Fixed #3166 -- Added admin 'Change user password' view. Thanks for the patch, SmileyChris

git-svn-id: http://code.djangoproject.com/svn/django/trunk@4266 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2006-12-30 07:16:25 +00:00 · 2006-12-30 07:16:25 +00:00 · 7180207328
parent 3abf868211
commit 7180207328
5 changed files with 105 additions and 3 deletions
--- a/django/contrib/admin/templates/admin/auth/user/change_password.html
+++ b/django/contrib/admin/templates/admin/auth/user/change_password.html
@ -0,0 +1,52 @@
+{% extends "admin/base_site.html" %}
+{% load i18n admin_modify adminmedia %}
+{% block extrahead %}{{ block.super }}
+<script type="text/javascript" src="../../../../jsi18n/"></script>
+{% for js in javascript_imports %}{% include_admin_script js %}{% endfor %}
+{% endblock %}
+{% block stylesheet %}{% admin_media_prefix %}css/forms.css{% endblock %}
+{% block bodyclass %}{{ opts.app_label }}-{{ opts.object_name.lower }} change-form{% endblock %}
+{% block userlinks %}<a href="../../../../doc/">{% trans 'Documentation' %}</a> / <a href="../../../password_change/">{% trans 'Change password' %}</a> / <a href="../../../logout/">{% trans 'Log out' %}</a>{% endblock %}
+{% block breadcrumbs %}{% if not is_popup %}
+<div class="breadcrumbs">
+     <a href="../../../../">{% trans "Home" %}</a> &rsaquo;
+     <a href="../../">{{ opts.verbose_name_plural|capfirst|escape }}</a> &rsaquo;
+     <a href="../">{{ original|truncatewords:"18"|escape }}</a> &rsaquo;
+     {% trans 'Change password' %}
+</div>
+{% endif %}{% endblock %}
+{% block content %}<div id="content-main">
+<form action="{{ form_url }}" method="post" id="{{ opts.module_name }}_form">{% block form_top %}{% endblock %}
+<div>
+{% if is_popup %}<input type="hidden" name="_popup" value="1" />{% endif %}
+{% if form.error_dict %}
+    <p class="errornote">
+    {% blocktrans count form.error_dict.items|length as counter %}Please correct the error below.{% plural %}Please correct the errors below.{% endblocktrans %}
+    </p>
+{% endif %}
+
+<p>{% blocktrans with original.username|escape as username %}Enter a new username and password for the user <strong>{{ username }}</strong>.{% endblocktrans %}</p>
+
+<fieldset class="module aligned">
+
+<div class="form-row">
+  {{ form.password1.html_error_list }}
+  <label for="id_password1" class="required">{% trans 'Password' %}:</label> {{ form.password1 }}
+</div>
+
+<div class="form-row">
+  {{ form.password2.html_error_list }}
+  <label for="id_password2" class="required">{% trans 'Password (again)' %}:</label> {{ form.password2 }}
+  <p class="help">{% trans 'Enter the same password as above, for verification.' %}</p>
+</div>
+
+</fieldset>
+
+<div class="submit-row">
+<input type="submit" value="{% trans 'Change password' %}" class="default" />
+</div>
+
+<script type="text/javascript">document.getElementById("{{ first_form_field_id }}").focus();</script>
+</div>
+</form></div>
+{% endblock %}
--- a/django/contrib/admin/urls.py
+++ b/django/contrib/admin/urls.py
@ -29,6 +29,8 @@ urlpatterns = patterns('',

    # "Add user" -- a special-case view
    ('^auth/user/add/$', 'django.contrib.admin.views.auth.user_add_stage'),
+    # "Change user password" -- another special-case view
+    ('^auth/user/(\d+)/password/$', 'django.contrib.admin.views.auth.user_change_password'),

