Fixed to require the user to input the password when changing the log in ID, since the HTTP digest authentication requires both the log in ID and the password to create and store the new hash in the Mia core application.
This commit is contained in:
parent
7ecc570cf4
commit
990a5686d9
@ -62,7 +62,8 @@ class UserForm(forms.Form):
|
|||||||
"""
|
"""
|
||||||
errors = []
|
errors = []
|
||||||
validators = [self._validate_login_id_unique,
|
validators = [self._validate_login_id_unique,
|
||||||
self._validate_password_required,
|
self._validate_password_new_required,
|
||||||
|
self._validate_password_login_id_changed_required,
|
||||||
self._validate_password2_required,
|
self._validate_password2_required,
|
||||||
self._validate_passwords_equal,
|
self._validate_passwords_equal,
|
||||||
self._validate_is_disabled_not_oneself]
|
self._validate_is_disabled_not_oneself]
|
||||||
@ -92,7 +93,7 @@ class UserForm(forms.Form):
|
|||||||
self.add_error("login_id", error)
|
self.add_error("login_id", error)
|
||||||
raise error
|
raise error
|
||||||
|
|
||||||
def _validate_password_required(self):
|
def _validate_password_new_required(self):
|
||||||
"""Validates whether the password is entered for newly-created users.
|
"""Validates whether the password is entered for newly-created users.
|
||||||
|
|
||||||
Raises:
|
Raises:
|
||||||
@ -107,6 +108,27 @@ class UserForm(forms.Form):
|
|||||||
self.add_error("password", error)
|
self.add_error("password", error)
|
||||||
raise error
|
raise error
|
||||||
|
|
||||||
|
def _validate_password_login_id_changed_required(self):
|
||||||
|
"""Validates whether the password is entered for users whose login ID
|
||||||
|
changed.
|
||||||
|
|
||||||
|
Raises:
|
||||||
|
forms.ValidationError: When the validation fails.
|
||||||
|
"""
|
||||||
|
if self.user is None:
|
||||||
|
return
|
||||||
|
if "login_id" not in self.data:
|
||||||
|
return
|
||||||
|
if self.data["login_id"] == self.user.login_id:
|
||||||
|
return
|
||||||
|
if "password" in self.data:
|
||||||
|
return
|
||||||
|
error = forms.ValidationError(
|
||||||
|
_("Please fill in the password to change the log in ID."),
|
||||||
|
code="password_required")
|
||||||
|
self.add_error("password", error)
|
||||||
|
raise error
|
||||||
|
|
||||||
def _validate_password2_required(self):
|
def _validate_password2_required(self):
|
||||||
"""Validates whether the second password is entered.
|
"""Validates whether the second password is entered.
|
||||||
|
|
||||||
|
@ -7,8 +7,8 @@ msgid ""
|
|||||||
msgstr ""
|
msgstr ""
|
||||||
"Project-Id-Version: mia-core 3.0\n"
|
"Project-Id-Version: mia-core 3.0\n"
|
||||||
"Report-Msgid-Bugs-To: \n"
|
"Report-Msgid-Bugs-To: \n"
|
||||||
"POT-Creation-Date: 2020-08-10 02:42+0800\n"
|
"POT-Creation-Date: 2020-08-11 21:41+0800\n"
|
||||||
"PO-Revision-Date: 2020-08-11 10:14+0800\n"
|
"PO-Revision-Date: 2020-08-11 21:44+0800\n"
|
||||||
"Last-Translator: imacat <imacat@mail.imacat.idv.tw>\n"
|
"Last-Translator: imacat <imacat@mail.imacat.idv.tw>\n"
|
||||||
"Language-Team: Traditional Chinese <imacat@mail.imacat.idv.tw>\n"
|
"Language-Team: Traditional Chinese <imacat@mail.imacat.idv.tw>\n"
|
||||||
"Language: Traditional Chinese\n"
|
"Language: Traditional Chinese\n"
|
||||||
@ -36,23 +36,27 @@ msgstr "請填寫姓名。"
|
|||||||
msgid "This name is too long (max 32 characters)."
|
msgid "This name is too long (max 32 characters)."
|
||||||
msgstr "姓名太長了(最長32個字)。"
|
msgstr "姓名太長了(最長32個字)。"
|
||||||
|
|
||||||
#: mia_core/forms.py:90
|
#: mia_core/forms.py:91
|
||||||
msgid "This log in ID is already in use."
|
msgid "This log in ID is already in use."
