MAAS

Merge ~blake-rouse/maas:fix-1844793 into maas:master

Git
lp:~blake-rouse/maas
fix-1844793
Merge into master

Proposed by Blake Rouse on 2019-09-24

Status:

Merged

Approved by:

Blake Rouse on 2019-09-24

Approved revision:

e128f94d025350034e340eae0c48c92680dda2fb

Merge reported by:

MAAS Lander

Merged at revision:

not available

Proposed branch:

~blake-rouse/maas:fix-1844793

Merge into:

maas:master

Diff against target:

87 lines (+38/-0)

2 files modified

src/maasserver/websockets/handlers/tests/test_user.py (+23/-0)
src/maasserver/websockets/handlers/user.py (+15/-0)

High

Fix Released

Link a bug report

Reviewer	Review Type	Date Requested	Status
Alberto Donato (community)		2019-09-24	Approve on 2019-09-24
Review via email: mp+373134@code.launchpad.net

Commit message

Fixes LP: #1844793 - Add ability for a user to change password over the websocket API.

Revision history for this message

Alberto Donato (ack) on 2019-09-24:

Revision history for this message

Blake Rouse (blake-rouse) on 2019-09-24:

Revision history for this message

Alberto Donato (ack) wrote on 2019-09-24:

review: Approve

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk

Subscribers

People subscribed via source and target branches

to all changes:

Blake Rouse

MAAS Committers

Matvej Jurbin

Shane Holloman

 diff --git a/src/maasserver/websockets/handlers/tests/test_user.py b/src/maasserver/websockets/handlers/tests/test_user.py
 index ae0e8ee..2c69685 100644
 --- a/src/maasserver/websockets/handlers/tests/test_user.py
 +++ b/src/maasserver/websockets/handlers/tests/test_user.py
@@ -30,6 +30,7 @@ from maasserver.websockets.base import (
      dehydrate_datetime,
      HandlerDoesNotExistError,
      HandlerPermissionError,
++    HandlerValidationError,
+ )
  from maasserver.websockets.handlers.user import UserHandler
  from maastesting.djangotestcase import count_queries
@@ -348,3 +349,25 @@ class TestUserHandler(MAASServerTestCase):
          handler = UserHandler(user, {}, None)
          last_login_serialised = handler.get({"id": user.id})['last_login']
          self.assertEqual(last_login_serialised, now.strftime(DATETIME_FORMAT))
++
++    def test_change_password_invalid(self):
++        user = factory.make_User()
++        user.set_password("oldpassword")
++        handler = UserHandler(user, {}, None)
++        self.assertRaises(HandlerValidationError, handler.change_password, {
++            "new_password1": "newpassword",
++            "new_password2": "mismatchpassword",
++            "old_password": "oldpassword",
++        })
++
++    def test_change_password(self):
++        user = factory.make_User()
++        user.set_password("oldpassword")
++        handler = UserHandler(user, {}, None)
++        observed = handler.change_password({
++            "new_password1": "newpassword",
++            "new_password2": "newpassword",
++            "old_password": "oldpassword",
++        })
++        self.assertEqual(self.dehydrate_user(user, for_self=True), observed)
++        self.assertTrue(user.check_password("newpassword"))
 diff --git a/src/maasserver/websockets/handlers/user.py b/src/maasserver/websockets/handlers/user.py
 index d9ea2cc..c046a91 100644
 --- a/src/maasserver/websockets/handlers/user.py
 +++ b/src/maasserver/websockets/handlers/user.py
@@ -7,6 +7,7 @@ __all__ = [
      "UserHandler",
+ ]
++from django.contrib.auth.forms import PasswordChangeForm
  from django.contrib.auth.models import User
  from django.db.models import Count
  from django.http import HttpRequest
@@ -22,11 +23,13 @@ from maasserver.permissions import (
      PodPermission,
      ResourcePoolPermission,
+ )
++from maasserver.utils.forms import get_QueryDict
  from maasserver.websockets.base import (
      dehydrate_datetime,
      Handler,
      HandlerDoesNotExistError,
      HandlerPermissionError,
++    HandlerValidationError,
+ )
  from provisioningserver.events import EVENT_TYPES
@@ -50,6 +53,7 @@ class UserHandler(Handler):
              'create_authorisation_token',
              'update_token_name',
              'delete_authorisation_token',
++            'change_password',
+         ]
          fields = [
              "id",
@@ -232,3 +236,14 @@ class UserHandler(Handler):
          profile.delete_authorisation_token(params['key'])
          self.create_audit_event(EVENT_TYPES.AUTHORISATION, "Deleted token.")
          return {}
++
++    def change_password(self, params):
++        """Update the authenticated user password."""
++        form = PasswordChangeForm(user=self.user, data=get_QueryDict(params))
++        if form.is_valid():
++            form.save()
++            self.user.sshkeys_count = self.user.sshkey_set.count()
++            self.user.machines_count = self.user.node_set.count()
++            return self.full_dehydrate(self.user)
++        else:
++            raise HandlerValidationError(form.errors)

MAAS

Merge ~blake-rouse/maas:fix-1844793 into maas:master

Commit message

Description of the change

Preview Diff

Subscribers