False,
|
"json": False,
|
||||||
"noresults": "Valeur invalide !",
|
"noresults": "Valeur invalide !",
|
||||||
@ -572,7 +572,7 @@ def do_formsemestre_createwithmodules(context, REQUEST=None, edit=False):
|
|||||||
"allowed_values": allowed_user_names,
|
"allowed_values": allowed_user_names,
|
||||||
"template": itemtemplate,
|
"template": itemtemplate,
|
||||||
"text_suggest_options": {
|
"text_suggest_options": {
|
||||||
"script": "Users/get_userlist_xml?",
|
"script": "Users/get_user_list_xml?",
|
||||||
"varname": "start",
|
"varname": "start",
|
||||||
"json": False,
|
"json": False,
|
||||||
"noresults": "Valeur invalide !",
|
"noresults": "Valeur invalide !",
|
||||||
@ -933,7 +933,7 @@ def formsemestre_clone(context, formsemestre_id, REQUEST=None):
|
|||||||
"allowed_values": allowed_user_names,
|
"allowed_values": allowed_user_names,
|
||||||
"allow_null": False,
|
"allow_null": False,
|
||||||
"text_suggest_options": {
|
"text_suggest_options": {
|
||||||
"script": "Users/get_userlist_xml?",
|
"script": "Users/get_user_list_xml?",
|
||||||
"varname": "start",
|
"varname": "start",
|
||||||
"json": False,
|
"json": False,
|
||||||
"noresults": "Valeur invalide !",
|
"noresults": "Valeur invalide !",
|
||||||
|
@ -198,6 +198,8 @@ def can_handle_passwd(user, allow_admindepts=False):
|
|||||||
and add roles to them).
|
and add roles to them).
|
||||||
user is a User instance.
|
user is a User instance.
|
||||||
"""
|
"""
|
||||||
|
if not user:
|
||||||
|
return False
|
||||||
if current_user.is_administrator():
|
if current_user.is_administrator():
|
||||||
return True # super admin
|
return True # super admin
|
||||||
# Anyone can change his own passwd (or see his informations)
|
# Anyone can change his own passwd (or see his informations)
|
||||||
|
@ -388,7 +388,11 @@ def UsersURL():
|
|||||||
= url de base des requêtes ZScoUsers
|
= url de base des requêtes ZScoUsers
|
||||||
et page accueil users
|
et page accueil users
|
||||||
"""
|
"""
|
||||||
return "NotImplemented"
|
return url_for("users.index_html", scodoc_dept=g.scodoc_dept)[
|
||||||
|
: -len("/index_html")
|
||||||
|
].encode(
|
||||||
|
SCO_ENCODING
|
||||||
|
) # sco8
|
||||||
|
|
||||||
|
|
||||||
def get_current_user_name(REQUEST):
|
def get_current_user_name(REQUEST):
|
||||||
|
@ -84,4 +84,4 @@ import flask
|
|||||||
|
|
||||||
@bp.route("/essrep")
|
@bp.route("/essrep")
|
||||||
def essrep():
|
def essrep():
|
||||||
return flask.Response(status=200, response="Bonjour")
|
return flask.Response(status=200, response="Bonjour pépé %s" + u"papa")
|
||||||
|
@ -756,7 +756,7 @@ def edit_enseignants_form(context, REQUEST, moduleimpl_id):
|
|||||||
"allowed_values": allowed_user_names,
|
"allowed_values": allowed_user_names,
|
||||||
"allow_null": False,
|
"allow_null": False,
|
||||||
"text_suggest_options": {
|
"text_suggest_options": {
|
||||||
"script": "Users/get_userlist_xml?",
|
"script": "Users/get_user_list_xml?",
|
||||||
"varname": "start",
|
"varname": "start",
|
||||||
"json": False,
|
"json": False,
|
||||||
"noresults": "Valeur invalide !",
|
"noresults": "Valeur invalide !",
|
||||||
@ -846,7 +846,7 @@ def edit_moduleimpl_resp(context, REQUEST, moduleimpl_id):
|
