Commit 49f89101 authored by Mikaël Salson's avatar Mikaël Salson

Merge branch 'feature-s/1682-allow-user-to-modify-password' into 'dev'

Allow user to modify password

Closes #3545 and #1682

See merge request !322
parents dc38385f 04048ecb
Pipeline #96996 passed with stages
in 6 minutes and 43 seconds
......@@ -57,7 +57,7 @@ def index():
reverse=reverse)
def edit():
if auth.is_admin():
if auth.can_modify_user(int(request.vars['id'])):
user = db.auth_user[request.vars["id"]]
log.info("load edit form for user",
extra={'user_id': auth.user.id, 'record_id': request.vars['id'], 'table_name': 'auth_user'})
......@@ -65,24 +65,26 @@ def edit():
return error_message(ACCESS_DENIED)
def edit_form():
if auth.is_admin():
error = ""
if auth.can_modify_user(int(request.vars['id'])):
error = []
if request.vars["first_name"] == "" :
error += "first name needed, "
error.append("first name needed")
if request.vars["last_name"] == "" :
error += "last name needed, "
error.append("last name needed")
if request.vars["email"] == "":
error += "email cannot be empty"
error.append("email cannot be empty")
elif not re.match(r"[^@]+@[^@]+\.[^@]+", request.vars["email"]):
error += "incorrect email format"
error.append("incorrect email format")
if request.vars["password"] != "":
if request.vars["confirm_password"] != request.vars["password"]:
error += "password fields must match"
error.append("password fields must match")
else:
password = db.auth_user.password.validate(request.vars["password"])[0]
if not password:
error.append("Password is too short, should be at least of length "+str(auth.settings.password_min_length))
if error == "":
if len(error) == 0:
data = dict(first_name = request.vars["first_name"],
last_name = request.vars["last_name"],
email = request.vars["email"])
......@@ -98,7 +100,7 @@ def edit_form():
return gluon.contrib.simplejson.dumps(res, separators=(',',':'))
else :
res = {"success" : "false", "message" : error}
res = {"success" : "false", "message" : ', '.join(error)}
log.error(res)
return gluon.contrib.simplejson.dumps(res, separators=(',',':'))
else :
......
......@@ -4,6 +4,7 @@ from gluon.dal import Row, Set, Query
from enum import Enum
from permission_enum import PermissionEnum
import defs
class PermissionLetterMapping(Enum):
admin = 'e'
......@@ -310,6 +311,16 @@ class VidjilAuth(Auth):
and (self.get_permission(PermissionEnum.admin_pre_process.value, 'pre_process', pre_process_id, user)\
or self.is_admin(user))
def can_modify_user(self, id):
'''
Returns True if the current user can modify the user
whose ID is given as parameter
:param: id should be an integer
'''
return self.is_admin() or\
((self.user_id == id) and (not hasattr(defs, 'LIMITED_ACCOUNTS') or self.user_id not in defs.LIMITED_ACCOUNTS))
def can_modify(self, object_of_action, id, user = None):
'''
Returns True if the user can modify the object of action whose ID id id
......
......@@ -79,6 +79,8 @@ auth.settings.two_factor_authentication_group = "auth2step"
crud, service, plugins = Crud(db), Service(), PluginManager()
auth.settings.password_min_length = 6
## create all tables needed by auth if not custom tables
auth.define_tables(username=False, signature=False)
......
......@@ -9,6 +9,9 @@ SMTP_SERVER = 'localhost'
FROM_EMAIL = 'root@vidjil.org'
ADMIN_EMAILS = ['notifications@vidjil.org']
### Specific accounts
LIMITED_ACCOUNTS = [ ]
### address for the sql database
###
DB_ADDRESS = 'sqlite://storage.sqlite'
......
......@@ -22,7 +22,7 @@ class AdminController(unittest.TestCase):
session = Session()
request = Request([])
auth = VidjilAuth(globals(), db)
auth.login_bare("test@vidjil.org", "1234")
auth.login_bare("test@vidjil.org", "123456")
# rewrite info / error functions
# for some reasons we lost them between the testRunner and the testCase but we need them to avoid error so ...
......
......@@ -27,7 +27,7 @@ class ConfigController(unittest.TestCase):
session = Session()
request = Request({})
auth = VidjilAuth(globals(), db)
auth.login_bare("test@vidjil.org", "1234")
auth.login_bare("test@vidjil.org", "123456")
auth.add_permission(group_id, 'admin', db.patient, 0)
auth.add_permission(group_id, 'admin', db.config, 0)
......
......@@ -24,7 +24,7 @@ class DefaultController(unittest.TestCase):
session = Session()
request = Request({})
auth = VidjilAuth(globals(), db)
auth.login_bare("test@vidjil.org", "1234")
auth.login_bare("test@vidjil.org", "123456")
# rewrite info / error functions
# for some reasons we lost them between the testRunner and the testCase but we need them to avoid error so ...
......
......@@ -23,7 +23,7 @@ class FileController(unittest.TestCase):
session = Session()
request = Request({})
auth = VidjilAuth(globals(), db)
auth.login_bare("test@vidjil.org", "1234")
auth.login_bare("test@vidjil.org", "123456")
# rewrite info / error functions
# for some reasons we lost them between the testRunner and the testCase but we need them to avoid error so ...
......
......@@ -19,7 +19,7 @@ class GroupController(unittest.TestCase):
session = Session()
request = Request({})
auth = VidjilAuth(globals(), db)
auth.login_bare("test@vidjil.org", "1234")
auth.login_bare("test@vidjil.org", "123456")
auth.add_permission(group_id, 'admin', db.auth_group, 0)
