kallithea Changeset - 019026a8cf67

Changeset - 019026a8cf67

Parent rev.

Child rev.

[Not reviewed]

beta

0 6 0

Marcin Kuzminski - 14 years ago 2011-10-25 03:02:28
marcin@python-works.com

implements #237 added password confirmation for my account and admin edit user.

6 files changed with 47 insertions and 9 deletions:

rhodecode/model/forms.py

rhodecode/templates/admin/users/user_add.html

rhodecode/templates/admin/users/user_edit.html

rhodecode/templates/admin/users/user_edit_my_account.html

rhodecode/tests/functional/test_admin_settings.py

rhodecode/tests/functional/test_admin_users.py

0 comments (0 inline, 0 general)

rhodecode/model/forms.py

➞

Show inline comments

@@ @@ -176,26 +176,27 @@ class ValidPassword(formencode.validator @@
                 try:
                     value['new_password'] = \
                         get_crypt_password(value['new_password'])
                 except UnicodeEncodeError:
                     e_dict = {'new_password':_('Invalid characters in password')}
                     raise formencode.Invalid('', value, state, error_dict=e_dict)
             return value
 class ValidPasswordsMatch(formencode.validators.FancyValidator):
     def validate_python(self, value, state):
         if value['password'] != value['password_confirmation']:
         pass_val = value.get('password') or value.get('new_password')
         if pass_val != value['password_confirmation']:
             e_dict = {'password_confirmation':
                    _('Passwords do not match')}
             raise formencode.Invalid('', value, state, error_dict=e_dict)
 class ValidAuth(formencode.validators.FancyValidator):
     messages = {
         'invalid_password':_('invalid password'),
         'invalid_login':_('invalid user name'),
         'disabled_account':_('Your account is disabled')
+    }
     # error mapping
@@ @@ -488,45 +489,46 @@ class LoginForm(formencode.Schema): @@
                                 'tooShort':_('Enter a value %(min)i characters long or more')}
+                            )
     password = UnicodeString(
                             strip=True,
                             min=3,
                             not_empty=True,
                             messages={
                                 'empty':_('Please enter a password'),
                                 'tooShort':_('Enter %(min)i characters or more')}
+                                )
     #chained validators have access to all data
     chained_validators = [ValidAuth]
 def UserForm(edit=False, old_data={}):
     class _UserForm(formencode.Schema):
         allow_extra_fields = True
         filter_extra_fields = True
         username = All(UnicodeString(strip=True, min=1, not_empty=True),
                        ValidUsername(edit, old_data))
         if edit:
             new_password = All(UnicodeString(strip=True, min=6, not_empty=False))
             password_confirmation = All(UnicodeString(strip=True, min=6, not_empty=False))
             admin = StringBoolean(if_missing=False)
         else:
             password = All(UnicodeString(strip=True, min=6, not_empty=True))
             password_confirmation = All(UnicodeString(strip=True, min=6, not_empty=False))
         active = StringBoolean(if_missing=False)
         name = UnicodeString(strip=True, min=1, not_empty=True)
         lastname = UnicodeString(strip=True, min=1, not_empty=True)
         email = All(Email(not_empty=True), UniqSystemEmail(old_data))
         chained_validators = [ValidPassword]
+        chained_validators = [ValidPasswordsMatch, ValidPassword]
     return _UserForm
 def UsersGroupForm(edit=False, old_data={}, available_members=[]):
     class _UsersGroupForm(formencode.Schema):
         allow_extra_fields = True
         filter_extra_fields = True
         users_group_name = All(UnicodeString(strip=True, min=1, not_empty=True),
                        ValidUsersGroup(edit, old_data))

rhodecode/templates/admin/users/user_add.html

➞

Show inline comments

@@ @@ -35,25 +35,34 @@ @@
                     ${h.text('username',class_='small')}
                 </div>
              </div>
              <div class="field">
                 <div class="label">
                     <label for="password">${_('Password')}:</label>
                 </div>
                 <div class="input">
                     ${h.password('password',class_='small')}
                 </div>
              </div>
              <div class="field">
                 <div class="label">
                     <label for="password_confirmation">${_('Password confirmation')}:</label>
                 </div>
                 <div class="input">
                     ${h.password('password_confirmation',class_="small",autocomplete="off")}
                 </div>
              </div>
              <div class="field">
                 <div class="label">
                     <label for="name">${_('First Name')}:</label>
                 </div>
                 <div class="input">
                     ${h.text('name',class_='small')}
                 </div>
              </div>
              <div class="field">
                 <div class="label">
                     <label for="lastname">${_('Last Name')}:</label>

