kallithea Changeset - 0a0595b15c6c

Changeset - 0a0595b15c6c

Parent rev.

Child rev.

[Not reviewed]

default

0 3 0

Mads Kiilerich - 10 years ago 2015-07-31 15:44:07
madski@unity3d.com

auth: make sure that users only can manage their own primary data if self registration is enabled

With the UI showing exactly which fields are used and which are ignored, there
is no reason to show the 'External Source of Record' warning.

3 files changed with 4 insertions and 8 deletions:

kallithea/controllers/admin/my_account.py

kallithea/templates/admin/my_account/my_account_profile.html

kallithea/templates/admin/users/user_edit_profile.html

0 comments (0 inline, 0 general)

kallithea/controllers/admin/my_account.py

➞

Show inline comments

@@ @@ -102,6 +102,10 @@ class MyAccountController(BaseController @@
         c.perm_user = AuthUser(user_id=self.authuser.user_id)
         c.ip_addr = self.ip_addr
         managed_fields = auth_modules.get_managed_fields(c.user)
         def_user_perms = User.get_default_user().AuthUser.permissions['global']
         if 'hg.register.none' in def_user_perms:
             managed_fields.extend(['username', 'firstname', 'lastname', 'email'])
         c.readonly = lambda n: 'readonly' if n in managed_fields else None
         defaults = c.user.get_dict()

kallithea/templates/admin/my_account/my_account_profile.html

➞

Show inline comments

@@ @@ -20,9 +20,6 @@ ${h.form(url('my_account'), method='post @@
          </div>
         <div class="fields">
             %if c.user.extern_type != c.EXTERN_TYPE_INTERNAL:
                 <strong>${_('Your user is in an external Source of Record; some details cannot be managed here')}.</strong>
             %endif
              <div class="field">
                 <div class="label">
                     <label for="username">${_('Username')}:</label>

kallithea/templates/admin/users/user_edit_profile.html

➞

Show inline comments

@@ @@ -18,11 +18,6 @@ ${h.form(url('update_user', id=c.user.us @@
            </div>
         </div>
         <div class="fields">
             %if c.user.extern_type != c.EXTERN_TYPE_INTERNAL:
              <div class="field">
                <strong>${_('This user is in an external Source of Record (%s); some details cannot be managed here.' % c.user.extern_type)}.</strong>
              </div>
             %endif
              <div class="field">
                 <div class="label">

0 comments (0 inline, 0 general)