middlewares: ouvrir l'accès aux vues de gestion du mot de passe (fixes #21251)

2018-03-19 15:39:05 +01:00 · 2018-03-19 15:39:05 +01:00 · e07bf70d42
parent 82f3e0a853
commit e07bf70d42
1 changed files with 7 additions and 2 deletions
--- a/src/authentic2_cut/middlewares.py
+++ b/src/authentic2_cut/middlewares.py
@ -93,8 +93,13 @@ class CUTMiddleware(object):
                return render(request, 'authentic2/cut-agents-forbidden.html')

            # pas de pages /accounts/ sur moncompte
-            if request.path.startswith('/accounts/'):
-                return redirect(request, 'a2-manager-homepage')
+            p = request.path
+            if 'admin-cut' not in request.get_host():
+                if p.startswith('/accounts/'):
+                    return redirect(request, 'a2-manager-homepage')
+            else:
+                if p.startswith('/accounts/') and not p.startswith('/accounts/password/'):
+                    return redirect(request, 'a2-manager-homepage')

    def process_response(self, request, response):
        if hasattr(request, 'session'):