self.redirect("/users/%s" % account.uid)
-class UserPasswdHandler(base.BaseHandler):
- @tornado.web.authenticated
- def get(self, uid):
- account = self.backend.accounts.get_by_uid(uid)
- if not account:
- raise tornado.web.HTTPError(404, "Could not find account %s" % uid)
-
- # Check for permissions
- if not account.can_be_managed_by(self.current_user):
- raise tornado.web.HTTPError(403, "%s cannot manage %s" % (self.current_user, account))
-
- self.render("people/passwd.html", account=account)
-
- @tornado.web.authenticated
- def post(self, uid):
- account = self.backend.accounts.get_by_uid(uid)
- if not account:
- raise tornado.web.HTTPError(404, "Could not find account %s" % uid)
-
- # Check for permissions
- if not account.can_be_managed_by(self.current_user):
- raise tornado.web.HTTPError(403, "%s cannot manage %s" % (self.current_user, account))
-
- # Get current password
- password = self.get_argument("password")
-
- # Get new password
- password1 = self.get_argument("password1")
- password2 = self.get_argument("password2")
-
- # Passwords must match
- if not password1 == password2:
- raise tornado.web.HTTPError(400, "Passwords do not match")
-
- # XXX Check password complexity
-
- # Check if old password matches
- if not account.check_password(password):
- raise tornado.web.HTTPError(403, "Incorrect password for %s" % account)
-
- # Save new password
- account.passwd(password1)
-
- # Redirect back to user's page
- self.redirect("/users/%s" % account.uid)
-
-
class AgentModule(ui_modules.UIModule):
def render(self, account):
return self.render_string("people/modules/agent.html", account=account)