......
......@@ -22,7 +22,7 @@ class NotificationController(unittest.TestCase):
session = Session()
request = Request({})
auth = VidjilAuth(globals(), db)
auth.login_bare("test@vidjil.org", "1234")
auth.login_bare("test@vidjil.org", "123456")
# rewrite info / error functions
# for some reasons we lost them between the testRunner and the testCase but we need them to avoid error so ...
......
......@@ -19,7 +19,7 @@ class PatientController(unittest.TestCase):
session = Session()
request = Request({})
auth = VidjilAuth(globals(), db)
auth.login_bare("test@vidjil.org", "1234")
auth.login_bare("test@vidjil.org", "123456")
# rewrite info / error functions
# for some reasons we lost them between the testRunner and the testCase but we need them to avoid error so ...
......
......@@ -19,7 +19,7 @@ class Results_fileController(unittest.TestCase):
session = Session()
request = Request({})
auth = VidjilAuth(globals(), db)
auth.login_bare("test@vidjil.org", "1234")
auth.login_bare("test@vidjil.org", "123456")
# rewrite info / error functions
# for some reasons we lost them between the testRunner and the testCase but we need them to avoid error so ...
......
......@@ -19,7 +19,7 @@ class Sample_setController(unittest.TestCase):
session = Session()
request = Request({})
auth = VidjilAuth(globals(), db)
auth.login_bare("test@vidjil.org", "1234")
auth.login_bare("test@vidjil.org", "123456")
# rewrite info / error functions
# for some reasons we lost them between the testRunner and the testCase but we need them to avoid error so ...
......
......@@ -19,7 +19,7 @@ class TagController(unittest.TestCase):
session = Session()
request = Request({})
auth = VidjilAuth(globals(), db)
auth.login_bare("test@vidjil.org", "1234")
auth.login_bare("test@vidjil.org", "123456")
# rewrite info / error functions
# for some reasons we lost them between the testRunner and the testCase but we need them to avoid error so ...
......
......@@ -19,7 +19,7 @@ class UserController(unittest.TestCase):
session = Session()
request = Request({})
auth = VidjilAuth(globals(), db)
auth.login_bare("test@vidjil.org", "1234")
auth.login_bare("test@vidjil.org", "123456")
# rewrite info / error functions
# for some reasons we lost them between the testRunner and the testCase but we need them to avoid error so ...
......
......@@ -13,7 +13,7 @@ class SamplesetlistModel(unittest.TestCase):
execfile("applications/vidjil/models/sample_set_list.py", globals())
global auth
auth = VidjilAuth(globals(), db)
auth.login_bare("test@vidjil.org", "1234")
auth.login_bare("test@vidjil.org", "123456")
def testInit(self):
slist = SampleSetList('patient')
......
......@@ -13,7 +13,7 @@ class SamplesetsModel(unittest.TestCase):
execfile("applications/vidjil/models/SampleSets.py", globals())
global auth
auth = VidjilAuth(globals(), db)
auth.login_bare("test@vidjil.org", "1234")
auth.login_bare("test@vidjil.org", "123456")
# We have the following sample sets
......
......@@ -38,31 +38,31 @@ class VidjilauthModel(unittest.TestCase):
first_name='First',
last_name='Group Tester',
email='group.tester%d@vidjil.org' % count,
password= db.auth_user.password.validate('1234')[0],
password= db.auth_user.password.validate('123456')[0],
)
user_id_sec = db.auth_user.insert(
first_name='Second',
last_name='Group Tester',
email='group.testertoo.%d@vidjil.org' % count,
password=db.auth_user.password.validate('1234')[0]
password=db.auth_user.password.validate('123456')[0]
)
parent_user_id = db.auth_user.insert(
first_name='Par',
last_name='ent',
email='par.end.%d@vidjil.org' % count,
password=db.auth_user.password.validate('1234')[0]
password=db.auth_user.password.validate('123456')[0]
)
admin_user_id = db.auth_user.insert(
first_name='Adm',
last_name='in',
email='adm.in.%d@vidjil.org' % count,
password=db.auth_user.password.validate('1234')[0]
password=db.auth_user.password.validate('123456')[0]
)
auth.login_bare("group.tester%d@vidjil.org" % count, "1234")
auth.login_bare("group.tester%d@vidjil.org" % count, "123456")
count = count + 1
......
......@@ -17,9 +17,9 @@ class User_groupModel(unittest.TestCase):
first_name='test',
last_name='user',
email='tester@vidjil.org',
password= db.auth_user.password.validate('1234')[0],
password= db.auth_user.password.validate('123456')[0],
)
auth.login_bare("tester@vidjil.org", "1234")
auth.login_bare("tester@vidjil.org", "123456")
user_group_id = db.auth_group.insert(
role='user_%d' % user_id
......
......@@ -49,7 +49,7 @@
{{if not auth.is_impersonating() :}}
{{=auth.user.first_name}} {{=auth.user.last_name}}
{{=auth.user.first_name}} {{=auth.user.last_name}} <a href="#" onclick="db.call('user/edit', {'id': '{{=auth.user_id}}'})"><i class="icon-pencil-2" title="Edit my personal informations"></i></a>
{{pass}}
......
......@@ -87,7 +87,7 @@ user_id = db.auth_user.insert(
first_name='Testers',
last_name='Inc',
email='test@vidjil.org',
password= db.auth_user.password.validate('1234')[0],
password= db.auth_user.password.validate('123456')[0],
)
unique_group = db.auth_group.insert(role="user_"+str(user_id), description=" ")
db.auth_membership.insert(user_id=user_id, group_id=unique_group)
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment