MAAS

Merge ~vtapia/maas:lp1894727-28 into maas:2.8

  1. Git
  2. lp:~vtapia/maas
  3. lp1894727-28
  4. Merge into 2.8
Proposed by Victor Tapia
Status: Merged
Approved by: Adam Collard
Approved revision: 41737a6fdf7ff6ff8bb89db00b082755b7c1e407
Merge reported by: MAAS Lander
Merged at revision: not available
Proposed branch: ~vtapia/maas:lp1894727-28
Merge into: maas:2.8
Diff against target: 107 lines (+76/-1)
2 files modified
src/maasserver/websockets/handlers/tests/test_user.py (+60/-0)
src/maasserver/websockets/handlers/user.py (+16/-1)
Reviewer Review Type Date Requested Status
Adam Collard (community) Approve
MAAS Lander Approve
Review via email: mp+397131@code.launchpad.net

Commit message

LP 1894727: Add websocket endpoint for superusers to change password

Description of the change

Backport of commit 839b79338aa10b81af55047f857cbc7499c9c29b in master

To post a comment you must log in.
Revision history for this message
MAAS Lander (maas-lander) wrote :

UNIT TESTS
-b lp1894727-28 lp:~vtapia/maas/+git/maas into -b 2.8 lp:~maas-committers/maas

STATUS: FAILED
LOG: http://maas-ci.internal:8080/job/maas/job/branch-tester/9119/console
COMMIT: 73ffa6762403f41186e41ed006717ce555b895ce

review: Needs Fixing
~vtapia/maas:lp1894727-28 updated
41737a6... by Victor Tapia

Fix test format

Revision history for this message
MAAS Lander (maas-lander) wrote :

UNIT TESTS
-b lp1894727-28 lp:~vtapia/maas/+git/maas into -b 2.8 lp:~maas-committers/maas

STATUS: SUCCESS
COMMIT: 41737a6fdf7ff6ff8bb89db00b082755b7c1e407

review: Approve
Revision history for this message
Adam Collard (adam-collard) :
review: Approve

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
diff --git a/src/maasserver/websockets/handlers/tests/test_user.py b/src/maasserver/websockets/handlers/tests/test_user.py
index f62c79c..3311922 100644
--- a/src/maasserver/websockets/handlers/tests/test_user.py
+++ b/src/maasserver/websockets/handlers/tests/test_user.py
@@ -396,3 +396,63 @@ class TestUserHandler(MAASServerTestCase):
396 )396 )
397 self.assertEqual(self.dehydrate_user(user, for_self=True), observed)397 self.assertEqual(self.dehydrate_user(user, for_self=True), observed)
398 self.assertTrue(user.check_password("newpassword"))398 self.assertTrue(user.check_password("newpassword"))
399
400 def test_change_other_users_password_as_admin(self):
401 admin_user = factory.make_admin()
402 handler = UserHandler(admin_user, {}, None)
403 user = factory.make_User()
404
405 response = handler.admin_change_password(
406 {
407 "id": user.id,
408 "password1": "newpassword",
409 "password2": "newpassword",
410 }
411 )
412 user = reload_object(user)
413
414 self.assertIsNone(response)
415 self.assertTrue(
416 user.check_password("newpassword"),
417 "Password not correctly changed",
418 )
419
420 def test_cannot_change_other_users_password_as_unprivileged(self):
421 unprivileged_user = factory.make_User()
422 handler = UserHandler(unprivileged_user, {}, None)
423 user = factory.make_User()
424
425 self.assertRaises(
426 HandlerPermissionError,
427 handler.admin_change_password,
428 {
429 "id": user.id,
430 "password1": "newpassword",
431 "password2": "newpassword",
432 },
433 )
434
435 def test_cannot_change_own_password_as_unprivileged_using_admin(self):
436 unprivileged_user = factory.make_User()
437 handler = UserHandler(unprivileged_user, {}, None)
438
439 self.assertRaises(
440 HandlerPermissionError,
441 handler.admin_change_password,
442 {
443 "id": unprivileged_user.id,
444 "password1": "newpassword",
445 "password2": "newpassword",
446 },
447 )
448
449 def test_cannot_change_other_users_password_as_admin_bad_password(self):
450 admin_user = factory.make_admin()
451 handler = UserHandler(admin_user, {}, None)
452 user = factory.make_User()
453
454 self.assertRaises(
455 HandlerValidationError,
456 handler.admin_change_password,
457 {"id": user.id, "password1": "foo", "password2": "bar"},
458 )
diff --git a/src/maasserver/websockets/handlers/user.py b/src/maasserver/websockets/handlers/user.py
index cba0ce6..7109aed 100644
--- a/src/maasserver/websockets/handlers/user.py
+++ b/src/maasserver/websockets/handlers/user.py
@@ -5,7 +5,10 @@
55
6__all__ = ["UserHandler"]6__all__ = ["UserHandler"]
77
8from django.contrib.auth.forms import PasswordChangeForm8from django.contrib.auth.forms import (
9 AdminPasswordChangeForm,
10 PasswordChangeForm,
11)
9from django.contrib.auth.models import User12from django.contrib.auth.models import User
10from django.db.models import Count13from django.db.models import Count
11from django.http import HttpRequest14from django.http import HttpRequest
@@ -51,6 +54,7 @@ class UserHandler(Handler):
51 "auth_user",54 "auth_user",
52 "mark_intro_complete",55 "mark_intro_complete",
53 "change_password",56 "change_password",
57 "admin_change_password",
54 ]58 ]
55 fields = [59 fields = [
56 "id",60 "id",
@@ -208,3 +212,14 @@ class UserHandler(Handler):
208 return self.full_dehydrate(self.user)212 return self.full_dehydrate(self.user)
209 else:213 else:
210 raise HandlerValidationError(form.errors)214 raise HandlerValidationError(form.errors)
215
216 def admin_change_password(self, params):
217 """As Admin, update another user's password."""
218 if not self.user.is_superuser:
219 raise HandlerPermissionError()
220 user = self.get_object(params)
221 form = AdminPasswordChangeForm(user=user, data=get_QueryDict(params))
222 if form.is_valid():
223 form.save()
224 else:
225 raise HandlerValidationError(form.errors)

Subscribers

People subscribed via source and target branches