    # Add/change/delete/history
    ('^([^/]+)/([^/]+)/$', 'django.contrib.admin.views.main.change_list'),
--- a/django/contrib/admin/views/auth.py
+++ b/django/contrib/admin/views/auth.py
@ -1,10 +1,11 @@
 from django.contrib.admin.views.decorators import staff_member_required
-from django.contrib.auth.forms import UserCreationForm
+from django.contrib.auth.forms import UserCreationForm, AdminPasswordChangeForm
 from django.contrib.auth.models import User
 from django.core.exceptions import PermissionDenied
 from django import oldforms, template
-from django.shortcuts import render_to_response
+from django.shortcuts import render_to_response, get_object_or_404
 from django.http import HttpResponseRedirect
+from django.utils.html import escape

 def user_add_stage(request):
    if not request.user.has_perm('auth.change_user'):
@ -42,3 +43,35 @@ def user_add_stage(request):
        'username_help_text': User._meta.get_field('username').help_text,
    }, context_instance=template.RequestContext(request))
 user_add_stage = staff_member_required(user_add_stage)
+
+def user_change_password(request, id):
+    if not request.user.has_perm('auth.change_user'):
+        raise PermissionDenied
+    user = get_object_or_404(User, pk=id)
+    manipulator = AdminPasswordChangeForm(user)
+    if request.method == 'POST':
+        new_data = request.POST.copy()
+        errors = manipulator.get_validation_errors(new_data)
+        if not errors:
+            new_user = manipulator.save(new_data)
+            msg = _('Password changed successfully.')
+            request.user.message_set.create(message=msg)
+            return HttpResponseRedirect('..')
+    else:
+        errors = new_data = {}
+    form = oldforms.FormWrapper(manipulator, new_data, errors)
+    return render_to_response('admin/auth/user/change_password.html', {
+        'title': _('Change password: %s') % escape(user.username),
+        'form': form,
+        'is_popup': request.REQUEST.has_key('_popup'),
+        'add': True,
+        'change': False,
+        'has_delete_permission': False,
+        'has_change_permission': True,
+        'has_absolute_url': False,
+        'first_form_field_id': 'id_password1',
+        'opts': User._meta,
+        'original': user,
+        'show_save': True,
+    }, context_instance=template.RequestContext(request))
+user_change_password = staff_member_required(user_change_password)
--- a/django/contrib/auth/forms.py
+++ b/django/contrib/auth/forms.py
@ -126,3 +126,18 @@ class PasswordChangeForm(oldforms.Manipulator):
        "Saves the new password."
        self.user.set_password(new_data['new_password1'])
        self.user.save()
+
+class AdminPasswordChangeForm(oldforms.Manipulator):
+    "A form used to change the password of a user in the admin interface."
+    def __init__(self, user):
+        self.user = user
+        self.fields = (
+            oldforms.PasswordField(field_name='password1', length=30, maxlength=60, is_required=True),
+            oldforms.PasswordField(field_name='password2', length=30, maxlength=60, is_required=True,
+                validator_list=[validators.AlwaysMatchesOtherField('password1', _("The two password fields didn't match."))]),
+        )
+
+    def save(self, new_data):
+        "Saves the new password."
+        self.user.set_password(new_data['password1'])
+        self.user.save()
--- a/django/contrib/auth/models.py
+++ b/django/contrib/auth/models.py
@ -91,7 +91,7 @@ class User(models.Model):
    first_name = models.CharField(_('first name'), maxlength=30, blank=True)
    last_name = models.CharField(_('last name'), maxlength=30, blank=True)
    email = models.EmailField(_('e-mail address'), blank=True)
-    password = models.CharField(_('password'), maxlength=128, help_text=_("Use '[algo]$[salt]$[hexdigest]'"))
+    password = models.CharField(_('password'), maxlength=128, help_text=_("Use '[algo]$[salt]$[hexdigest]' or use the <a href=\"password/\">change password form</a>."))
    is_staff = models.BooleanField(_('staff status'), default=False, help_text=_("Designates whether the user can log into this admin site."))
    is_active = models.BooleanField(_('active'), default=True, help_text=_("Designates whether this user can log into the Django admin. Unselect this instead of deleting accounts."))
    is_superuser = models.BooleanField(_('superuser status'), default=False, help_text=_("Designates that this user has all permissions without explicitly assigning them."))