mirror of
https://github.com/retspen/webvirtcloud
synced 2024-12-24 15:15:22 +00:00
add change other user password ability to superusers
This commit is contained in:
parent
fb3ef6be98
commit
de63d9746d
4 changed files with 41 additions and 2 deletions
|
@ -18,7 +18,7 @@
|
|||
<div class="col-lg-12">
|
||||
<h3 class="page-header">{% trans "Edit Profile" %}</h3>
|
||||
{% if perms.accounts.change_password %}
|
||||
<a href="{% url 'change_password' %}" class="btn btn-primary">{% icon 'lock' %} {% trans "Change Password" %}</a>
|
||||
<a href="{% url 'change_password' %}" class="ml-3 btn btn-primary">{% icon 'lock' %} {% trans "Change Password" %}</a>
|
||||
{% endif %}
|
||||
<form method="post" action="" role="form" aria-label="Edit user info form">{% csrf_token %}
|
||||
<div class="form-group">
|
||||
|
|
|
@ -1,5 +1,8 @@
|
|||
from django import forms
|
||||
from django.contrib.auth.models import Group, User
|
||||
from django.contrib.auth.forms import ReadOnlyPasswordHashField
|
||||
from django.urls import reverse_lazy
|
||||
from django.utils.text import format_lazy
|
||||
from django.utils.translation import ugettext_lazy as _
|
||||
|
||||
from accounts.models import UserAttributes
|
||||
|
@ -68,6 +71,16 @@ class UserForm(forms.ModelForm):
|
|||
'is_superuser',
|
||||
]
|
||||
|
||||
def __init__(self, *args, **kwargs):
|
||||
super(UserForm, self).__init__(*args, **kwargs)
|
||||
password = ReadOnlyPasswordHashField(label=_("Password"),
|
||||
help_text=format_lazy(_("""Raw passwords are not stored, so there is no way to see
|
||||
this user's password, but you can change the password
|
||||
using <a href='{}'>this form</a>."""),
|
||||
reverse_lazy('admin:user_update_password', args=[self.instance.id,]))
|
||||
)
|
||||
self.fields['Password'] = password
|
||||
|
||||
|
||||
class UserCreateForm(UserForm):
|
||||
password = forms.CharField(widget=forms.PasswordInput)
|
||||
|
|
|
@ -1,5 +1,4 @@
|
|||
from django.urls import path
|
||||
from django.contrib.auth.views import PasswordChangeView, PasswordChangeDoneView
|
||||
|
||||
from . import views
|
||||
|
||||
|
@ -10,6 +9,7 @@ urlpatterns = [
|
|||
path('groups/<int:pk>/delete/', views.group_delete, name='group_delete'),
|
||||
path('users/', views.user_list, name='user_list'),
|
||||
path('users/create/', views.user_create, name='user_create'),
|
||||
path('users/<int:pk>/update_password/', views.user_update_password, name='user_update_password'),
|
||||
path('users/<int:pk>/update/', views.user_update, name='user_update'),
|
||||
path('users/<int:pk>/delete/', views.user_delete, name='user_delete'),
|
||||
path('users/<int:pk>/block/', views.user_block, name='user_block'),
|
||||
|
|
|
@ -1,4 +1,7 @@
|
|||
from django.conf import settings
|
||||
from django.contrib import messages
|
||||
from django.contrib.auth import update_session_auth_hash
|
||||
from django.contrib.auth.forms import AdminPasswordChangeForm
|
||||
from django.contrib.auth.models import Group, User
|
||||
from django.core.paginator import Paginator
|
||||
from django.shortcuts import get_object_or_404, redirect, render
|
||||
|
@ -133,6 +136,29 @@ def user_update(request, pk):
|
|||
},
|
||||
)
|
||||
|
||||
@superuser_only
|
||||
def user_update_password(request, pk):
|
||||
user = get_object_or_404(User, pk=pk)
|
||||
if request.method == 'POST':
|
||||
form = AdminPasswordChangeForm(user, request.POST)
|
||||
if form.is_valid():
|
||||
user = form.save()
|
||||
update_session_auth_hash(request, user) # Important!
|
||||
messages.success(request, _('User password changed: {}'.format(user.username)))
|
||||
return redirect('admin:user_list')
|
||||
else:
|
||||
messages.error(request, _('Wrong Data Provided'))
|
||||
else:
|
||||
form = AdminPasswordChangeForm(user)
|
||||
|
||||
return render(
|
||||
request,
|
||||
'accounts/change_password_form.html',
|
||||
{
|
||||
'form': form,
|
||||
'user': user.username
|
||||
}
|
||||
)
|
||||
|
||||
@superuser_only
|
||||
def user_delete(request, pk):
|
||||
|
|
Loading…
Reference in a new issue