parameter for enabling and disabling password recovery + allow superuser password recovery and registration

2024-11-09 13:35:16 +01:00 · 2024-11-09 13:35:16 +01:00 · a50e55daf1
commit a50e55daf1
parent 12526f44d7
4 changed files with 72 additions and 57 deletions
--- a/README.md
+++ b/README.md
@ -36,6 +36,9 @@ All parameters can be added in the django ```settings.py``` or in a ```config.py
 #### USERS_SELF_REGISTRATION
 This parameter can be ```True``` or ```False```. It enables or disables the self registration.

+#### USERS_PASSWORD_RECOVERY
+This parameter can be ```True``` or ```False```. It enables or disables the password recovery.
+
 #### USERS_MAIL_VALIDATION
 This parameter can be ```True``` or ```False```. It enables or disables the mail validation after self registration.

--- a/context.py
+++ b/context.py
@ -33,71 +33,73 @@ def menubar(bar, request):

 def actionbar(bar, request):
    bar.append_entry(*login_entry_parameters(request, left=True))
-    bar.append_entry(*recover_entry_parameters(request, left=True))
-    if parameter.get(parameter.USERS_SELF_REGISTRATION):
+    if parameter.get(parameter.USERS_PASSWORD_RECOVERY) or request.user.is_superuser:
+        bar.append_entry(*recover_entry_parameters(request, left=True))
+    if parameter.get(parameter.USERS_SELF_REGISTRATION) or request.user.is_superuser:
        bar.append_entry(*register_entry_parameters(request, left=True))


 def login_entry_parameters(request, left=False):
    return (
-        LOGIN_ENTRY_UID,                            # uid
-        _('Login'),                                 # name
-        color_icon_url(request, 'login.png'),       # icon
-        url_login(request),                         # url
-        left,                                       # left
-        request.path == url_login(request, True)    # active
+        LOGIN_ENTRY_UID,                                # uid
+        _('Login'),                                     # name
+        color_icon_url(request, 'login.png'),           # icon
+        url_login(request),                             # url
+        left,                                           # left
+        request.path == url_login(request, True)        # active
    )


 def recover_entry_parameters(request, left=False):
    return (
-        RECOVER_ENTRY_UID,                          # uid
-        _('Recover'),                               # name
-        color_icon_url(request, 'recover.png'),     # icon
-        url_recover(request),                       # url
-        left,                                       # left
-        request.path == url_recover(request, True)  # active
+        RECOVER_ENTRY_UID,                              # uid
+        _('Recover'),                                   # name
+        color_icon_url(request, 'recover.png'),         # icon
+        url_recover(request),                           # url
+        left,                                           # left
+        request.path == url_recover(request, True)      # active
    )

+
 def register_entry_parameters(request, left=False):
    return (
-        REGISTER_ENTRY_UID,                         # uid
-        _('Register'),                              # name
-        color_icon_url(request, 'register.png'),    # icon
-        url_register(request),                      # url
-        left,                                       # left
-        request.path == url_register(request, True) # active
+        REGISTER_ENTRY_UID,                             # uid
+        _('Register'),                                  # name
+        color_icon_url(request, 'register.png'),        # icon
+        url_register(request),                          # url
+        left,                                           # left
+        request.path == url_register(request, True)     # active
    )


 def logout_entry_parameters(request):
    return (
-        LOGOUT_ENTRY_UID,                           # uid
-        _('Logout'),                                # name
-        color_icon_url(request, 'logout.png'),      # icon
-        url_logout(request),                        # url
-        False,                                      # left
-        False,                                      # active
+        LOGOUT_ENTRY_UID,                               # uid
+        _('Logout'),                                    # name
+        color_icon_url(request, 'logout.png'),          # icon
+        url_logout(request),                            # url
+        False,                                          # left
+        False,                                          # active
    )


 def admin_entry_parameters(request):
    return (
-        ADMIN_ENTRY_UID,                            # uid
-        _('Administration'),                        # name
-        color_icon_url(request, 'admin.png'),       # icon
-        reverse('admin:index'),                     # url
-        False,                                      # left
-        False                                       # active
+        ADMIN_ENTRY_UID,                                # uid
+        _('Administration'),                            # name
+        color_icon_url(request, 'admin.png'),           # icon
+        reverse('admin:index'),                         # url
+        False,                                          # left
+        False                                           # active
    )


