Mercurial > kallithea
changeset 3021:b2b93614a7cd beta
Implemented #658 Changing username in LDAP-Mode should not be allowed.
Those username are autocreated, changing them will end up with new account creation after user logs
in again
author | Marcin Kuzminski <marcin@python-works.com> |
---|---|
date | Fri, 23 Nov 2012 21:57:40 +0100 |
parents | 00498b3e4c88 |
children | 0ed42ca7ff9e |
files | rhodecode/controllers/admin/users.py rhodecode/model/user.py rhodecode/templates/admin/users/user_edit.html |
diffstat | 3 files changed, 15 insertions(+), 3 deletions(-) [+] |
line wrap: on
line diff
--- a/rhodecode/controllers/admin/users.py Fri Nov 23 16:59:30 2012 +0100 +++ b/rhodecode/controllers/admin/users.py Fri Nov 23 21:57:40 2012 +0100 @@ -158,13 +158,18 @@ # url('user', id=ID) user_model = UserModel() c.user = user_model.get(id) + c.ldap_dn = c.user.ldap_dn c.perm_user = AuthUser(user_id=id) _form = UserForm(edit=True, old_data={'user_id': id, 'email': c.user.email})() form_result = {} try: form_result = _form.to_python(dict(request.POST)) - user_model.update(id, form_result) + skip_attrs = [] + if c.ldap_dn: + #forbid updating username for ldap accounts + skip_attrs = ['username'] + user_model.update(id, form_result, skip_attrs=skip_attrs) usr = form_result['username'] action_logger(self.rhodecode_user, 'admin_updated_user:%s' % usr, None, self.ip_addr, self.sa) @@ -233,6 +238,7 @@ c.user_email_map = UserEmailMap.query()\ .filter(UserEmailMap.user == c.user).all() user_model = UserModel() + c.ldap_dn = c.user.ldap_dn defaults = c.user.get_dict() defaults.update({ 'create_repo_perm': user_model.has_perm(id, 'hg.create.repository'),
--- a/rhodecode/model/user.py Fri Nov 23 16:59:30 2012 +0100 +++ b/rhodecode/model/user.py Fri Nov 23 21:57:40 2012 +0100 @@ -246,7 +246,7 @@ log.error(traceback.format_exc()) raise - def update(self, user_id, form_data): + def update(self, user_id, form_data, skip_attrs=[]): from rhodecode.lib.auth import get_crypt_password try: user = self.get(user_id, cache=False) @@ -256,6 +256,8 @@ " crucial for entire application")) for k, v in form_data.items(): + if k in skip_attrs: + continue if k == 'new_password' and v: user.password = get_crypt_password(v) user.api_key = generate_api_key(user.username)
--- a/rhodecode/templates/admin/users/user_edit.html Fri Nov 23 16:59:30 2012 +0100 +++ b/rhodecode/templates/admin/users/user_edit.html Fri Nov 23 21:57:40 2012 +0100 @@ -50,7 +50,11 @@ <label for="username">${_('Username')}:</label> </div> <div class="input"> - ${h.text('username',class_='medium')} + %if c.ldap_dn: + ${h.text('username',class_='medium disabled', readonly="readonly")} + %else: + ${h.text('username',class_='medium')} + %endif: </div> </div>