mirror of
https://github.com/retspen/webvirtcloud
synced 2024-12-24 23:25:24 +00:00
add change other user password ability to superusers
This commit is contained in:
parent
fb3ef6be98
commit
de63d9746d
4 changed files with 41 additions and 2 deletions
|
@ -18,7 +18,7 @@
|
||||||
<div class="col-lg-12">
|
<div class="col-lg-12">
|
||||||
<h3 class="page-header">{% trans "Edit Profile" %}</h3>
|
<h3 class="page-header">{% trans "Edit Profile" %}</h3>
|
||||||
{% if perms.accounts.change_password %}
|
{% if perms.accounts.change_password %}
|
||||||
<a href="{% url 'change_password' %}" class="btn btn-primary">{% icon 'lock' %} {% trans "Change Password" %}</a>
|
<a href="{% url 'change_password' %}" class="ml-3 btn btn-primary">{% icon 'lock' %} {% trans "Change Password" %}</a>
|
||||||
{% endif %}
|
{% endif %}
|
||||||
<form method="post" action="" role="form" aria-label="Edit user info form">{% csrf_token %}
|
<form method="post" action="" role="form" aria-label="Edit user info form">{% csrf_token %}
|
||||||
<div class="form-group">
|
<div class="form-group">
|
||||||
|
|
|
@ -1,5 +1,8 @@
|
||||||
from django import forms
|
from django import forms
|
||||||
from django.contrib.auth.models import Group, User
|
from django.contrib.auth.models import Group, User
|
||||||
|
from django.contrib.auth.forms import ReadOnlyPasswordHashField
|
||||||
|
from django.urls import reverse_lazy
|
||||||
|
from django.utils.text import format_lazy
|
||||||
from django.utils.translation import ugettext_lazy as _
|
from django.utils.translation import ugettext_lazy as _
|
||||||
|
|
||||||
from accounts.models import UserAttributes
|
from accounts.models import UserAttributes
|
||||||
|
@ -68,6 +71,16 @@ class UserForm(forms.ModelForm):
|
||||||
'is_superuser',
|
'is_superuser',
|
||||||
]
|
]
|
||||||
|
|
||||||
|
def __init__(self, *args, **kwargs):
|
||||||
|
super(UserForm, self).__init__(*args, **kwargs)
|
||||||
|
password = ReadOnlyPasswordHashField(label=_("Password"),
|
||||||
|
help_text=format_lazy(_("""Raw passwords are not stored, so there is no way to see
|
||||||
|
this user's password, but you can change the password
|
||||||
|
using <a href='{}'>this form</a>."""),
|
||||||
|
reverse_lazy('admin:user_update_password', args=[self.instance.id,]))
|
||||||
|
)
|
||||||
|
self.fields['Password'] = password
|
||||||
|
|
||||||
|
|
||||||
class UserCreateForm(UserForm):
|
class UserCreateForm(UserForm):
|
||||||
password = forms.CharField(widget=forms.PasswordInput)
|
password = forms.CharField(widget=forms.PasswordInput)
|
||||||
|
|
|
@ -1,5 +1,4 @@
|
||||||
from django.urls import path
|
from django.urls import path
|
||||||
from django.contrib.auth.views import PasswordChangeView, PasswordChangeDoneView
|
|
||||||
|
|
||||||
from . import views
|
from . import views
|
||||||
|
|
||||||
|
@ -10,6 +9,7 @@ urlpatterns = [
|
||||||
path('groups/<int:pk>/delete/', views.group_delete, name='group_delete'),
|
path('groups/<int:pk>/delete/', views.group_delete, name='group_delete'),
|
||||||
path('users/', views.user_list, name='user_list'),
|
path('users/', views.user_list, name='user_list'),
|
||||||
path('users/create/', views.user_create, name='user_create'),
|
path('users/create/', views.user_create, name='user_create'),
|
||||||
|
path('users/<int:pk>/update_password/', views.user_update_password, name='user_update_password'),
|
||||||
path('users/<int:pk>/update/', views.user_update, name='user_update'),
|
path('users/<int:pk>/update/', views.user_update, name='user_update'),
|
||||||
path('users/<int:pk>/delete/', views.user_delete, name='user_delete'),
|
path('users/<int:pk>/delete/', views.user_delete, name='user_delete'),
|
||||||
path('users/<int:pk>/block/', views.user_block, name='user_block'),
|
path('users/<int:pk>/block/', views.user_block, name='user_block'),
|
||||||
|
|
|
@ -1,4 +1,7 @@
|
||||||
from django.conf import settings
|
from django.conf import settings
|
||||||
|
from django.contrib import messages
|
||||||
|
from django.contrib.auth import update_session_auth_hash
|
||||||
|
from django.contrib.auth.forms import AdminPasswordChangeForm
|
||||||
from django.contrib.auth.models import Group, User
|
from django.contrib.auth.models import Group, User
|
||||||
from django.core.paginator import Paginator
|
from django.core.paginator import Paginator
|
||||||
from django.shortcuts import get_object_or_404, redirect, render
|
from django.shortcuts import get_object_or_404, redirect, render
|
||||||
|
@ -133,6 +136,29 @@ def user_update(request, pk):
|
||||||
},
|
},
|
||||||
)
|
)
|
||||||
|
|
||||||
|
@superuser_only
|
||||||
|
def user_update_password(request, pk):
|
||||||
|
user = get_object_or_404(User, pk=pk)
|
||||||
|
if request.method == 'POST':
|
||||||
|
form = AdminPasswordChangeForm(user, request.POST)
|
||||||
|
if form.is_valid():
|
||||||
|
user = form.save()
|
||||||
|
update_session_auth_hash(request, user) # Important!
|
||||||
|
messages.success(request, _('User password changed: {}'.format(user.username)))
|
||||||
|
return redirect('admin:user_list')
|
||||||
|
else:
|
||||||
|
messages.error(request, _('Wrong Data Provided'))
|
||||||
|
else:
|
||||||
|
form = AdminPasswordChangeForm(user)
|
||||||
|
|
||||||
|
return render(
|
||||||
|
request,
|
||||||
|
'accounts/change_password_form.html',
|
||||||
|
{
|
||||||
|
'form': form,
|
||||||
|
'user': user.username
|
||||||
|
}
|
||||||
|
)
|
||||||
|
|
||||||
@superuser_only
|
@superuser_only
|
||||||
def user_delete(request, pk):
|
def user_delete(request, pk):
|
||||||
|
|
Loading…
Reference in a new issue