From e849716ee4cd4edfb58cf3bb232913b000553512 Mon Sep 17 00:00:00 2001 From: Oskar Hahn Date: Sat, 3 Sep 2011 17:17:29 +0200 Subject: [PATCH] default password and reset function --- openslides/participant/api.py | 10 +++++ openslides/participant/forms.py | 11 +++--- openslides/participant/models.py | 14 +++++++ .../participant/base_participant.html | 1 + .../templates/participant/edit.html | 6 +-- openslides/participant/urls.py | 2 + openslides/participant/views.py | 37 ++++++++++++------- 7 files changed, 60 insertions(+), 21 deletions(-) diff --git a/openslides/participant/api.py b/openslides/participant/api.py index ed154ec45..d953e56b9 100644 --- a/openslides/participant/api.py +++ b/openslides/participant/api.py @@ -9,10 +9,20 @@ :copyright: 2011 by the OpenSlides team, see AUTHORS. :license: GNU GPL, see LICENSE for more details. """ +from random import choice +import string from django.contrib.auth.models import User +def gen_password(): + chars = string.letters + string.digits + newpassword = '' + for i in range(8): + newpassword += choice(chars) + return newpassword + + def gen_username(first_name, last_name): testname = "%s%s" % (first_name, last_name) try: diff --git a/openslides/participant/forms.py b/openslides/participant/forms.py index 9b8007d5d..faca757ab 100644 --- a/openslides/participant/forms.py +++ b/openslides/participant/forms.py @@ -12,24 +12,25 @@ from django.forms import Form, ModelForm, CharField, EmailField, FileField, FileInput, MultipleChoiceField from django.contrib.auth.models import User, Group +from django.contrib.auth.forms import AdminPasswordChangeForm from django.utils.translation import ugettext as _ from participant.models import Profile class UserForm(ModelForm): error_css_class = 'error' required_css_class = 'required' - + first_name = CharField(label=_("First name")) last_name = CharField(label=_("Last name")) - + class Meta: model = User - exclude = ('username', 'password', 'is_staff', 'last_login', 'date_joined', 'user_permissions') + exclude = ('password', 'is_staff', 'last_login', 'date_joined', 'user_permissions') class UsernameForm(ModelForm): error_css_class = 'error' required_css_class = 'required' - + class Meta: model = User exclude = ('first_name', 'last_name', 'email', 'is_active','is_superuser', 'groups', 'password', 'is_staff', 'last_login', 'date_joined', 'user_permissions') @@ -60,4 +61,4 @@ class UserImportForm(Form): error_css_class = 'error' required_css_class = 'required' - csvfile = FileField(widget=FileInput(attrs={'size':'50'}), label=_("CSV File")) \ No newline at end of file + csvfile = FileField(widget=FileInput(attrs={'size':'50'}), label=_("CSV File")) diff --git a/openslides/participant/models.py b/openslides/participant/models.py index 91371cd7c..b867ff06a 100644 --- a/openslides/participant/models.py +++ b/openslides/participant/models.py @@ -14,6 +14,8 @@ from django.db import models from django.contrib.auth.models import User from django.utils.translation import ugettext as _ +from participant.api import gen_password + class Profile(models.Model): GENDER_CHOICES = ( ('none', _('Not specified')), @@ -32,6 +34,11 @@ class Profile(models.Model): group = models.CharField(max_length=100, null=True, blank=True, verbose_name = _("Group")) type = models.CharField(max_length=100, choices=TYPE_CHOICE, default='delegate', verbose_name = _("Typ")) committee = models.CharField(max_length=100, null=True, blank=True, verbose_name = _("Committee")) + firstpassword = models.CharField(max_length=100, null=True, blank=True, verbose_name = _("First Password")) + + + def reset_password(self): + self.user.set_password(self.firstpassword) def __unicode__(self): if self.group: @@ -44,3 +51,10 @@ class Profile(models.Model): ('can_view_participants', "Can see the list of participants"), ('can_manage_participants', "Can manage the participant list"), ) + +def set_first_user_passwords(): + for user in Profile.objects.filter(firstpassword=''): + user.firstpassword = gen_password() + user.user.set_password(user.firstpassword) + user.user.save() + user.save() diff --git a/openslides/participant/templates/participant/base_participant.html b/openslides/participant/templates/participant/base_participant.html index 0ae6a5c4c..39b63bc06 100644 --- a/openslides/participant/templates/participant/base_participant.html +++ b/openslides/participant/templates/participant/base_participant.html @@ -14,6 +14,7 @@
  • {%trans "New user group" %}
