You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@allura.apache.org by br...@apache.org on 2014/09/29 18:17:49 UTC
[18/27] git commit: [#7657] ticket:651 Set random password
[#7657] ticket:651 Set random password
Project: http://git-wip-us.apache.org/repos/asf/allura/repo
Commit: http://git-wip-us.apache.org/repos/asf/allura/commit/2a5d7de7
Tree: http://git-wip-us.apache.org/repos/asf/allura/tree/2a5d7de7
Diff: http://git-wip-us.apache.org/repos/asf/allura/diff/2a5d7de7
Branch: refs/heads/db/7657
Commit: 2a5d7de745cb496439714b1aa80451e3050b5563
Parents: c28cf1f
Author: Igor Bondarenko <je...@gmail.com>
Authored: Wed Sep 17 11:23:57 2014 +0300
Committer: Dave Brondsema <db...@slashdotmedia.com>
Committed: Fri Sep 26 18:30:46 2014 +0000
----------------------------------------------------------------------
Allura/allura/controllers/site_admin.py | 12 ++++++++++++
Allura/allura/lib/helpers.py | 6 ++++++
Allura/allura/templates/site_admin_user_details.html | 15 ++++++++++++---
Allura/allura/tests/functional/test_site_admin.py | 10 +++++++++-
4 files changed, 39 insertions(+), 4 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/allura/blob/2a5d7de7/Allura/allura/controllers/site_admin.py
----------------------------------------------------------------------
diff --git a/Allura/allura/controllers/site_admin.py b/Allura/allura/controllers/site_admin.py
index 198207b..ef75906 100644
--- a/Allura/allura/controllers/site_admin.py
+++ b/Allura/allura/controllers/site_admin.py
@@ -525,6 +525,18 @@ class AdminUserDetailsController(object):
flash('User disabled')
redirect(request.referer)
+ @expose()
+ @require_post()
+ def set_random_password(self, username=None):
+ user = M.User.by_username(username)
+ if not user or user.is_anonymous():
+ raise HTTPNotFound()
+ pwd = h.random_password()
+ AuthenticationProvider.get(request).set_password(user, None, pwd)
+ h.auditlog_user('Set random password by %s', c.user.username, user=user)
+ flash('Password is set', 'ok')
+ redirect(request.referer)
+
@h.vardec
@expose()
@require_post()
http://git-wip-us.apache.org/repos/asf/allura/blob/2a5d7de7/Allura/allura/lib/helpers.py
----------------------------------------------------------------------
diff --git a/Allura/allura/lib/helpers.py b/Allura/allura/lib/helpers.py
index dbed410..45ff1fe 100644
--- a/Allura/allura/lib/helpers.py
+++ b/Allura/allura/lib/helpers.py
@@ -26,6 +26,8 @@ import urllib2
import re
import json
import logging
+import string
+import random
import cPickle as pickle
from hashlib import sha1
from datetime import datetime, timedelta
@@ -350,6 +352,10 @@ def cryptographic_nonce(length=40):
return hex_format % tuple(map(ord, os.urandom(length)))
+def random_password(length=20, chars=string.ascii_uppercase + string.digits):
+ return ''.join(random.choice(chars) for x in range(length))
+
+
def ago(start_time, show_date_after=7):
"""
Return time since starting time as a rounded, human readable string.
http://git-wip-us.apache.org/repos/asf/allura/blob/2a5d7de7/Allura/allura/templates/site_admin_user_details.html
----------------------------------------------------------------------
diff --git a/Allura/allura/templates/site_admin_user_details.html b/Allura/allura/templates/site_admin_user_details.html
index 0769c87..3f56efd 100644
--- a/Allura/allura/templates/site_admin_user_details.html
+++ b/Allura/allura/templates/site_admin_user_details.html
@@ -28,7 +28,7 @@
<div class="grid-23">
<fieldset>
<legend>General</legend>
- <div class="grid-19">
+ <div class="grid-17">
<ul>
<li>Username: {{ user.username }} (<a href="{{ user.url() }}">Go to profile page</a>)</li>
<li>Full name: {{ user.get_pref('display_name') }}</li>
@@ -36,9 +36,9 @@
</ul>
</div>
- <div class="grid-3">
+ <div class="grid-5">
<form action='/nf/admin/user/set_status' method="POST">
- <div class='grid-3'>
+ <div class='grid-5'>
<label><input type="radio" name="status" value="enable"{% if not user.disabled %} checked="checked"{% endif %}>Enabled</label><br>
<label><input type="radio" name="status" value="disable"{% if user.disabled %} checked="checked"{% endif %}>Disabled</label>
</div>
@@ -46,6 +46,15 @@
{{lib.csrf_token()}}
</form>
</div>
+
+ <div class="grid-17"> </div>
+ <div class="grid-5">
+ <form action='/nf/admin/user/set_random_password' method="POST">
+ <input type="submit" value="Set random password">
+ <input type='hidden' name='username' value='{{ user.username }}'>
+ {{lib.csrf_token()}}
+ </form>
+ </div>
</fieldset>
</div>
{% endblock general_info %}
http://git-wip-us.apache.org/repos/asf/allura/blob/2a5d7de7/Allura/allura/tests/functional/test_site_admin.py
----------------------------------------------------------------------
diff --git a/Allura/allura/tests/functional/test_site_admin.py b/Allura/allura/tests/functional/test_site_admin.py
index 2dcfc18..ce8209b 100644
--- a/Allura/allura/tests/functional/test_site_admin.py
+++ b/Allura/allura/tests/functional/test_site_admin.py
@@ -20,7 +20,7 @@ import json
import datetime as dt
from mock import patch, MagicMock
-from nose.tools import assert_equal, assert_in, assert_not_in
+from nose.tools import assert_equal, assert_not_equal, assert_in, assert_not_in
from ming.odm import ThreadLocalORMSession
from pylons import tmpl_context as c
from tg import config
@@ -471,6 +471,14 @@ class TestUserDetails(TestController):
# test@example.com set as primary since test2@example.com is deleted
assert_equal(user.get_pref('email_address'), 'test@example.com')
+ def test_set_random_password(self):
+ old_pwd = M.User.by_username('test-user').password
+ with td.audits('Set random password by test-admin', user=True):
+ r = self.app.post('/nf/admin/user/set_random_password', params={'username': 'test-user'})
+ assert_in('Password is set', self.webflash(r))
+ new_pwd = M.User.by_username('test-user').password
+ assert_not_equal(old_pwd, new_pwd)
+
@task
def test_task(*args, **kw):