|||||||
"allowed_values": allowed_user_names,
|
"allowed_values": allowed_user_names,
|
||||||
"allow_null": False,
|
"allow_null": False,
|
||||||
"text_suggest_options": {
|
"text_suggest_options": {
|
||||||
"script": "Users/get_userlist_xml?",
|
"script": "Users/get_user_list_xml?",
|
||||||
"varname": "start",
|
"varname": "start",
|
||||||
"json": False,
|
"json": False,
|
||||||
"noresults": "Valeur invalide !",
|
"noresults": "Valeur invalide !",
|
||||||
|
@ -40,6 +40,8 @@ from flask import g
|
|||||||
from flask import current_app, request
|
from flask import current_app, request
|
||||||
from flask_login import current_user
|
from flask_login import current_user
|
||||||
|
|
||||||
|
from app import db
|
||||||
|
|
||||||
from app.auth.models import Permission
|
from app.auth.models import Permission
|
||||||
from app.auth.models import User
|
from app.auth.models import User
|
||||||
from app.decorators import (
|
from app.decorators import (
|
||||||
@ -55,7 +57,8 @@ from app.scodoc import html_sco_header
|
|||||||
from app.scodoc import sco_users
|
from app.scodoc import sco_users
|
||||||
from app.scodoc import sco_utils as scu
|
from app.scodoc import sco_utils as scu
|
||||||
from app.scodoc.notes_log import log
|
from app.scodoc.notes_log import log
|
||||||
|
from app.scodoc.sco_permissions_check import can_handle_passwd
|
||||||
|
from app.scodoc.sco_exceptions import AccessDenied
|
||||||
from app.views import users_bp as bp
|
from app.views import users_bp as bp
|
||||||
|
|
||||||
|
|
||||||
@ -437,3 +440,100 @@ def get_user_list_xml(context, dept=None, start="", limit=25, REQUEST=None):
|
|||||||
doc.rs(user["nomplogin"], id=user["user_id"], info="")
|
doc.rs(user["nomplogin"], id=user["user_id"], info="")
|
||||||
doc._pop()
|
doc._pop()
|
||||||
return repr(doc)
|
return repr(doc)
|
||||||
|
|
||||||
|
|
||||||
|
@bp.route("/form_change_password")
|
||||||
|
@permission_required(Permission.ScoView)
|
||||||
|
@scodoc7func(context)
|
||||||
|
def form_change_password(REQUEST, user_name=None):
|
||||||
|
"""Formulaire de changement mot de passe de l'utilisateur user_name.
|
||||||
|
Un utilisateur peut toujours changer son propre mot de passe.
|
||||||
|
"""
|
||||||
|
if not user_name:
|
||||||
|
u = current_user
|
||||||
|
else:
|
||||||
|
u = User.query.filter_by(user_name=user_name).first()
|
||||||
|
H = [html_sco_header.sco_header(context, REQUEST, user_check=False)]
|
||||||
|
F = html_sco_header.sco_footer(context, REQUEST)
|
||||||
|
# check access
|
||||||
|
if not can_handle_passwd(u):
|
||||||
|
return (
|
||||||
|
"\n".join(H)
|
||||||
|
+ "<p>Vous n'avez pas la permission de changer ce mot de passe</p>"
|
||||||
|
+ F
|
||||||
|
)
|
||||||
|
#
|
||||||
|
H.append(
|
||||||
|
"""<h2>Changement du mot de passe de <font color="red">%(nomplogin)s</font></h2>
|
||||||
|
<p>
|
||||||
|
<form action="change_password" method="post"><table>
|
||||||
|
<tr><td>Nouveau mot de passe:</td><td><input type="password" size="14" name="password"/></td></tr>
|
||||||
|
<tr><td>Confirmation: </td><td><input type="password" size="14" name="password2" /></td></tr>
|
||||||
|
</table>
|
||||||
|
<input type="hidden" value="%(user_name)s" name="user_name">
