views: ask for new passord on unlink only if logged using FC (#24835)
This commit is contained in:
parent
f4fce3490f
commit
a57a98cb5e
|
@ -478,30 +478,35 @@ class UnlinkView(LoggerMixin, FormView):
|
|||
|
||||
def get_form_class(self):
|
||||
form_class = Form
|
||||
if not self.request.user.has_usable_password():
|
||||
if self.must_set_password():
|
||||
form_class = SET_PASSWORD_FORM_CLASS
|
||||
return form_class
|
||||
|
||||
def get_form_kwargs(self, **kwargs):
|
||||
kwargs = super(UnlinkView, self).get_form_kwargs(**kwargs)
|
||||
if not self.request.user.has_usable_password():
|
||||
if self.must_set_password():
|
||||
kwargs['user'] = self.request.user
|
||||
return kwargs
|
||||
|
||||
def must_set_password(self):
|
||||
for event in self.request.session.get(constants.AUTHENTICATION_EVENTS_SESSION_KEY, []):
|
||||
if event['how'].startswith('password'):
|
||||
return False
|
||||
return True
|
||||
|
||||
def dispatch(self, request, *args, **kwargs):
|
||||
if not request.user.is_authenticated():
|
||||
raise PermissionDenied()
|
||||
# We prevent unlinking if the user has no usable password and can't change it
|
||||
# because we assume that the password is the unique other mean of authentication
|
||||
# and unlinking would make the account unreachable.
|
||||
if not request.user.has_usable_password() and not \
|
||||
a2_app_settings.A2_REGISTRATION_CAN_CHANGE_PASSWORD:
|
||||
if self.must_set_password() and not a2_app_settings.A2_REGISTRATION_CAN_CHANGE_PASSWORD:
|
||||
# Prevent access to the view.
|
||||
raise Http404
|
||||
return super(UnlinkView, self).dispatch(request, *args, **kwargs)
|
||||
|
||||
def form_valid(self, form):
|
||||
if not self.request.user.has_usable_password():
|
||||
if self.must_set_password():
|
||||
form.save()
|
||||
self.logger.info(u'user %s has set a password', self.request.user)
|
||||
links = models.FcAccount.objects.filter(user=self.request.user)
|
||||
|
@ -514,7 +519,7 @@ class UnlinkView(LoggerMixin, FormView):
|
|||
|
||||
def get_context_data(self, **kwargs):
|
||||
context = super(UnlinkView, self).get_context_data(**kwargs)
|
||||
if not self.request.user.has_usable_password():
|
||||
if self.must_set_password():
|
||||
context['no_password'] = True
|
||||
return context
|
||||
|
||||
|
|
Reference in New Issue