manage: ensure created users have a password (#47943)

2020-11-03 21:52:48 +01:00 · 2020-11-03 21:52:48 +01:00 · 550e5d1bf6
parent 9fe6ce378f
commit 550e5d1bf6
2 changed files with 18 additions and 0 deletions
--- a/src/authentic2/manager/forms.py
+++ b/src/authentic2/manager/forms.py
@ -331,6 +331,9 @@ class UserAddForm(UserChangePasswordForm, UserEditForm):
            raise forms.ValidationError(
                _('You must set a username or an email to set a password or send an activation link.'))

+        if not has_password:
+            self.instance.set_random_password()
+
    def has_email(self):
        return bool(self.cleaned_data.get('email'))

--- a/tests/test_user_manager.py
+++ b/tests/test_user_manager.py
@ -189,6 +189,21 @@ def test_create_user_email_is_unique(app, superuser, settings):
    assert 'This email address is already in use' in response


+def test_create_user_no_password(app, superuser):
+    response = login(app, superuser, '/manage/users/')
+    response = response.click('Add user')
+    response.form.set('first_name', 'John')
+    response.form.set('last_name', 'Doe')
+    response.form.set('generate_password', False)
+    response.form.set('password1', '')
+    response.form.set('password2', '')
+    response.form.set('send_password_reset', False)
+    response = response.form.submit(status=302)
+
+    user = User.objects.filter(is_superuser=False).get()
+    assert user.has_usable_password()
+
+
 def test_manager_user_change_email(app, superuser_or_admin, simple_user, mailoutbox):
    ou = get_default_ou()
    ou.validate_emails = True