rhodecode/templates/admin/users/user_edit.html

➞

Show inline comments

@@ @@ -59,25 +59,34 @@ @@
                     ${h.text('ldap_dn',class_='medium')}
                 </div>
              </div>
              <div class="field">
                 <div class="label">
                     <label for="new_password">${_('New password')}:</label>
                 </div>
                 <div class="input">
                     ${h.password('new_password',class_='medium',autocomplete="off")}
                 </div>
              </div>
              <div class="field">
                 <div class="label">
                     <label for="password_confirmation">${_('New password confirmation')}:</label>
                 </div>
                 <div class="input">
                     ${h.password('password_confirmation',class_="medium",autocomplete="off")}
                 </div>
              </div>
              <div class="field">
                 <div class="label">
                     <label for="name">${_('First Name')}:</label>
                 </div>
                 <div class="input">
                     ${h.text('name',class_='medium')}
                 </div>
              </div>
              <div class="field">
                 <div class="label">
                     <label for="lastname">${_('Last Name')}:</label>

rhodecode/templates/admin/users/user_edit_my_account.html

➞

Show inline comments

@@ @@ -48,25 +48,34 @@ @@
 	                    ${h.text('username',class_="medium")}
 	                </div>
 	             </div>
 	             <div class="field">
 	                <div class="label">
 	                    <label for="new_password">${_('New password')}:</label>
 	                </div>
 	                <div class="input">
 	                    ${h.password('new_password',class_="medium",autocomplete="off")}
 	                </div>
 	             </div>
                  <div class="field">
                     <div class="label">
                         <label for="password_confirmation">${_('New password confirmation')}:</label>
                     </div>
                     <div class="input">
                         ${h.password('password_confirmation',class_="medium",autocomplete="off")}
                     </div>
                  </div>
 	             <div class="field">
 	                <div class="label">
 	                    <label for="name">${_('First Name')}:</label>
 	                </div>
 	                <div class="input">
 	                    ${h.text('name',class_="medium")}
 	                </div>
 	             </div>
 	             <div class="field">
 	                <div class="label">
 	                    <label for="lastname">${_('Last Name')}:</label>
@@ @@ -145,28 +154,30 @@ @@
 		            %endif
 		            </td>
 		            <td><span class="tooltip" title="${repo['last_change']}">${("r%s:%s") % (repo['rev'],h.short_id(repo['tip']))}</span></td>
 		            <td><a href="${h.url('repo_settings_home',repo_name=repo['name'])}" title="${_('edit')}"><img class="icon" alt="${_('private')}" src="${h.url('/images/icons/application_form_edit.png')}"/></a></td>
 		            <td>
 	                  ${h.form(url('repo_settings_delete', repo_name=repo['name']),method='delete')}
 	                    ${h.submit('remove_%s' % repo['name'],'',class_="delete_icon action_button",onclick="return confirm('Confirm to delete this repository');")}
 	                  ${h.end_form()}
 		            </td>
 		        </tr>
 		     %endfor
 	     %else:
             <div style="padding:5px 0px 10px 0px;">
 	     	${_('No repositories yet')}
 	     	%if h.HasPermissionAny('hg.admin','hg.create.repository')():
 	     		${h.link_to(_('create one now'),h.url('admin_settings_create_repository'))}
+	     		${h.link_to(_('create one now'),h.url('admin_settings_create_repository'),class_="ui-button-small")}
 	     	%endif
             </div>
 	     %endif
 	     </tbody>
 	     </table>
     </div>
 </div>
     <script type="text/javascript">
      var D = YAHOO.util.Dom;
      var E = YAHOO.util.Event;
      var S = YAHOO.util.Selector;
      var q_filter = D.get('q_filter');

