diff --git a/app/api/auth.py b/app/api/auth.py index 0226976c..24348aab 100644 --- a/app/api/auth.py +++ b/app/api/auth.py @@ -33,7 +33,7 @@ token_auth = HTTPTokenAuth() @basic_auth.verify_password def verify_password(username, password): - user = User.query.filter_by(username=username).first() + user = User.query.filter_by(user_name=username).first() if user and user.check_password(password): return user diff --git a/app/auth/forms.py b/app/auth/forms.py index dd1f68ef..3d70054d 100644 --- a/app/auth/forms.py +++ b/app/auth/forms.py @@ -43,8 +43,11 @@ class UserCreationForm(FlaskForm): class ResetPasswordRequestForm(FlaskForm): - email = StringField(_l("Email"), validators=[DataRequired(), Email()]) - submit = SubmitField(_l("Valider ce mot de passe")) + email = StringField( + _l("Adresse email associée à votre compte ScoDoc:"), + validators=[DataRequired(), Email()], + ) + submit = SubmitField(_l("Envoyer")) class ResetPasswordForm(FlaskForm): diff --git a/app/auth/routes.py b/app/auth/routes.py index 61f2bcea..df340151 100644 --- a/app/auth/routes.py +++ b/app/auth/routes.py @@ -98,7 +98,9 @@ def reset_password_request(): current_app.logger.info( "reset_password_request: for unkown user '{}'".format(form.email.data) ) - flash(_("Voir les instructions envoyées par mail")) + flash( + _("Voir les instructions envoyées par mail (pensez à regarder vos spams)") + ) return redirect(url_for("auth.login")) return render_template( "auth/reset_password_request.html", title=_("Reset Password"), form=form diff --git a/app/scodoc/sco_users.py b/app/scodoc/sco_users.py index 3f1b646d..eaf43494 100644 --- a/app/scodoc/sco_users.py +++ b/app/scodoc/sco_users.py @@ -32,6 +32,7 @@ import re from flask import url_for, g, request +from flask.templating import render_template from flask_login import current_user @@ -271,102 +272,6 @@ def user_info(user_name_or_id=None, user=None): return info -def user_info_page(user_name=None): - """Display page of info about given user. - If user_name not specified, user current_user - """ - from app.scodoc.sco_permissions_check import can_handle_passwd - - # peut on divulguer ces infos ? - if not can_handle_passwd(current_user, allow_admindepts=True): - raise AccessDenied("Vous n'avez pas la permission de voir cette page") - - dept = g.scodoc_dept - if not user_name: - user = current_user - else: - user = User.query.filter_by(user_name=user_name).first() - if not user: - raise ScoValueError("invalid user_name") - H = [ - html_sco_header.sco_header( - page_title="Utilisateur %s" % user.user_name, - ) - ] - F = html_sco_header.sco_footer() - H.append("

Utilisateur: %s" % user.user_name) - info = user.to_dict() - if info: - H.append(" (%(status_txt)s)" % info) - H.append("

") - if not info: - H.append( - "

L' utilisateur '%s' n'est pas défini dans ce module.

" % user_name - ) - if user.has_permission(Permission.ScoEditAllNotes, dept): - H.append("

(il peut modifier toutes les notes de %s)

" % dept) - if user.has_permission(Permission.ScoEditAllEvals, dept): - H.append("

(il peut modifier toutes les évaluations de %s)

" % dept) - if user.has_permission(Permission.ScoImplement, dept): - H.append("

(il peut creer des formations en %s)

" % dept) - else: - H.append( - """

- Login : %(user_name)s
- Nom : %(nom)s
- Prénom : %(prenom)s
- Mail : %(email)s
- Roles : %(roles_string)s
- Dept : %(dept)s
- Dernière modif mot de passe: %(date_modif_passwd)s
- Date d'expiration: %(date_expiration)s -

") - - if current_user.user_name == user_name: - H.append( - '

Se déconnecter: logout

' - % url_for("auth.logout") - ) - # Liste des permissions - H.append( - '

Permissions de cet utilisateur dans le département %s:

") - - if current_user.has_permission(Permission.ScoUsersAdmin, dept): - H.append( - '

