Commits

Zhang Huangbin committed 196aebf

Ability to change admin's password.

Comments (0)

Files changed (5)

controllers/ldap/admin.py

         return render.admin_profile(
                 mail=self.mail,
                 profile_type=self.profile_type,
-                cur_lang=self.langs.pop('cur_lang'),
-                langmaps=self.langs.pop('langmaps'),
+                cur_lang=self.langs['cur_lang'],
+                langmaps=self.langs['langmaps'],
                 msg=i.get('msg', None),
                 )
 
                     mail=self.mail,
                     data=i,
                     )
-        self.langs = adminLib.get_langs()
-
-        cur_lang = self.langs.pop('cur_lang')
         if result[0] is True:
             web.seeother('/profile/admin/%s/%s?msg=SUCCESS' % (self.profile_type, self.mail))
         else:
+            self.langs = adminLib.get_langs()
+            cur_lang = self.langs['cur_lang']
             return render.admin_profile(
                     mail=self.mail,
                     profile_type=self.profile_type,
                     cur_lang=cur_lang,
-                    langmaps=self.langs.pop('langmaps'),
+                    langmaps=self.langs['langmaps'],
                     msg=result[1],
                     )

libs/ldaplib/admin.py

 import os, sys
 import ldap, ldap.filter
 import web
-from libs import languages
+from libs import languages, iredutils
 from libs.ldaplib import core, attrs, ldaputils
 
 cfg = web.iredconfig
         self.mail = web.safestr(mail)
         self.dn = ldaputils.convEmailToAdminDN(self.mail)
 
-
+        mod_attrs = []
         if self.profile_type == 'general':
             self.lang = web.safestr(data.get('preferredLanguage', 'en_US'))
 
-            mod_attrs = [
+            mod_attrs += [
                     (ldap.MOD_REPLACE, 'preferredLanguage', self.lang)
                     ]
 
             self.newpw = data.get('newpw')
             self.confirmpw = data.get('confirmpw')
 
-            try:
-                # Change password.
-                self.change_passwd(
-                        dn=self.dn,
-                        cur_passwd=self.cur_passwd,
-                        newpw=self.newpw,
-                        confirmpw=self.confirmpw,
-                        )
+            result = iredutils.getNewPassword(self.newpw, self.confirmpw)
+            if result[0] is True:
+                self.passwd = result[1]
+            else:
+                return result
+
+            # Change password.
+            result = self.change_passwd(self.dn, self.cur_passwd, self.passwd)
+            if result[0] is True:
                 return (True, 'SUCCESS')
-            except ldap.LDAPError, e:
-                return (False, str(e))
+            else:
+                return result

libs/ldaplib/core.py

     def init_passwd(self, dn, passwd):
         self.conn.passwd_s(dn, '', passwd)
 
-    def change_passwd(self, dn, cur_passwd, newpw, confirmpw):
-        self.dn = ldap.filter.escape_filter_chars(dn)
-        result = iredutils.getNewPassword(newpw, confirmpw)
-        if result[0] is True:
-            try:
-                # Reference: RFC3062 - LDAP Password Modify Extended Operation
-                self.conn.passwd_s(self.dn, cur_passwd, result[1])
-                return (True, 'SUCCESS')
-            except ldap.LDAPError, e:
-                return (False, str(e))
-        else:
-            return result
+    def change_passwd(self, dn, cur_passwd, newpw):
+        dn = ldap.filter.escape_filter_chars(dn)
+        try:
+            # Reference: RFC3062 - LDAP Password Modify Extended Operation
+            self.conn.passwd_s(dn, cur_passwd, newpw)
+            return (True, 'SUCCESS')
+        except ldap.UNWILLING_TO_PERFORM:
+            return (False, 'INCORRECT_OLDPW')
+        except Exception, e:
+            return (False, str(e))
 
     def check_domain_exist(self, domainName):
         self.result = self.conn.search_s(

templates/default/ldap/admin_profile.html

-{# defined: mail, cur_lang, langmaps, [msg], #}
+{# defined: profile_type, mail, cur_lang, langmaps, [msg], #}
 
 {% extends "layout.html" %}
 
     {% if msg == 'SUCCESS' %}
         <div class="success">{{ _('Profile update success.') }}</div>
     {% else %}
-        <div class="error">{{ msg }}</div>
+        <div class="error">
+        {% if msg == 'INCORRECT_OLDPW' %}
+            {{ _('Current password is incorrect.') }}
+        {% else %}
+            {# Catch-all #}
+            {{ msg }}
+        {% endif %}
+        </div>
     {% endif %}
     </div>
 {% endif %}

templates/default/ldap/layout.html

             <div id="brd-head" class="gen-content">
                 <p class="options">
                     <span>{{ _("Logged in as <strong>%s</strong>." |format(session.get('username'))) }}</span>
-                    <span><a href="{{ctx.homepath}}/profile/admin/{{session.get('username')}}">{{ _('Preferences') }}</a></span>
+                    <span><a href="{{ctx.homepath}}/profile/admin/general/{{session.get('username')}}">{{ _('Preferences') }}</a></span>
                     <span><a href="{{ctx.homepath}}/logout">{{ _('Logout') }}</a></span>
                 </p>
                 {# Preferences #}