 def profile_entry_parameters(request):
    return (
-        PROFILE_ENTRY_UID,                          # uid
-        request.user.username,                      # name
-        color_icon_url(request, 'user.png'),        # icon
-        url_profile(request),                       # url
-        False,                                      # left
-        request.path == url_profile(request, True)  # active
+        PROFILE_ENTRY_UID,                              # uid
+        request.user.username,                          # name
+        color_icon_url(request, 'user.png'),            # icon
+        url_profile(request),                           # url
+        False,                                          # left
+        request.path == url_profile(request, True)      # active
    )
--- a/parameter.py
+++ b/parameter.py
@ -4,6 +4,8 @@ from django.utils.translation import gettext as _
 import importlib

 USERS_SELF_REGISTRATION = "USERS_SELF_REGISTRATION"
+USERS_PASSWORD_RECOVERY = 'USERS_PASSWORD_RECOVERY'
+
 USERS_MAIL_VALIDATION = "USERS_MAIL_VALIDATION"
 USERS_ADMIN_ACTIVATION = "USERS_ADMIN_ACTIVATION"

@ -12,11 +14,13 @@ USERS_PROFILE_ADDITIONS = "USERS_PROFILE_ADDITIONS"

 DEFAULTS = {
    USERS_SELF_REGISTRATION: False,
+    USERS_PASSWORD_RECOVERY: False,
    USERS_MAIL_VALIDATION: True,
    USERS_ADMIN_ACTIVATION: True,
    USERS_PROFILE_ADDITIONS: {},
 }

+
 def __get_object_by_name__(object_name):
    class_data = object_name.split(".")
    module_path = ".".join(class_data[:-1])
@ -25,6 +29,7 @@ def __get_object_by_name__(object_name):
    module = importlib.import_module(module_path)
    return getattr(module, class_str)

+
 def get(key):
    # take data from config, settings or defaults
    try:
--- a/views.py
+++ b/views.py
@ -59,30 +59,36 @@ def profile(request):
    )
    return render(request, 'users/profile.html', context=context)

+
 def recover(request):
    context = Context(request)      # needs to be executed first because of time mesurement
-    context_adaption(context, request, _('Password Recovery'))
-    if not request.POST:
-        form = PasswordRecoverForm(request)
-    else:
-        username = request.POST.get("username")
-        try:
-            user = User.objects.get(username=username)
-        except User.DoesNotExist:
-            pass # hide non existing user (just do nothing)
+    if parameter.get(parameter.USERS_PASSWORD_RECOVERY) or request.user.is_superuser:
+        context_adaption(context, request, _('Password Recovery'))
+        if not request.POST:
+            form = PasswordRecoverForm(request)
        else:
-            profile = get_userprofile(user)
-            if profile.mail_validated:
-                emails.send_recover_mail(user, request)
-        #
-        messages.info(request, _("If the user exists, you will get a reover email."))
-        return redirect("users-login")
-    context['form'] = form
-    return render(request, 'users/recover.html', context)
+            username = request.POST.get("username")
+            try:
+                user = User.objects.get(username=username)
+            except User.DoesNotExist:
+                pass  # hide non existing user (just do nothing)
+            else:
+                profile = get_userprofile(user)
+                if profile.mail_validated:
+                    emails.send_recover_mail(user, request)
+            #
+            messages.info(request, _("If the user exists, you will get a reover email."))
+            return redirect("users-login")
+        context['form'] = form
+        return render(request, 'users/recover.html', context)
+    else:
+        messages.info(request, _("Password recovery is deactivated. Contact your system administrator."))
+        return redirect('users-login')
+

 def register(request):
    context = Context(request)      # needs to be executed first because of time mesurement
-    if parameter.get(parameter.USERS_SELF_REGISTRATION):
+    if parameter.get(parameter.USERS_SELF_REGISTRATION) or request.user.is_superuser:
        context_adaption(context, request, _('Register'))
        if not request.POST:
            form = UserRegistrationForm()
@ -251,7 +257,6 @@ def activate(request, pk):

 def recover_token(request, uidb64, token):
    context = Context(request)      # needs to be executed first because of time mesurement
-    print(settings.PASSWORD_RESET_TIMEOUT)
    try:
        uid = force_str(urlsafe_base64_decode(uidb64))
    except (TypeError, ValueError, OverflowError, User.DoesNotExist):