You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@allura.apache.org by je...@apache.org on 2014/09/22 12:28:03 UTC
[22/31] git commit: [#7657] ticket:651 Send password reset link
[#7657] ticket:651 Send password reset link
Project: http://git-wip-us.apache.org/repos/asf/allura/repo
Commit: http://git-wip-us.apache.org/repos/asf/allura/commit/79138814
Tree: http://git-wip-us.apache.org/repos/asf/allura/tree/79138814
Diff: http://git-wip-us.apache.org/repos/asf/allura/diff/79138814
Branch: refs/heads/je/42cc_7657b
Commit: 79138814255f358dcb334355c92aafc3829fe138
Parents: f6a2477
Author: Igor Bondarenko <je...@gmail.com>
Authored: Wed Sep 17 11:56:19 2014 +0300
Committer: Igor Bondarenko <je...@gmail.com>
Committed: Mon Sep 22 11:14:57 2014 +0300
----------------------------------------------------------------------
Allura/allura/controllers/site_admin.py | 15 +++++++++++-
.../templates/site_admin_user_details.html | 16 +++++++++----
.../allura/tests/functional/test_site_admin.py | 25 +++++++++++++++++++-
3 files changed, 49 insertions(+), 7 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/allura/blob/79138814/Allura/allura/controllers/site_admin.py
----------------------------------------------------------------------
diff --git a/Allura/allura/controllers/site_admin.py b/Allura/allura/controllers/site_admin.py
index c2775d2..688aefb 100644
--- a/Allura/allura/controllers/site_admin.py
+++ b/Allura/allura/controllers/site_admin.py
@@ -28,7 +28,7 @@ from pylons import app_globals as g
from pylons import tmpl_context as c
from pylons import request
from formencode import validators, Invalid
-from webob.exc import HTTPNotFound
+from webob.exc import HTTPNotFound, HTTPFound
from allura.app import SitemapEntry
from allura.lib import helpers as h
@@ -534,6 +534,19 @@ class AdminUserDetailsController(object):
flash('Password is set', 'ok')
redirect(request.referer)
+ @expose()
+ @require_post()
+ def send_password_reset_link(self, username=None):
+ user = M.User.by_username(username)
+ if not user or user.is_anonymous():
+ raise HTTPNotFound()
+ email = user.get_pref('email_address')
+ try:
+ allura.controllers.auth.AuthController().password_recovery_hash(email)
+ except HTTPFound:
+ pass # catch redirect to '/'
+ redirect(request.referer)
+
@h.vardec
@expose()
@require_post()
http://git-wip-us.apache.org/repos/asf/allura/blob/79138814/Allura/allura/templates/site_admin_user_details.html
----------------------------------------------------------------------
diff --git a/Allura/allura/templates/site_admin_user_details.html b/Allura/allura/templates/site_admin_user_details.html
index 3f56efd..fbbb0f4 100644
--- a/Allura/allura/templates/site_admin_user_details.html
+++ b/Allura/allura/templates/site_admin_user_details.html
@@ -28,7 +28,7 @@
<div class="grid-23">
<fieldset>
<legend>General</legend>
- <div class="grid-17">
+ <div class="grid-16">
<ul>
<li>Username: {{ user.username }} (<a href="{{ user.url() }}">Go to profile page</a>)</li>
<li>Full name: {{ user.get_pref('display_name') }}</li>
@@ -36,9 +36,9 @@
</ul>
</div>
- <div class="grid-5">
+ <div class="grid-6">
<form action='/nf/admin/user/set_status' method="POST">
- <div class='grid-5'>
+ <div class='grid-6'>
<label><input type="radio" name="status" value="enable"{% if not user.disabled %} checked="checked"{% endif %}>Enabled</label><br>
<label><input type="radio" name="status" value="disable"{% if user.disabled %} checked="checked"{% endif %}>Disabled</label>
</div>
@@ -47,13 +47,19 @@
</form>
</div>
- <div class="grid-17"> </div>
- <div class="grid-5">
+ <div class="grid-16"> </div>
+ <div class="grid-6">
<form action='/nf/admin/user/set_random_password' method="POST">
<input type="submit" value="Set random password">
<input type='hidden' name='username' value='{{ user.username }}'>
{{lib.csrf_token()}}
</form>
+
+ <form action='/nf/admin/user/send_password_reset_link' method="POST">
+ <input type="submit" value="Send password reset link">
+ <input type='hidden' name='username' value='{{ user.username }}'>
+ {{lib.csrf_token()}}
+ </form>
</div>
</fieldset>
</div>
http://git-wip-us.apache.org/repos/asf/allura/blob/79138814/Allura/allura/tests/functional/test_site_admin.py
----------------------------------------------------------------------
diff --git a/Allura/allura/tests/functional/test_site_admin.py b/Allura/allura/tests/functional/test_site_admin.py
index 7f2f00e..5868621 100644
--- a/Allura/allura/tests/functional/test_site_admin.py
+++ b/Allura/allura/tests/functional/test_site_admin.py
@@ -381,7 +381,7 @@ class TestUserDetails(TestController):
def test_add_comment(self):
r = self.app.get('/nf/admin/user/test-user')
assert_not_in(u'Comment by test-admin: I was hêre!', r)
- form = r.forms[2]
+ form = r.forms[4]
assert_equal(form['username'].value, 'test-user')
form['comment'] = u'I was hêre!'
r = form.submit()
@@ -479,6 +479,29 @@ class TestUserDetails(TestController):
new_pwd = M.User.by_username('test-user').password
assert_not_equal(old_pwd, new_pwd)
+ @patch('allura.tasks.mail_tasks.sendsimplemail')
+ @patch('allura.lib.helpers.gen_message_id')
+ def test_send_password_reset_link(self, gen_message_id, sendmail):
+ user = M.User.by_username('test-user')
+ user.set_pref('email_address', 'test-user@example.org')
+ M.EmailAddress(email='test-user@example.org', confirmed=True, claimed_by_user_id=user._id)
+ ThreadLocalORMSession.flush_all()
+ with td.audits('Password recovery link sent to: test-user@example.org', user=True):
+ r = self.app.post('/nf/admin/user/send_password_reset_link', params={'username': 'test-user'})
+ hash = user.get_tool_data('AuthPasswordReset', 'hash')
+ text = '''Your username is test-user
+
+To reset your password on %s, please visit the following URL:
+
+%s/auth/forgotten_password/%s''' % (config['site_name'], config['base_url'], hash)
+ sendmail.post.assert_called_once_with(
+ toaddr='test-user@example.org',
+ fromaddr=config['forgemail.return_path'],
+ reply_to=config['forgemail.return_path'],
+ subject='Allura Password recovery',
+ message_id=gen_message_id(),
+ text=text)
+
@task
def test_task(*args, **kw):