allura-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From brond...@apache.org
Subject [19/27] git commit: [#7657] ticket:651 Send password reset link
Date Mon, 29 Sep 2014 16:17:50 GMT
[#7657] ticket:651 Send password reset link


Project: http://git-wip-us.apache.org/repos/asf/allura/repo
Commit: http://git-wip-us.apache.org/repos/asf/allura/commit/dab2b72b
Tree: http://git-wip-us.apache.org/repos/asf/allura/tree/dab2b72b
Diff: http://git-wip-us.apache.org/repos/asf/allura/diff/dab2b72b

Branch: refs/heads/db/7657
Commit: dab2b72b9c57802fe4d223a690c2d7677e8c81a8
Parents: 2a5d7de
Author: Igor Bondarenko <jetmind2@gmail.com>
Authored: Wed Sep 17 11:56:19 2014 +0300
Committer: Dave Brondsema <dbrondsema@slashdotmedia.com>
Committed: Fri Sep 26 18:30:46 2014 +0000

----------------------------------------------------------------------
 Allura/allura/controllers/site_admin.py         | 15 +++++++++++-
 .../templates/site_admin_user_details.html      | 16 +++++++++----
 .../allura/tests/functional/test_site_admin.py  | 25 +++++++++++++++++++-
 3 files changed, 49 insertions(+), 7 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/allura/blob/dab2b72b/Allura/allura/controllers/site_admin.py
----------------------------------------------------------------------
diff --git a/Allura/allura/controllers/site_admin.py b/Allura/allura/controllers/site_admin.py
index ef75906..271e50b 100644
--- a/Allura/allura/controllers/site_admin.py
+++ b/Allura/allura/controllers/site_admin.py
@@ -28,7 +28,7 @@ from pylons import app_globals as g
 from pylons import tmpl_context as c
 from pylons import request
 from formencode import validators, Invalid
-from webob.exc import HTTPNotFound
+from webob.exc import HTTPNotFound, HTTPFound
 
 from allura.app import SitemapEntry
 from allura.lib import helpers as h
@@ -537,6 +537,19 @@ class AdminUserDetailsController(object):
         flash('Password is set', 'ok')
         redirect(request.referer)
 
+    @expose()
+    @require_post()
+    def send_password_reset_link(self, username=None):
+        user = M.User.by_username(username)
+        if not user or user.is_anonymous():
+            raise HTTPNotFound()
+        email = user.get_pref('email_address')
+        try:
+            allura.controllers.auth.AuthController().password_recovery_hash(email)
+        except HTTPFound:
+            pass  # catch redirect to '/'
+        redirect(request.referer)
+
     @h.vardec
     @expose()
     @require_post()

http://git-wip-us.apache.org/repos/asf/allura/blob/dab2b72b/Allura/allura/templates/site_admin_user_details.html
----------------------------------------------------------------------
diff --git a/Allura/allura/templates/site_admin_user_details.html b/Allura/allura/templates/site_admin_user_details.html
index 3f56efd..fbbb0f4 100644
--- a/Allura/allura/templates/site_admin_user_details.html
+++ b/Allura/allura/templates/site_admin_user_details.html
@@ -28,7 +28,7 @@
     <div class="grid-23">
       <fieldset>
         <legend>General</legend>
-        <div class="grid-17">
+        <div class="grid-16">
         <ul>
           <li>Username: {{ user.username }} (<a href="{{ user.url() }}">Go to
profile page</a>)</li>
           <li>Full name: {{ user.get_pref('display_name') }}</li>
@@ -36,9 +36,9 @@
         </ul>
         </div>
 
-        <div class="grid-5">
+        <div class="grid-6">
         <form action='/nf/admin/user/set_status' method="POST">
-          <div class='grid-5'>
+          <div class='grid-6'>
             <label><input type="radio" name="status" value="enable"{% if not user.disabled
%} checked="checked"{% endif %}>Enabled</label><br>
             <label><input type="radio" name="status" value="disable"{% if user.disabled
%} checked="checked"{% endif %}>Disabled</label>
           </div>
@@ -47,13 +47,19 @@
         </form>
         </div>
 
-        <div class="grid-17">&nbsp;</div>
-        <div class="grid-5">
+        <div class="grid-16">&nbsp;</div>
+        <div class="grid-6">
           <form action='/nf/admin/user/set_random_password' method="POST">
             <input type="submit" value="Set random password">
             <input type='hidden' name='username' value='{{ user.username }}'>
             {{lib.csrf_token()}}
           </form>
+
+          <form action='/nf/admin/user/send_password_reset_link' method="POST">
+            <input type="submit" value="Send password reset link">
+            <input type='hidden' name='username' value='{{ user.username }}'>
+            {{lib.csrf_token()}}
+          </form>
         </div>
       </fieldset>
     </div>

http://git-wip-us.apache.org/repos/asf/allura/blob/dab2b72b/Allura/allura/tests/functional/test_site_admin.py
----------------------------------------------------------------------
diff --git a/Allura/allura/tests/functional/test_site_admin.py b/Allura/allura/tests/functional/test_site_admin.py
index ce8209b..ac018dc 100644
--- a/Allura/allura/tests/functional/test_site_admin.py
+++ b/Allura/allura/tests/functional/test_site_admin.py
@@ -381,7 +381,7 @@ class TestUserDetails(TestController):
     def test_add_comment(self):
         r = self.app.get('/nf/admin/user/test-user')
         assert_not_in(u'Comment by test-admin: I was hêre!', r)
-        form = r.forms[2]
+        form = r.forms[4]
         assert_equal(form['username'].value, 'test-user')
         form['comment'] = u'I was hêre!'
         r = form.submit()
@@ -479,6 +479,29 @@ class TestUserDetails(TestController):
         new_pwd = M.User.by_username('test-user').password
         assert_not_equal(old_pwd, new_pwd)
 
+    @patch('allura.tasks.mail_tasks.sendsimplemail')
+    @patch('allura.lib.helpers.gen_message_id')
+    def test_send_password_reset_link(self, gen_message_id, sendmail):
+        user = M.User.by_username('test-user')
+        user.set_pref('email_address', 'test-user@example.org')
+        M.EmailAddress(email='test-user@example.org', confirmed=True, claimed_by_user_id=user._id)
+        ThreadLocalORMSession.flush_all()
+        with td.audits('Password recovery link sent to: test-user@example.org', user=True):
+            r = self.app.post('/nf/admin/user/send_password_reset_link', params={'username':
'test-user'})
+        hash = user.get_tool_data('AuthPasswordReset', 'hash')
+        text = '''Your username is test-user
+
+To reset your password on %s, please visit the following URL:
+
+%s/auth/forgotten_password/%s''' % (config['site_name'], config['base_url'], hash)
+        sendmail.post.assert_called_once_with(
+            toaddr='test-user@example.org',
+            fromaddr=config['forgemail.return_path'],
+            reply_to=config['forgemail.return_path'],
+            subject='Allura Password recovery',
+            message_id=gen_message_id(),
+            text=text)
+
 
 @task
 def test_task(*args, **kw):


Mime
View raw message