|
||||||
msgstr "登入帳號和其他人重複。"
|
msgstr "登入帳號和其他人重複。"
|
||||||
|
|
||||||
#: mia_core/forms.py:105
|
#: mia_core/forms.py:106
|
||||||
msgid "Please fill in the password."
|
msgid "Please fill in the password."
|
||||||
msgstr "請填寫密碼。"
|
msgstr "請填寫密碼。"
|
||||||
|
|
||||||
#: mia_core/forms.py:121
|
#: mia_core/forms.py:127
|
||||||
|
msgid "Please fill in the password to change the log in ID."
|
||||||
|
msgstr "變更登入帳號時,請填寫密碼。"
|
||||||
|
|
||||||
|
#: mia_core/forms.py:143
|
||||||
msgid "Please enter the password again to verify it."
|
msgid "Please enter the password again to verify it."
|
||||||
msgstr "請再次確認密碼。"
|
msgstr "請再次確認密碼。"
|
||||||
|
|
||||||
#: mia_core/forms.py:138
|
#: mia_core/forms.py:160
|
||||||
msgid "The two passwords do not match."
|
msgid "The two passwords do not match."
|
||||||
msgstr "兩次密碼不符,請重新輸入。"
|
msgstr "兩次密碼不符,請重新輸入。"
|
||||||
|
|
||||||
#: mia_core/forms.py:158 mia_core/templates/mia_core/user_form.html:85
|
#: mia_core/forms.py:180 mia_core/templates/mia_core/user_form.html:85
|
||||||
msgid "You cannot disable your own account."
|
msgid "You cannot disable your own account."
|
||||||
msgstr "不能停用自己的帳號。"
|
msgstr "不能停用自己的帳號。"
|
||||||
|
|
||||||
|
@ -7,8 +7,8 @@ msgid ""
|
|||||||
msgstr ""
|
msgstr ""
|
||||||
"Project-Id-Version: mia-core-js 3.0\n"
|
"Project-Id-Version: mia-core-js 3.0\n"
|
||||||
"Report-Msgid-Bugs-To: \n"
|
"Report-Msgid-Bugs-To: \n"
|
||||||
"POT-Creation-Date: 2020-08-09 21:54+0800\n"
|
"POT-Creation-Date: 2020-08-11 21:42+0800\n"
|
||||||
"PO-Revision-Date: 2020-08-11 10:14+0800\n"
|
"PO-Revision-Date: 2020-08-11 21:44+0800\n"
|
||||||
"Last-Translator: imacat <imacat@mail.imacat.idv.tw>\n"
|
"Last-Translator: imacat <imacat@mail.imacat.idv.tw>\n"
|
||||||
"Language-Team: Traditional Chinese <imacat@mail.imacat.idv.tw>\n"
|
"Language-Team: Traditional Chinese <imacat@mail.imacat.idv.tw>\n"
|
||||||
"Language: Traditional Chinese\n"
|
"Language: Traditional Chinese\n"
|
||||||
@ -17,30 +17,34 @@ msgstr ""
|
|||||||
"Content-Transfer-Encoding: 8bit\n"
|
"Content-Transfer-Encoding: 8bit\n"
|
||||||
"Plural-Forms: nplurals=1; plural=0;\n"
|
"Plural-Forms: nplurals=1; plural=0;\n"
|
||||||
|
|
||||||
#: mia_core/static/mia_core/js/user-form.js:129
|
#: mia_core/static/mia_core/js/user-form.js:154
|
||||||
msgid "Please fill in the log in ID."
|
msgid "Please fill in the log in ID."
|
||||||
msgstr "請填寫登入帳號。"
|
msgstr "請填寫登入帳號。"
|
||||||
|
|
||||||
#: mia_core/static/mia_core/js/user-form.js:134
|
#: mia_core/static/mia_core/js/user-form.js:159
|
||||||
msgid "You cannot use slash (/) in the log in ID."
|
msgid "You cannot use slash (/) in the log in ID."
|
||||||
msgstr "登入帳號不可以包含斜線 (/) 。"
|
msgstr "登入帳號不可以包含斜線 (/) 。"
|
||||||
|
|
||||||
#: mia_core/static/mia_core/js/user-form.js:154
|
#: mia_core/static/mia_core/js/user-form.js:179
|
||||||
msgid "This log in ID is already in use."
|
msgid "This log in ID is already in use."
