paulmataruso/zulip
1
0
Fork 0
mirror of https://github.com/zulip/zulip.git synced 2025-11-03 21:43:21 +00:00
Code Issues Packages Projects Releases Wiki Activity

Disable password change when SSO is the only login option

Browse Source 
(imported from commit fd1a14237e2d6ea574331ed178bfc0db5beb18c6)
This commit is contained in:
Kevin Mehall
2013-11-04 17:42:31 -05:00
parent cc2d17d7c0
commit 4a6b7cb20b
7 changed files with 44 additions and 31 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
static/js/setup.js
View File

@@ -32,6 +32,8 @@ $(function () {
}
});
// zxcvbn.js is pretty big, and is only needed on password change, so load it asynchronously.
$.getScript('/static/third/zxcvbn/zxcvbn.js');
if (page_params.password_auth_enabled !== false) {
// zxcvbn.js is pretty big, and is only needed on password change, so load it asynchronously.
$.getScript('/static/third/zxcvbn/zxcvbn.js');
}
});

30
static/js/ui.js
View File

@@ -950,20 +950,22 @@ $(function () {
$("form.your-account-settings").expectOne().ajaxForm({
dataType: 'json', // This seems to be ignored. We still get back an xhr.
beforeSubmit: function (arr, form, options) {
// FIXME: Check that the two password fields match
// FIXME: Use the same jQuery validation plugin as the signup form?
var new_pw = $('#new_password').val();
if (new_pw !== '') {
var password_ok = password_quality(new_pw);
if (password_ok === undefined) {
// zxcvbn.js didn't load, for whatever reason.
settings_change_error(
'An internal error occurred; try reloading the page. ' +
'Sorry for the trouble!');
return false;
} else if (!password_ok) {
settings_change_error('New password is too weak');
return false;
if (page_params.password_auth_enabled !== false) {
// FIXME: Check that the two password fields match
// FIXME: Use the same jQuery validation plugin as the signup form?
var new_pw = $('#new_password').val();
if (new_pw !== '') {
var password_ok = password_quality(new_pw);
if (password_ok === undefined) {
// zxcvbn.js didn't load, for whatever reason.
settings_change_error(
'An internal error occurred; try reloading the page. ' +
'Sorry for the trouble!');
return false;
} else if (!password_ok) {
settings_change_error('New password is too weak');
return false;
}
}
}
return true;

2
templates/zerver/settings.html
View File

@@ -20,6 +20,7 @@
</div>
</div>
{% if password_auth_enabled %}
<div class="control-group" id="pw_change_link">
<label for="change_password_button" class="control-label">Password</label>
<div class="controls">
@@ -64,6 +65,7 @@
</div>
</div>
{% endif %}
<div class="control-group">

2
zerver/context_processors.py
View File

@@ -2,12 +2,14 @@ from __future__ import absolute_import
from django.conf import settings
import ujson
from zproject.backends import password_auth_enabled
def add_settings(request):
return {
'full_navbar': settings.FULL_NAVBAR,
'local_server': settings.LOCAL_SERVER,
'zulip_admin': settings.ZULIP_ADMINISTRATOR,
'password_auth_enabled': password_auth_enabled(),
}
def add_metrics(request):

19
zerver/tests.py
View File

@@ -2248,20 +2248,15 @@ class ChangeSettingsTest(AuthedTestCase):
def test_missing_params(self):
"""
full_name, old_password, and new_password are all required POST
parameters for json_change_settings. (enable_desktop_notifications is
false by default)
full_name is a required POST parameter for json_change_settings.
(enable_desktop_notifications is false by default, and password is
only required if you are changing it)
"""
self.login("hamlet@zulip.com")
required_params = (("full_name", "Foo Bar"),
("old_password", initial_password("hamlet@zulip.com")),
("new_password", initial_password("hamlet@zulip.com")),
("confirm_password", initial_password("hamlet@zulip.com")))
for i in range(len(required_params)):
post_params = dict(required_params[:i] + required_params[i + 1:])
result = self.client.post("/json/settings/change", post_params)
self.assert_json_error(result,
"Missing '%s' argument" % (required_params[i][0],))
result = self.client.post("/json/settings/change", {})
self.assert_json_error(result,
"Missing '%s' argument" % ("full_name",))
def test_mismatching_passwords(self):
"""

8
zerver/views/__init__.py
View File

@@ -66,6 +66,7 @@ from zerver.lib.unminify import SourceMap
from zerver.lib.queue import queue_json_publish
from zerver.lib.utils import statsd, generate_random_token, statsd_key
from zerver import tornado_callbacks
from zproject.backends import password_auth_enabled
from django.db import connection
from confirmation.models import Confirmation
@@ -665,6 +666,7 @@ def home(request):
debug_mode = settings.DEBUG,
test_suite = settings.TEST_SUITE,
poll_timeout = settings.POLL_TIMEOUT,
password_auth_enabled = password_auth_enabled(),
have_initial_messages = user_has_messages,
stream_list = register_ret['subscriptions'],
unsubbed_info = register_ret['unsubscribed'],
@@ -1698,9 +1700,9 @@ def get_subscribers_backend(request, user_profile, stream_name=REQ('stream')):
@has_request_variables
def json_change_settings(request, user_profile,
full_name=REQ,
old_password=REQ,
new_password=REQ,
confirm_password=REQ):
old_password=REQ(default=""),
new_password=REQ(default=""),
confirm_password=REQ(default="")):
if new_password != "" or confirm_password != "":
if new_password != confirm_password:
return json_error("New password must match confirmation password!")

8
zproject/backends.py
View File

@@ -1,11 +1,19 @@
from __future__ import absolute_import
from django.contrib.auth.backends import RemoteUserBackend
import django.contrib.auth
from zerver.models import UserProfile, get_user_profile_by_id, \
get_user_profile_by_email, remote_user_to_email
from openid.consumer.consumer import SUCCESS
def password_auth_enabled():
for backend in django.contrib.auth.get_backends():
if isinstance(backend, EmailAuthBackend):
return True
return False
class ZulipAuthMixin(object):
def get_user(self, user_profile_id):
""" Get a UserProfile object from the user_profile_id. """