Show error message when change/reset password of ldap user

2025-09-28 16:17:02 +00:00 · 2014-05-19 11:40:53 +08:00
parent 1a5f051a0e
commit fa31c39409
4 changed files with 17 additions and 4 deletions
--- a/seahub/auth/forms.py
+++ b/seahub/auth/forms.py
@@ -7,7 +7,7 @@ from seahub.base.accounts import User
 from seahub.auth import authenticate
 from seahub.auth.tokens import default_token_generator
 from seahub.utils import IS_EMAIL_CONFIGURED, send_html_email, \
-    is_valid_username
+    is_valid_username, is_ldap_user

 from captcha.fields import CaptchaField

@@ -75,14 +75,17 @@ class PasswordResetForm(forms.Form):
        if not IS_EMAIL_CONFIGURED:
            raise forms.ValidationError(_(u'Failed to send email, email service is not properly configured, please contact administrator.'))
        
-        email = self.cleaned_data["email"].lower()
+        email = self.cleaned_data["email"].lower().strip()

        # TODO: add filter method to UserManager
        try:
            self.users_cache = User.objects.get(email=email)
        except User.DoesNotExist:
            raise forms.ValidationError(_("That e-mail address doesn't have an associated user account. Are you sure you've registered?"))
-        
+
+        if is_ldap_user(self.users_cache):
+            raise forms.ValidationError(_("Can not reset password, please contact LDAP admin."))
+
        return email

    def save(self, domain_override=None, email_template_name='registration/password_reset_email.html',
--- a/seahub/auth/views.py
+++ b/seahub/auth/views.py
@@ -22,8 +22,8 @@ from seahub.auth.decorators import login_required
 from seahub.auth.forms import AuthenticationForm, CaptchaAuthenticationForm
 from seahub.auth.forms import PasswordResetForm, SetPasswordForm, PasswordChangeForm
 from seahub.auth.tokens import default_token_generator
-
 from seahub.base.accounts import User
+from seahub.utils import is_ldap_user

 # Get an instance of a logger
 logger = logging.getLogger(__name__)
@@ -261,6 +261,10 @@ def password_change(request, template_name='registration/password_change_form.ht
                    post_change_redirect=None, password_change_form=PasswordChangeForm):
    if post_change_redirect is None:
        post_change_redirect = reverse('auth_password_change_done')
+
+    if is_ldap_user(request.user):
+        messages.error(request, _("Can not update password, please contact LDAP admin."))
+
    if request.method == "POST":
        form = password_change_form(user=request.user, data=request.POST)
        if form.is_valid():
--- a/seahub/base/accounts.py
+++ b/seahub/base/accounts.py
@@ -71,6 +71,7 @@ class UserManager(object):
        user.is_active = emailuser.is_active
        user.ctime = emailuser.ctime
        user.org = emailuser.org
+        user.source = emailuser.source

        return user

--- a/seahub/utils/init.py
+++ b/seahub/utils/init.py
@@ -232,6 +232,11 @@ def is_valid_username(username):
    """
    return is_valid_email(username)

+def is_ldap_user(user):
+    """Check whether user is a LDAP user.
+    """
+    return user.source == 'LDAP'
+
 def check_filename_with_rename(repo_id, parent_dir, filename):
    cmmts = get_commits(repo_id, 0, 1)
    latest_commit = cmmts[0] if cmmts else None