|
||||||
msgstr "登入帳號和其他人重複。"
|
msgstr "登入帳號和其他人重複。"
|
||||||
|
|
||||||
#: mia_core/static/mia_core/js/user-form.js:177
|
#: mia_core/static/mia_core/js/user-form.js:204
|
||||||
|
msgid "Please fill in the password to change the log in ID."
|
||||||
|
msgstr "變更登入帳號時,請填寫密碼。"
|
||||||
|
|
||||||
|
#: mia_core/static/mia_core/js/user-form.js:206
|
||||||
msgid "Please fill in the password."
|
msgid "Please fill in the password."
|
||||||
msgstr "請填寫密碼。"
|
msgstr "請填寫密碼。"
|
||||||
|
|
||||||
#: mia_core/static/mia_core/js/user-form.js:201
|
#: mia_core/static/mia_core/js/user-form.js:231
|
||||||
msgid "Please enter the password again to verify it."
|
msgid "Please enter the password again to verify it."
|
||||||
msgstr "請再次確認密碼。"
|
msgstr "請再次確認密碼。"
|
||||||
|
|
||||||
#: mia_core/static/mia_core/js/user-form.js:207
|
#: mia_core/static/mia_core/js/user-form.js:237
|
||||||
msgid "The two passwords do not match."
|
msgid "The two passwords do not match."
|
||||||
msgstr "兩次密碼不符,請重新輸入。"
|
msgstr "兩次密碼不符,請重新輸入。"
|
||||||
|
|
||||||
#: mia_core/static/mia_core/js/user-form.js:228
|
#: mia_core/static/mia_core/js/user-form.js:258
|
||||||
msgid "Please fill in the name."
|
msgid "Please fill in the name."
|
||||||
msgstr "請填寫姓名。"
|
msgstr "請填寫姓名。"
|
||||||
|
@ -23,23 +23,48 @@
|
|||||||
|
|
||||||
// Initializes the page JavaScript.
|
// Initializes the page JavaScript.
|
||||||
$(function () {
|
$(function () {
|
||||||
$("#user-login-id").on("blur", function () {
|
$("#user-login-id")
|
||||||
|
.on("blur", function () {
|
||||||
validateLoginId();
|
validateLoginId();
|
||||||
});
|
updatePasswordRequirement();
|
||||||
$("#user-password").on("blur", function () {
|
})
|
||||||
|
$("#user-password")
|
||||||
|
.on("blur", function () {
|
||||||
validatePassword();
|
validatePassword();
|
||||||
});
|
});
|
||||||
$("#user-password2").on("blur", function () {
|
$("#user-password2")
|
||||||
|
.on("blur", function () {
|
||||||
validatePassword2();
|
validatePassword2();
|
||||||
});
|
});
|
||||||
$("#user-name").on("blur", function () {
|
$("#user-name")
|
||||||
|
.on("blur", function () {
|
||||||
validateName();
|
validateName();
|
||||||
});
|
});
|
||||||
$("#user-form").on("submit", function () {
|
$("#user-form")
|
||||||
|
.on("submit", function () {
|
||||||
return validateForm();
|
return validateForm();
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Updates the password required when the log in ID is changed.
|
||||||
|
*
|
||||||
|
* The HTTP digest authentication requires both the log in ID and the
|
||||||
|
* password to compose and store the hash. When the log in ID is
|
||||||
|
* changed, we will also need the password in order to update the
|
||||||
|
* hash.
|
||||||
|
*
|
||||||
|
* @private
|
||||||
|
*/
|
||||||
|
function updatePasswordRequirement() {
|
||||||
|
const originalId = $("#user-login-id-original").val();
|
||||||
|
if (originalId === "") {
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
$("#user-password")[0].required = ($("#user-login-id").val() !== originalId);
|
||||||
|
validatePassword();
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
/*******************
|
/*******************
|
||||||
* Form Validation *
|
* Form Validation *
|
||||||
@ -174,7 +199,12 @@ async function validatePassword() {
|
|||||||
if (password.required) {
|
if (password.required) {
|
||||||
if (password.value === "") {
|
if (password.value === "") {
|
||||||
password.classList.add("is-invalid");
|
password.classList.add("is-invalid");
|
||||||
errorMessage.text(gettext("Please fill in the password."));
|
const originalId = $("#user-login-id-original").val();
|
||||||
|
if (originalId === "" || $("#user-login-id").val() !== originalId) {
|
||||||
|
errorMessage.text(gettext("Please fill in the password to change the log in ID."));
|
||||||
|
} else {
|
||||||
|
errorMessage.text(gettext("Please fill in the password."));
|
||||||
|
}
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user