diff --git a/apps/perms/templates/perms/asset_permission_list.html b/apps/perms/templates/perms/asset_permission_list.html
index 122635763..95a92f16b 100644
--- a/apps/perms/templates/perms/asset_permission_list.html
+++ b/apps/perms/templates/perms/asset_permission_list.html
@@ -174,10 +174,11 @@ function initTable() {
}
}},
{targets: 8, createdCell: function (td, cellData, rowData) {
+ var name = htmlEscape(rowData.name);
var update_btn = '{% trans "Update" %}'.replace('{{ DEFAULT_PK }}', cellData);
var del_btn = '{% trans "Delete" %}'
.replace('{{ DEFAULT_PK }}', cellData)
- .replace('99991938', rowData.name);
+ .replace('99991938', name);
if (rowData.inherit) {
del_btn = del_btn.replace("mark", "disabled")
}
diff --git a/apps/terminal/templates/terminal/terminal_list.html b/apps/terminal/templates/terminal/terminal_list.html
index 6676a26ab..53325694b 100644
--- a/apps/terminal/templates/terminal/terminal_list.html
+++ b/apps/terminal/templates/terminal/terminal_list.html
@@ -69,16 +69,17 @@ function initTable() {
}
}},
{targets: 6, createdCell: function (td, cellData, rowData) {
+ var name = htmlEscape(rowData.name);
var update_btn = '{% trans "Update" %}'
.replace('{{ DEFAULT_PK }}', cellData);
var delete_btn = '{% trans "Delete" %}'
.replace('{{ DEFAULT_PK }}', cellData)
- .replace('99991938', rowData.name);
+ .replace('99991938', name);
var accept_btn = '{% trans "Accept" %} '
.replace('{{ DEFAULT_PK }}', cellData);
var reject_btn = '{% trans "Reject" %}'
.replace('{{ DEFAULT_PK }}', cellData)
- .replace('99991938', rowData.name);
+ .replace('99991938', name);
if (rowData.is_accepted) {
$(td).html(update_btn + delete_btn);
} else {
diff --git a/apps/users/models/user.py b/apps/users/models/user.py
index 23587b1f1..a6cdf9f0e 100644
--- a/apps/users/models/user.py
+++ b/apps/users/models/user.py
@@ -111,7 +111,7 @@ class AuthMixin:
@property
def password_will_expired(self):
- if self.is_local and self.password_expired_remain_days < 5:
+ if self.is_local and 0 <= self.password_expired_remain_days < 5:
return True
return False
diff --git a/apps/users/tasks.py b/apps/users/tasks.py
index ca8ea73da..ab025cae3 100644
--- a/apps/users/tasks.py
+++ b/apps/users/tasks.py
@@ -20,13 +20,13 @@ logger = get_logger(__file__)
def check_password_expired():
users = User.objects.exclude(role=User.ROLE_APP)
for user in users:
+ if not user.is_valid:
+ continue
if not user.password_will_expired:
continue
-
send_password_expiration_reminder_mail(user)
- logger.info("The user {} password expires in {} days".format(
- user, user.password_expired_remain_days)
- )
+ msg = "The user {} password expires in {} days"
+ logger.info(msg.format(user, user.password_expired_remain_days))
@shared_task
diff --git a/apps/users/templates/users/user_group_list.html b/apps/users/templates/users/user_group_list.html
index 8d3bd3245..c2fa87357 100644
--- a/apps/users/templates/users/user_group_list.html
+++ b/apps/users/templates/users/user_group_list.html
@@ -67,11 +67,12 @@ function initTable() {
$(td).html('' + innerHtml + '');
}},
{targets: 4, createdCell: function (td, cellData, rowData) {
+ var name = htmlEscape(rowData.name);
var update_btn = '{% trans "Update" %}'
.replace('{{ DEFAULT_PK }}', cellData);
var del_btn = '{% trans "Delete" %}'
.replace('{{ DEFAULT_PK }}', cellData)
- .replace('99991938', rowData.name);
+ .replace('99991938', name);
if (rowData.id === 1) {
$(td).html(update_btn)
} else {
diff --git a/apps/users/templates/users/user_list.html b/apps/users/templates/users/user_list.html
index 0c74640de..a2bfde461 100644
--- a/apps/users/templates/users/user_list.html
+++ b/apps/users/templates/users/user_list.html
@@ -97,6 +97,7 @@ function initTable() {
}
}},
{targets: 7, createdCell: function (td, cellData, rowData) {
+ var name = htmlEscape(rowData.name);
var update_btn = "";
if (rowData.role === 'Admin' && ('{{ request.user.role }}' !== 'Admin')) {
update_btn = '{% trans "Update" %}';
@@ -109,11 +110,11 @@ function initTable() {
if (rowData.id === 1 || rowData.username === "admin" || rowData.username === "{{ request.user.username }}" || (rowData.role === 'Admin' && ('{{ request.user.role }}' !== 'Admin'))) {
del_btn = '{% trans "Delete" %}'
.replace('{{ DEFAULT_PK }}', cellData)
- .replace('99991938', rowData.name);
+ .replace('99991938', name);
} else {
del_btn = '{% trans "Delete" %}'
.replace('{{ DEFAULT_PK }}', cellData)
- .replace('99991938', rowData.name);
+ .replace('99991938', name);
}
$(td).html(update_btn + del_btn)
}}],