rhodecode/tests/functional/test_admin_settings.py

➞

Show inline comments

@@ @@ -128,47 +128,49 @@ class TestAdminSettingsController(TestCo @@
         self.log_user()
         new_email = 'new@mail.pl'
         new_name = 'NewName'
         new_lastname = 'NewLastname'
         new_password = 'test123'
         response = self.app.post(url('admin_settings_my_account_update'),
                                  params=dict(_method='put',
                                              username='test_admin',
                                              new_password=new_password,
                                              password_confirmation = new_password,
                                              password='',
                                              name=new_name,
                                              lastname=new_lastname,
                                              email=new_email,))
         response.follow()
         assert 'Your account was updated successfully' in response.session['flash'][0][1], 'no flash message about success of change'
         user = self.sa.query(User).filter(User.username == 'test_admin').one()
         assert user.email == new_email , 'incorrect user email after update got %s vs %s' % (user.email, new_email)
         assert user.name == new_name, 'updated field mismatch %s vs %s' % (user.name, new_name)
         assert user.lastname == new_lastname, 'updated field mismatch %s vs %s' % (user.lastname, new_lastname)
         assert check_password(new_password, user.password) is True, 'password field mismatch %s vs %s' % (user.password, new_password)
         #bring back the admin settings
         old_email = 'test_admin@mail.com'
         old_name = 'RhodeCode'
         old_lastname = 'Admin'
         old_password = 'test12'
         response = self.app.post(url('admin_settings_my_account_update'), params=dict(
                                                             _method='put',
                                                             username='test_admin',
                                                             new_password=old_password,
                                                             password_confirmation = old_password,
                                                             password='',
                                                             name=old_name,
                                                             lastname=old_lastname,
                                                             email=old_email,))
         response.follow()
         self.checkSessionFlash(response,
                                'Your account was updated successfully')
         user = self.sa.query(User).filter(User.username == 'test_admin').one()
         assert user.email == old_email , 'incorrect user email after update got %s vs %s' % (user.email, old_email)
@@ @@ -177,32 +179,34 @@ class TestAdminSettingsController(TestCo @@
         assert user.lastname == old_lastname, 'updated field mismatch %s vs %s' % (user.lastname, old_lastname)
         assert check_password(old_password, user.password) is True , 'password updated field mismatch %s vs %s' % (user.password, old_password)
     def test_my_account_update_err_email_exists(self):
         self.log_user()
         new_email = 'test_regular@mail.com'#already exisitn email
         response = self.app.post(url('admin_settings_my_account_update'), params=dict(
                                                             _method='put',
                                                             username='test_admin',
                                                             new_password='test12',
                                                             password_confirmation = 'test122',
                                                             name='NewName',
                                                             lastname='NewLastname',
                                                             email=new_email,))
         assert 'This e-mail address is already taken' in response.body, 'Missing error message about existing email'
     def test_my_account_update_err(self):
         self.log_user('test_regular2', 'test12')
         new_email = 'newmail.pl'
         response = self.app.post(url('admin_settings_my_account_update'), params=dict(
                                                             _method='put',
                                                             username='test_admin',
                                                             new_password='test12',
                                                             password_confirmation = 'test122',
                                                             name='NewName',
                                                             lastname='NewLastname',
                                                             email=new_email,))
         assert 'An email address must contain a single @' in response.body, 'Missing error message about wrong email'
         assert 'This username already exists' in response.body, 'Missing error message about existing user'

rhodecode/tests/functional/test_admin_users.py

➞

Show inline comments

@@ @@ -7,30 +7,32 @@ class TestAdminUsersController(TestContr @@
     def test_index(self):
         response = self.app.get(url('users'))
         # Test response...
     def test_index_as_xml(self):
         response = self.app.get(url('formatted_users', format='xml'))
     def test_create(self):
         self.log_user()
         username = 'newtestuser'
         password = 'test12'
         password_confirmation = password
         name = 'name'
         lastname = 'lastname'
         email = 'mail@mail.com'
         response = self.app.post(url('users'), {'username':username,
                                                'password':password,
                                                'password_confirmation':password_confirmation,
                                                'name':name,
                                                'active':True,
                                                'lastname':lastname,
                                                'email':email})
         assert '''created user %s''' % (username) in response.session['flash'][0], 'No flash message about new user'
         new_user = self.sa.query(User).filter(User.username == username).one()
         assert new_user.username == username, 'wrong info about username'
@@ @@ -81,24 +83,25 @@ class TestAdminUsersController(TestContr @@
         response = self.app.post(url('user', id=1), params=dict(_method='put'))
     def test_delete(self):
         self.log_user()
         username = 'newtestuserdeleteme'
         password = 'test12'
         name = 'name'
         lastname = 'lastname'
         email = 'todeletemail@mail.com'
         response = self.app.post(url('users'), {'username':username,
                                                'password':password,
                                                'password_confirmation':password,
                                                'name':name,
                                                'active':True,
                                                'lastname':lastname,
                                                'email':email})
         response = response.follow()
         new_user = self.sa.query(User).filter(User.username == username).one()
         response = self.app.delete(url('user', id=new_user.user_id))
         assert """successfully deleted user""" in response.session['flash'][0], 'No info about user deletion'

0 comments (0 inline, 0 general)