# HG changeset patch # User Marcin Kuzminski # Date 2017-01-02 15:01:43 # Node ID b650c2de1fc693a695b85f2d7768b39579ad58b5 # Parent 2537ec988192679dc674f012eeccdb3ef2b3a6aa auth: disable password change form for accounts that are not managed by RhodeCode. - in case of external accounts such as LDAP/oAuth, password reset doesn't make sense. - make it consisten with other disable forms for external account - fixes #5150 diff --git a/rhodecode/controllers/admin/my_account.py b/rhodecode/controllers/admin/my_account.py --- a/rhodecode/controllers/admin/my_account.py +++ b/rhodecode/controllers/admin/my_account.py @@ -81,6 +81,9 @@ class MyAccountController(BaseController " crucial for entire application"), category='warning') return redirect(url('users')) + c.auth_user = AuthUser( + user_id=c.rhodecode_user.user_id, ip_addr=self.ip_addr) + def _load_my_repos_data(self, watched=False): if watched: admin = False @@ -109,8 +112,7 @@ class MyAccountController(BaseController # url('my_account') c.active = 'profile_edit' self.__load_data() - c.perm_user = AuthUser(user_id=c.rhodecode_user.user_id, - ip_addr=self.ip_addr) + c.perm_user = c.auth_user c.extern_type = c.user.extern_type c.extern_name = c.user.extern_name @@ -182,8 +184,7 @@ class MyAccountController(BaseController """ c.active = 'profile_edit' self.__load_data() - c.perm_user = AuthUser(user_id=c.rhodecode_user.user_id, - ip_addr=self.ip_addr) + c.perm_user = c.auth_user c.extern_type = c.user.extern_type c.extern_name = c.user.extern_name @@ -199,6 +200,7 @@ class MyAccountController(BaseController def my_account_password(self): c.active = 'password' self.__load_data() + c.extern_type = c.user.extern_type schema = user_schema.ChangePasswordSchema().bind( username=c.rhodecode_user.username) @@ -206,7 +208,7 @@ class MyAccountController(BaseController form = forms.Form(schema, buttons=(forms.buttons.save, forms.buttons.reset)) - if request.method == 'POST': + if request.method == 'POST' and c.extern_type == 'rhodecode': controls = request.POST.items() try: valid_data = form.validate(controls) @@ -254,8 +256,7 @@ class MyAccountController(BaseController def my_account_perms(self): c.active = 'perms' self.__load_data() - c.perm_user = AuthUser(user_id=c.rhodecode_user.user_id, - ip_addr=self.ip_addr) + c.perm_user = c.auth_user return render('admin/my_account/my_account.html') diff --git a/rhodecode/templates/admin/my_account/my_account_password.html b/rhodecode/templates/admin/my_account/my_account_password.html --- a/rhodecode/templates/admin/my_account/my_account_password.html +++ b/rhodecode/templates/admin/my_account/my_account_password.html @@ -1,5 +1,13 @@ <%namespace name="widgets" file="/widgets.html"/> <%widgets:panel title="${_('Change Your Account Password')}"> -${c.form.render() | n} + +% if c.extern_type != 'rhodecode': +

${_('Your user account details are managed by an external source. Details cannot be managed here.')} +
${_('Source type')}: ${c.extern_type} +

+% else: + ${c.form.render() | n} +% endif + diff --git a/rhodecode/templates/admin/my_account/my_account_profile_edit.html b/rhodecode/templates/admin/my_account/my_account_profile_edit.html --- a/rhodecode/templates/admin/my_account/my_account_profile_edit.html +++ b/rhodecode/templates/admin/my_account/my_account_profile_edit.html @@ -15,7 +15,10 @@ <% disabled = "disabled" %>
-

${_('Your user account details are managed by an external source, i.e. LDAP. Details cannot be managed here.')}.

+

${_('Your user account details are managed by an external source. Details cannot be managed here.')} +
${_('Source type')}: ${c.extern_type} +

+