Ticket #14674: ticket14674.diff

File ticket14674.diff, 4.5 KB (added by lrekucki, 5 years ago)
  • django/contrib/auth/forms.py

    diff --git a/django/contrib/auth/forms.py b/django/contrib/auth/forms.py
    index aa33640..908b4e5 100644
    a b  
    1 from django.contrib.auth.models import User
     1from django.contrib.auth.models import User, UNUSABLE_PASSWORD
    22from django.contrib.auth import authenticate
    33from django.contrib.auth.tokens import default_token_generator
    44from django.contrib.sites.models import get_current_site
    from django.template import Context, loader 
    66from django import forms
    77from django.utils.translation import ugettext_lazy as _
    88from django.utils.http import int_to_base36
     9from django.utils.itercompat import any
    910
    1011class UserCreationForm(forms.ModelForm):
    1112    """
    class PasswordResetForm(forms.Form): 
    112113        """
    113114        email = self.cleaned_data["email"]
    114115        self.users_cache = User.objects.filter(email__iexact=email)
    115         if len(self.users_cache) == 0:
     116        if not len(self.users_cache):
    116117            raise forms.ValidationError(_("That e-mail address doesn't have an associated user account. Are you sure you've registered?"))
     118        if any((user.password == UNUSABLE_PASSWORD) for user in self.users_cache):
     119            raise forms.ValidationError(_("The user account associated with this email address cannot reset it's password."))
    117120        return email
    118121
    119122    def save(self, domain_override=None, email_template_name='registration/password_reset_email.html',
  • django/contrib/auth/tests/forms.py

    diff --git a/django/contrib/auth/tests/forms.py b/django/contrib/auth/tests/forms.py
    index 5aa49e0..7fd4846 100644
    a b class PasswordResetFormTest(TestCase): 
    250250        self.assertEqual(user.email, 'tesT@example.com')
    251251        user = User.objects.create_user('forms_test3', 'tesT', 'test')
    252252        self.assertEqual(user.email, 'tesT')
     253
     254    def test_unusable_password(self):
     255        user = User.objects.create_user('testuser', 'test@example.com', 'test')
     256        data = {"email": "test@example.com"}
     257        form = PasswordResetForm(data)
     258        self.assertTrue(form.is_valid())
     259        user.set_unusable_password()
     260        user.save()
     261        form = PasswordResetForm(data)
     262        self.assertFalse(form.is_valid())
     263        self.assertEqual(form["email"].errors,
     264                         [u"The user account associated with this email address cannot reset it's password."])
  • django/utils/itercompat.py

    diff --git a/django/utils/itercompat.py b/django/utils/itercompat.py
    index ab27c3e..4e2a4d8 100644
    a b these implementations if necessary. 
    66
    77import itertools
    88
     9__all__ = [
     10    'all',
     11    'any',
     12    'is_iterable',
     13    'product',
     14]
     15
    916# Fallback for Python 2.4, Python 2.5
    10 def product(*args, **kwds):
     17def _product(*args, **kwds):
    1118    """
    1219    Taken from http://docs.python.org/library/itertools.html#itertools.product
    1320    """
    def product(*args, **kwds): 
    1926        result = [x+[y] for x in result for y in pool]
    2027    for prod in result:
    2128        yield tuple(prod)
    22 
    23 if hasattr(itertools, 'product'):
    24     product = itertools.product
     29product = getattr(itertools, 'product', _product)
    2530
    2631def is_iterable(x):
    2732    "A implementation independent way of checking for iterables"
    def is_iterable(x): 
    3237    else:
    3338        return True
    3439
    35 def all(iterable):
     40def _all(iterable):
     41    """
     42    Taken from http://docs.python.org/library/functions.html#all
     43    """
    3644    for item in iterable:
    3745        if not item:
    3846            return False
    3947    return True
     48all = getattr(__builtins__, "all", _all)
     49
     50def _any(iterable):
     51    """
     52    Taken from http://docs.python.org/library/functions.html#any
     53    """
     54    for element in iterable:
     55        if element:
     56            return True
     57    return False
     58any = getattr(__builtins__, "any", _any)
  • docs/topics/auth.txt

    diff --git a/docs/topics/auth.txt b/docs/topics/auth.txt
    index f45c61a..365778f 100644
    a b includes a few other useful built-in views located in 
    945945
    946946        * ``form``: The form for resetting the user's password.
    947947
     948    .. note::
     949
     950       Users flagged with an unusable password (see
     951       :meth:`~django.contrib.auth.models.User.set_unusable_password()`
     952       will not be able to request a password reset. This is done to
     953       prevent a password reset when using an external authentication
     954       source like LDAP.
     955
    948956.. function:: views.password_reset_done(request[, template_name])
    949957
    950958    The page shown after a user has reset their password.
Back to Top