allura-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From brond...@apache.org
Subject [18/27] git commit: [#7657] ticket:651 Set random password
Date Mon, 29 Sep 2014 16:17:49 GMT
[#7657] ticket:651 Set random password


Project: http://git-wip-us.apache.org/repos/asf/allura/repo
Commit: http://git-wip-us.apache.org/repos/asf/allura/commit/2a5d7de7
Tree: http://git-wip-us.apache.org/repos/asf/allura/tree/2a5d7de7
Diff: http://git-wip-us.apache.org/repos/asf/allura/diff/2a5d7de7

Branch: refs/heads/db/7657
Commit: 2a5d7de745cb496439714b1aa80451e3050b5563
Parents: c28cf1f
Author: Igor Bondarenko <jetmind2@gmail.com>
Authored: Wed Sep 17 11:23:57 2014 +0300
Committer: Dave Brondsema <dbrondsema@slashdotmedia.com>
Committed: Fri Sep 26 18:30:46 2014 +0000

----------------------------------------------------------------------
 Allura/allura/controllers/site_admin.py              | 12 ++++++++++++
 Allura/allura/lib/helpers.py                         |  6 ++++++
 Allura/allura/templates/site_admin_user_details.html | 15 ++++++++++++---
 Allura/allura/tests/functional/test_site_admin.py    | 10 +++++++++-
 4 files changed, 39 insertions(+), 4 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/allura/blob/2a5d7de7/Allura/allura/controllers/site_admin.py
----------------------------------------------------------------------
diff --git a/Allura/allura/controllers/site_admin.py b/Allura/allura/controllers/site_admin.py
index 198207b..ef75906 100644
--- a/Allura/allura/controllers/site_admin.py
+++ b/Allura/allura/controllers/site_admin.py
@@ -525,6 +525,18 @@ class AdminUserDetailsController(object):
             flash('User disabled')
         redirect(request.referer)
 
+    @expose()
+    @require_post()
+    def set_random_password(self, username=None):
+        user = M.User.by_username(username)
+        if not user or user.is_anonymous():
+            raise HTTPNotFound()
+        pwd = h.random_password()
+        AuthenticationProvider.get(request).set_password(user, None, pwd)
+        h.auditlog_user('Set random password by %s', c.user.username, user=user)
+        flash('Password is set', 'ok')
+        redirect(request.referer)
+
     @h.vardec
     @expose()
     @require_post()

http://git-wip-us.apache.org/repos/asf/allura/blob/2a5d7de7/Allura/allura/lib/helpers.py
----------------------------------------------------------------------
diff --git a/Allura/allura/lib/helpers.py b/Allura/allura/lib/helpers.py
index dbed410..45ff1fe 100644
--- a/Allura/allura/lib/helpers.py
+++ b/Allura/allura/lib/helpers.py
@@ -26,6 +26,8 @@ import urllib2
 import re
 import json
 import logging
+import string
+import random
 import cPickle as pickle
 from hashlib import sha1
 from datetime import datetime, timedelta
@@ -350,6 +352,10 @@ def cryptographic_nonce(length=40):
     return hex_format % tuple(map(ord, os.urandom(length)))
 
 
+def random_password(length=20, chars=string.ascii_uppercase + string.digits):
+    return ''.join(random.choice(chars) for x in range(length))
+
+
 def ago(start_time, show_date_after=7):
     """
     Return time since starting time as a rounded, human readable string.

http://git-wip-us.apache.org/repos/asf/allura/blob/2a5d7de7/Allura/allura/templates/site_admin_user_details.html
----------------------------------------------------------------------
diff --git a/Allura/allura/templates/site_admin_user_details.html b/Allura/allura/templates/site_admin_user_details.html
index 0769c87..3f56efd 100644
--- a/Allura/allura/templates/site_admin_user_details.html
+++ b/Allura/allura/templates/site_admin_user_details.html
@@ -28,7 +28,7 @@
     <div class="grid-23">
       <fieldset>
         <legend>General</legend>
-        <div class="grid-19">
+        <div class="grid-17">
         <ul>
           <li>Username: {{ user.username }} (<a href="{{ user.url() }}">Go to
profile page</a>)</li>
           <li>Full name: {{ user.get_pref('display_name') }}</li>
@@ -36,9 +36,9 @@
         </ul>
         </div>
 
-        <div class="grid-3">
+        <div class="grid-5">
         <form action='/nf/admin/user/set_status' method="POST">
-          <div class='grid-3'>
+          <div class='grid-5'>
             <label><input type="radio" name="status" value="enable"{% if not user.disabled
%} checked="checked"{% endif %}>Enabled</label><br>
             <label><input type="radio" name="status" value="disable"{% if user.disabled
%} checked="checked"{% endif %}>Disabled</label>
           </div>
@@ -46,6 +46,15 @@
           {{lib.csrf_token()}}
         </form>
         </div>
+
+        <div class="grid-17">&nbsp;</div>
+        <div class="grid-5">
+          <form action='/nf/admin/user/set_random_password' method="POST">
+            <input type="submit" value="Set random password">
+            <input type='hidden' name='username' value='{{ user.username }}'>
+            {{lib.csrf_token()}}
+          </form>
+        </div>
       </fieldset>
     </div>
   {% endblock general_info %}

http://git-wip-us.apache.org/repos/asf/allura/blob/2a5d7de7/Allura/allura/tests/functional/test_site_admin.py
----------------------------------------------------------------------
diff --git a/Allura/allura/tests/functional/test_site_admin.py b/Allura/allura/tests/functional/test_site_admin.py
index 2dcfc18..ce8209b 100644
--- a/Allura/allura/tests/functional/test_site_admin.py
+++ b/Allura/allura/tests/functional/test_site_admin.py
@@ -20,7 +20,7 @@ import json
 import datetime as dt
 
 from mock import patch, MagicMock
-from nose.tools import assert_equal, assert_in, assert_not_in
+from nose.tools import assert_equal, assert_not_equal, assert_in, assert_not_in
 from ming.odm import ThreadLocalORMSession
 from pylons import tmpl_context as c
 from tg import config
@@ -471,6 +471,14 @@ class TestUserDetails(TestController):
         # test@example.com set as primary since test2@example.com is deleted
         assert_equal(user.get_pref('email_address'), 'test@example.com')
 
+    def test_set_random_password(self):
+        old_pwd = M.User.by_username('test-user').password
+        with td.audits('Set random password by test-admin', user=True):
+            r = self.app.post('/nf/admin/user/set_random_password', params={'username': 'test-user'})
+        assert_in('Password is set', self.webflash(r))
+        new_pwd = M.User.by_username('test-user').password
+        assert_not_equal(old_pwd, new_pwd)
+
 
 @task
 def test_task(*args, **kw):


Mime
View raw message