|
||||||
|
<input type="submit" value="Changer">
|
||||||
|
</p>
|
||||||
|
<p>Vous pouvez aussi: <a class="stdlink" href="reset_password_form?user_name=%(user_name)s">renvoyer un mot de passe aléatoire temporaire par mail à l'utilisateur</a>
|
||||||
|
"""
|
||||||
|
% {"nomplogin": u.get_nomplogin(), "user_name": user_name}
|
||||||
|
)
|
||||||
|
return "\n".join(H) + F
|
||||||
|
|
||||||
|
|
||||||
|
@bp.route("/change_password", methods=["POST"])
|
||||||
|
@permission_required(Permission.ScoView)
|
||||||
|
@scodoc7func(context)
|
||||||
|
def change_password(user_name, password, password2, REQUEST):
|
||||||
|
"Change the password for user given by user_name"
|
||||||
|
u = User.query.filter_by(user_name=user_name).first()
|
||||||
|
# Check access permission
|
||||||
|
if not can_handle_passwd(u):
|
||||||
|
# access denied
|
||||||
|
log(
|
||||||
|
"change_password: access denied (authuser=%s, user_name=%s, ip=%s)"
|
||||||
|
% (REQUEST.AUTHENTICATED_USER, user_name, REQUEST.REMOTE_ADDR)
|
||||||
|
)
|
||||||
|
raise AccessDenied("vous n'avez pas la permission de changer ce mot de passe")
|
||||||
|
H = []
|
||||||
|
F = html_sco_header.sco_footer(context, REQUEST)
|
||||||
|
# check password
|
||||||
|
if password != password2:
|
||||||
|
H.append(
|
||||||
|
"""<p>Les deux mots de passes saisis sont différents !</p>
|
||||||
|
<p><a href="form_change_password?user_name=%s" class="stdlink">Recommencer</a></p>"""
|
||||||
|
% user_name
|
||||||
|
)
|
||||||
|
else:
|
||||||
|
if not sco_users.is_valid_password(password):
|
||||||
|
H.append(
|
||||||
|
"""<p><b>ce mot de passe n\'est pas assez compliqué !</b><br/>(oui, il faut un mot de passe vraiment compliqué !)</p>
|
||||||
|
<p><a href="form_change_password?user_name=%s" class="stdlink">Recommencer</a></p>
|
||||||
|
"""
|
||||||
|
% user_name
|
||||||
|
)
|
||||||
|
else:
|
||||||
|
# ok, strong password
|
||||||
|
db.session.add(u)
|
||||||
|
u.set_password(password)
|
||||||
|
db.session.commit()
|
||||||
|
#
|
||||||
|
# ici page simplifiee car on peut ne plus avoir
|
||||||
|
# le droit d'acceder aux feuilles de style
|
||||||
|
H.append(
|
||||||
|
"<h2>Changement effectué !</h2><p>Ne notez pas ce mot de passe, mais mémorisez le !</p><p>Rappel: il est <b>interdit</b> de communiquer son mot de passe à un tiers, même si c'est un collègue de confiance !</p><p><b>Si vous n'êtes pas administrateur, le système va vous redemander votre login et nouveau mot de passe au prochain accès.</b></p>"
|
||||||
|
)
|
||||||
|
return (
|
||||||
|
"""<?xml version="1.0" encoding="%s"?>
|
||||||
|
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
|
||||||
|
<html>
|
||||||
|
<head>
|
||||||
|
<title>Mot de passe changé</title>
|
||||||
|
<meta http-equiv="Content-Type" content="text/html; charset=%s" />
|
||||||
|
<body><h1>Mot de passe changé !</h1>
|
||||||
|
"""
|
||||||
|
% (scu.SCO_ENCODING, scu.SCO_ENCODING)
|
||||||
|
+ "\n".join(H)
|
||||||
|
+ '<a href="%s" class="stdlink">Continuer</a></body></html>'
|
||||||
|
% scu.ScoURL()
|
||||||
|
)
|
||||||
|
return html_sco_header.sco_header(context, REQUEST) + "\n".join(H) + F
|
||||||
|
Loading…
x
Reference in New Issue
Block a user