Add hashed_password argument to do_change_password.

This way we're not directly manipulating user.password() in random management commands. (imported from commit e6e32ae422015ab55184d5d8111148793a8aca36)
2025-11-13 10:26:28 +00:00 · 2013-03-29 13:36:27 -04:00
parent 80747567c0
commit 9317035fc7
3 changed files with 15 additions and 10 deletions
--- a/zephyr/lib/actions.py
+++ b/zephyr/lib/actions.py
@@ -443,8 +443,13 @@ def do_activate_user(user_profile, log=True, join_date=timezone.now()):
                   'user': user.email,
                   'domain': domain})

-def do_change_password(user_profile, password, log=True, commit=True):
+def do_change_password(user_profile, password, log=True, commit=True,
+                       hashed_password=False):
    user = user_profile.user
+    if hashed_password:
+        # This is a hashed password, not the password itself.
+        user.password = password
+    else:
        user.set_password(password)
    if commit:
        user.save(update_fields=["password"])
--- a/zephyr/management/commands/dump_passwords.py
+++ b/zephyr/management/commands/dump_passwords.py
@@ -1,6 +1,7 @@
 from optparse import make_option
 from django.core.management.base import BaseCommand
 from zephyr.models import UserProfile, get_user_profile_by_email
+from zephyr.lib.actions import do_change_password
 import simplejson

 def dump():
@@ -17,8 +18,8 @@ def restore(change):
            print "Skipping...", email
            continue
        if change:
-            user_profile.user.password = password
-            user_profile.user.save()
+            do_change_password(user_profile, password, log=False,
+                               hashed_password=True)

 class Command(BaseCommand):
    option_list = BaseCommand.option_list + (
--- a/zephyr/management/commands/populate_db.py
+++ b/zephyr/management/commands/populate_db.py
@@ -6,7 +6,8 @@ from django.contrib.sites.models import Site
 from zephyr.models import Message, UserProfile, Stream, Recipient, Client, \
    Subscription, Huddle, get_huddle, Realm, UserMessage, StreamColor, \
    get_huddle_hash, clear_database, get_client, get_user_profile_by_id
-from zephyr.lib.actions import do_send_message, set_default_streams, do_activate_user
+from zephyr.lib.actions import do_send_message, set_default_streams, \
+    do_activate_user, do_change_password
 from zephyr.lib.parallel import run_parallel
 from django.db import transaction, connection
 from django.conf import settings
@@ -532,11 +533,9 @@ def restore_saved_messages():
            continue
        elif message_type == "user_change_password":
            # Just handle these the slow way
-            # We can't use do_change_password, since we have the
-            # password hash rather than the password itself
-            user = User.objects.get(email=old_message["user"])
-            user.password = old_message["pwhash"]
-            user.save()
+            user_profile = users[old_message["user"]]
+            do_change_password(user_profile, old_message["pshash"], log=False,
+                               hashed_password=True)
            continue
        elif message_type == "user_change_full_name":
            # Just handle these the slow way