Liste de tous les utilisateurs

' - % url_for("users.index_html", scodoc_dept=g.scodoc_dept) - ) - return "\n".join(H) + F - - def check_modif_user( edit, enforce_optionals=False, diff --git a/app/templates/auth/change_password.html b/app/templates/auth/change_password.html new file mode 100644 index 00000000..702059c8 --- /dev/null +++ b/app/templates/auth/change_password.html @@ -0,0 +1,52 @@ +{% extends "base.html" %} +{% import 'bootstrap/wtf.html' as wtf %} + +{% macro render_field(field) %} + + {{ field.label }} + {{ field(**kwargs)|safe }} + {% if field.errors %} + + {% endif %} + + +{% endmacro %} + +{% block app_content %} +

Modification du compte ScoDoc {{form.user_name.data}}

+
+

Identifiez-vous avez votre mot de passe actuel

+

Vous pouvez changer le mot de passe et/ou l'adresse email.

+

Les champs vides ne seront pas changés.

+
+
+ {{ form.user_name }} + {{ form.csrf_token }} + + {{ render_field(form.old_password, size=14, + style="padding:1px; margin-left: 1em; margin-top: 4px;") }} + {{ render_field(form.new_password, size=14, + style="padding:1px; margin-left: 1em; margin-top: 12px;") }} + {{ render_field(form.bis_password, size=14, + style="padding:1px; margin-left: 1em; margin-top: 4px;") }} + {{ render_field(form.email, size=40, + style="padding:1px; margin-top: 12px;margin-bottom: 16px; margin-left: 1em;") }} +
+ + #} +{#
Votre identifiant: {{user.user_name}}
#} +{##} +{##} +{#
#} +{#
#} +{# {{ wtf.quick_form(form) }}#} +{#
#} +{#
#} +{% endblock %} \ No newline at end of file diff --git a/app/templates/auth/reset_password_request.html b/app/templates/auth/reset_password_request.html index 6fc7329f..99a37fb2 100644 --- a/app/templates/auth/reset_password_request.html +++ b/app/templates/auth/reset_password_request.html @@ -2,7 +2,7 @@ {% import 'bootstrap/wtf.html' as wtf %} {% block app_content %} -

Reset Password

+

Demande d'un nouveau mot de passe

{{ wtf.quick_form(form) }} diff --git a/app/templates/auth/user_info_page.html b/app/templates/auth/user_info_page.html new file mode 100644 index 00000000..69592999 --- /dev/null +++ b/app/templates/auth/user_info_page.html @@ -0,0 +1,67 @@ +{% extends "base.html" %} +{% import 'bootstrap/wtf.html' as wtf %} + +{% block app_content %} + +

Utilisateur: {{user.user_name}} ({{'actif' if user.active else 'fermé'}})

+

+Login : {{user.user_name}}
+Nom : {{user.nom or ""}}
+Prénom : {{user.prenom or ""}}
+Mail : {{user.email}}
+Roles : {{user.get_roles_string()}}
+Dept : {{user.dept or ""}}
+Dernière modif mot de passe: +{{user.date_modif_passwd.isoformat() if user.date_modif_passwd else ""}}
+Date d'expiration: +{{user.date_expiration.isoformat() if user.date_expiration else "(sans limite)"}} +

+

+ +{% if current_user.id == user.id %} +

Se déconnecter: +logout +

+{% endif %} + +{# Liste des permissions #} +
+

Permissions de cet utilisateur dans le département {dept}:

+
    +{% for p in Permission.description %} +
  • {{Permission.description[p]}} : + {{ + "oui" if user.has_permission(Permission.get_by_name(p), dept) else "non" + }} +
  • +{% endfor %} +
+
+ +{% if current_user.has_permission(Permission.ScoUsersAdmin, dept) %} +

Liste de tous les utilisateurs

+ +{% endif %} + + +{% endblock %} \ No newline at end of file diff --git a/app/templates/base.html b/app/templates/base.html index 0be7c6fc..815ba7b7 100644 --- a/app/templates/base.html +++ b/app/templates/base.html @@ -22,12 +22,19 @@ ScoDoc
+