Mercurial > kallithea
changeset 5345:de9a3152c206
auth: disable password change when not using internal auth
author | Mads Kiilerich <madski@unity3d.com> |
---|---|
date | Fri, 31 Jul 2015 15:44:07 +0200 |
parents | 0a0595b15c6c |
children | b75f1d0753d6 |
files | kallithea/controllers/admin/my_account.py kallithea/templates/admin/my_account/my_account_password.html |
diffstat | 2 files changed, 14 insertions(+), 1 deletions(-) [+] |
line wrap: on
line diff
--- a/kallithea/controllers/admin/my_account.py Fri Jul 31 15:44:07 2015 +0200 +++ b/kallithea/controllers/admin/my_account.py Fri Jul 31 15:44:07 2015 +0200 @@ -155,7 +155,11 @@ def my_account_password(self): c.active = 'password' self.__load_data() - if request.POST: + + managed_fields = auth_modules.get_managed_fields(c.user) + c.can_change_password = 'password' not in managed_fields + + if request.POST and c.can_change_password: _form = PasswordChangeForm(self.authuser.username)() try: form_result = _form.to_python(request.POST)
--- a/kallithea/templates/admin/my_account/my_account_password.html Fri Jul 31 15:44:07 2015 +0200 +++ b/kallithea/templates/admin/my_account/my_account_password.html Fri Jul 31 15:44:07 2015 +0200 @@ -1,4 +1,7 @@ <div style="font-size: 20px; color: #666666; padding: 0px 0px 10px 0px">${_('Change Your Account Password')}</div> + +%if c.can_change_password: + ${h.form(url('my_account_password'), method='post')} <div class="form"> <div class="fields"> @@ -36,3 +39,9 @@ </div> </div> ${h.end_form()} + +%else: + +${_('This account is managed with %s and the password cannot be changed here') % c.user.extern_type} + +%endif