github/supysonic
1
0
Fork 0
mirror of https://github.com/spl0k/supysonic.git synced 2024-09-20 03:11:04 +00:00
Code Issues Releases Wiki Activity

Now admins can modify other users passwords

Browse Source
This commit is contained in:
Óscar García Amor 2017-07-27 10:23:24 +02:00
parent fe5e966dbc
commit fcf1a83234
2 changed files with 11 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
supysonic/frontend/user.py
View File

@ -130,11 +130,14 @@ def change_password(uid):
return redirect(url_for('index')) return redirect(url_for('index'))
user = UserManager.get(store, uid)[1].name user = UserManager.get(store, uid)[1].name
if request.method == 'POST': if request.method == 'POST':
current, new, confirm = map(request.form.get, [ 'current', 'new', 'confirm' ])
error = False error = False
if uid == 'me' or uid == session.get('userid'):
current, new, confirm = map(request.form.get, [ 'current', 'new', 'confirm' ])
if current in ('', None): if current in ('', None):
flash('The current password is required') flash('The current password is required')
error = True error = True
else:
new, confirm = map(request.form.get, [ 'new', 'confirm' ])
if new in ('', None): if new in ('', None):
flash('The new password is required') flash('The new password is required')
error = True error = True
@ -143,10 +146,10 @@ def change_password(uid):
error = True error = True
if not error: if not error:
if uid == 'me': if uid == 'me' or uid == session.get('userid'):
status = UserManager.change_password(store, session.get('userid'), current, new) status = UserManager.change_password(store, session.get('userid'), current, new)
else: else:
status = UserManager.change_password(store, uuid.UUID(uid), current, new) status = UserManager.change_password2(store, UserManager.get(store, uid)[1].name, new)
if status != UserManager.SUCCESS: if status != UserManager.SUCCESS:
flash(UserManager.error_str(status)) flash(UserManager.error_str(status))
else: else:

2
supysonic/templates/change_pass.html
View File

@ -38,6 +38,7 @@
<h2>{{ user }}</h2> <h2>{{ user }}</h2>
</div> </div>
<form method="post"> <form method="post">
{% if session.username == user %}
<div class="form-group"> <div class="form-group">
<label class="sr-only" for="current">Current password</label> <label class="sr-only" for="current">Current password</label>
<div class="input-group"> <div class="input-group">
@ -45,6 +46,7 @@
<input type="password" class="form-control" id="current" name="current" placeholder="Current password" /> <input type="password" class="form-control" id="current" name="current" placeholder="Current password" />
</div> </div>
</div> </div>
{% endif %}
<div class="form-group"> <div class="form-group">
<label class="sr-only" for="new">New password</label> <label class="sr-only" for="new">New password</label>
<div class="input-group"> <div class="input-group">