Skip to content
GitLab
Explore
Sign in
Primary navigation
Search or go to…
Project
Odevzdávací Systém MO
Manage
Activity
Members
Labels
Plan
Issues
Issue boards
Milestones
Code
Merge requests
Repository
Branches
Commits
Tags
Repository graph
Compare revisions
Deploy
Model registry
Analyze
Model experiments
Help
Help
Support
GitLab documentation
Compare GitLab plans
GitLab community forum
Contribute to GitLab
Provide feedback
Keyboard shortcuts
?
Snippets
Groups
Projects
Show more breadcrumbs
Martin Mareš
Odevzdávací Systém MO
Commits
9c4d16d4
Commit
9c4d16d4
authored
5 months ago
by
Martin Mareš
Browse files
Options
Downloads
Patches
Plain Diff
Změna osobních údajů zapomínala kontrolovat aktuální heslo
*blush*
parent
2f76c127
No related branches found
No related tags found
1 merge request
!138
Zpracování nedoručenek
Changes
1
Show whitespace changes
Inline
Side-by-side
Showing
1 changed file
mo/web/acct.py
+15
-7
15 additions, 7 deletions
mo/web/acct.py
with
15 additions
and
7 deletions
mo/web/acct.py
+
15
−
7
View file @
9c4d16d4
...
...
@@ -23,6 +23,7 @@ import mo.rights
import
mo.tokens
import
mo.users
import
mo.util
from
mo.util
import
assert_not_none
from
mo.web
import
app
,
NeedLoginError
import
mo.web.fields
as
mo_fields
...
...
@@ -183,8 +184,11 @@ def user_settings_personal():
if
not
form
.
submit
.
data
:
form
.
email
.
data
=
user
.
email
if
form
.
validate_on_submit
():
ok
=
True
def
process_submit
()
->
bool
:
if
not
mo
.
users
.
check_password
(
user
,
assert_not_none
(
form
.
current_passwd
.
data
)):
flash
(
'
Nesouhlasí aktuální heslo.
'
,
'
danger
'
)
return
False
if
form
.
new_passwd
.
data
:
app
.
logger
.
info
(
f
'
Settings: Změněno heslo uživatele #
{
user
.
user_id
}
'
)
mo
.
users
.
set_password
(
user
,
form
.
new_passwd
.
data
)
...
...
@@ -195,10 +199,12 @@ def user_settings_personal():
)
sess
.
commit
()
flash
(
'
Heslo změněno.
'
,
'
success
'
)
if
form
.
email
.
data
!=
user
.
email
:
if
mo
.
users
.
user_by_email
(
form
.
email
.
data
)
is
not
None
:
if
mo
.
users
.
user_by_email
(
assert_not_none
(
form
.
email
.
data
))
is
not
None
:
# Tady prosakuje informace o existenci účtu, ale tu prozrazuje i login.
flash
(
'
Tuto e-mailovou adresu už používá jiný uživatel.
'
,
'
danger
'
)
ok
=
False
return
False
else
:
rr
=
mo
.
users
.
new_reg_request
(
db
.
RegReqType
.
change_email
,
request
.
remote_addr
)
if
rr
:
...
...
@@ -212,8 +218,10 @@ def user_settings_personal():
else
:
app
.
logger
.
info
(
'
Settings: Rate limit
'
)
flash
(
'
Příliš mnoho požadavků na změny e-mailu. Počkejte prosím chvíli a zkuste to znovu.
'
,
'
danger
'
)
ok
=
False
if
ok
:
return
False
return
True
if
form
.
validate_on_submit
()
and
process_submit
():
return
redirect
(
url_for
(
'
user_settings
'
))
return
render_template
(
'
settings_change.html
'
,
form
=
form
)
...
...
This diff is collapsed.
Click to expand it.
Preview
0%
Loading
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Save comment
Cancel
Please
register
or
sign in
to comment