  • {%trans 'Print participant list' %}
  • {%trans 'Import' %}
    • +
  • {% trans 'Set Default Passwords' %}
    • {% endif %} {% endblock %} diff --git a/openslides/participant/templates/participant/edit.html b/openslides/participant/templates/participant/edit.html index 377a514e3..bfa14ff8f 100644 --- a/openslides/participant/templates/participant/edit.html +++ b/openslides/participant/templates/participant/edit.html @@ -9,11 +9,11 @@ {% endif %}
    {% csrf_token %} - {% if edituser %} - {{ usernameform.as_p }} - {% endif %} {{ userform.as_p }} {{ profileform.as_p }} + {% if edituser %} + {% trans 'Reset Password' %} + {% endif %} diff --git a/openslides/participant/urls.py b/openslides/participant/urls.py index b58e37ebd..3e201f397 100644 --- a/openslides/participant/urls.py +++ b/openslides/participant/urls.py @@ -27,6 +27,8 @@ urlpatterns = patterns('participant.views', url(r'^participant/group/(?P\d+)/edit$', 'group_edit', name='user_group_edit'), url(r'^participant/group/(?P\d+)/del$', 'group_delete', name='user_group_delete'), url(r'^user/settings$', 'user_settings', name='user_settings'), + url(r'^participant/genpasswords$', 'gen_passwords', name='user_gen_passwords'), + url(r'^participant/resetpassword/(?P\d+)$', 'reset_password', name='user_reset_passwords'), ) urlpatterns += patterns('django.contrib.auth.views', diff --git a/openslides/participant/views.py b/openslides/participant/views.py index 17dfc5ad3..9835ae363 100644 --- a/openslides/participant/views.py +++ b/openslides/participant/views.py @@ -20,9 +20,9 @@ from django.contrib.auth.forms import SetPasswordForm from django.contrib import messages from django.core.urlresolvers import reverse from django.utils.translation import ugettext as _ -from participant.models import Profile +from participant.models import Profile, set_first_user_passwords from participant.api import gen_username -from participant.forms import UserForm, UsernameForm, ProfileForm, UsersettingsForm, UserImportForm, GroupForm +from participant.forms import UserForm, UsernameForm, ProfileForm, UsersettingsForm, UserImportForm, GroupForm, AdminPasswordChangeForm from utils.utils import template, permission_required, gen_confirm_form from utils.pdf import print_userlist @@ -51,7 +51,7 @@ def get_overview(request): pass if 'reverse' in request.GET: query = query.reverse() - + userlist = query.all() users = [] for user in userlist: @@ -81,24 +81,18 @@ def edit(request, user_id=None): if request.method == 'POST': userform = UserForm(request.POST, instance=user, prefix="user") - usernameform = UsernameForm(request.POST, instance=user, prefix="username") try: profileform = ProfileForm(request.POST, instance=user.profile, prefix="profile") except: profileform = ProfileForm(request.POST, prefix="profile") + formlist = [userform, profileform] formerror = 0 - if user: - formlist.append(usernameform) for f in formlist: if not f.is_valid(): formerror += 1 if formerror == 0: user = userform.save() - if user_id is None: - user.username = gen_username(user.first_name, user.last_name) - user.set_password("%s%s" % (user.first_name, user.last_name)) - user.save() profile = profileform.save(commit=False) profile.user = user profile.save() @@ -110,14 +104,12 @@ def edit(request, user_id=None): messages.error(request, _('Please check the form for errors.')) else: userform = UserForm(instance=user, prefix="user") - usernameform = UsernameForm(instance=user, prefix="username") try: profileform = ProfileForm(instance=user.profile, prefix="profile") except AttributeError: profileform = ProfileForm(prefix="profile") return { 'userform': userform, - 'usernameform': usernameform, 'profileform': profileform, 'edituser': user, } @@ -273,4 +265,23 @@ def user_import(request): form = UserImportForm() return { 'form': form, - } \ No newline at end of file + } + + +@permission_required('participant.can_manage_participants') +def gen_passwords(request): + set_first_user_passwords() + return redirect(reverse('user_overview')) + + +@permission_required('participant.can_manage_participants') +def reset_password(request, user_id): + user = User.objects.get(pk=user_id) + if request.method == 'POST': + user.profile.reset_password() + user.profile.save() + messages.success(request, _('The Password for %s was successfully resettet') % user) + else: + gen_confirm_form(request, _('Do you really want to reset the password for %s') % user, + reverse('user_overview')) + return redirect(reverse('user_edit', args=[user_id]))