| 148 | |
| 149 | @method_decorator(sensitive_post_parameters()) |
| 150 | def user_change_password(self, request, id, form_url=class="st">""): |
| 151 | user = self.get_object(request, unquote(id)) |
| 152 | if not self.has_change_permission(request, user): |
| 153 | raise PermissionDenied |
| 154 | if user is None: |
| 155 | raise Http404( |
| 156 | _(class="st">"%(name)s object with primary key %(key)r does not exist.") |
| 157 | % { |
| 158 | class="st">"name": self.opts.verbose_name, |
| 159 | class="st">"key": escape(id), |
| 160 | } |
| 161 | ) |
| 162 | if request.method == class="st">"POST": |
| 163 | form = self.change_password_form(user, request.POST) |
| 164 | if form.is_valid(): |
| 165 | class="cm"># If disabling password-based authentication was requested |
| 166 | class="cm"># (via the form field `usable_password`), the submit action |
| 167 | class="cm"># must be class="st">"unset-password". This check is most relevant when |
| 168 | class="cm"># the admin user has two submit buttons available (for example |
| 169 | class="cm"># when Javascript is disabled). |
| 170 | valid_submission = ( |
| 171 | form.cleaned_data[class="st">"set_usable_password"] |
| 172 | or class="st">"unset-password" in request.POST |
| 173 | ) |
| 174 | if not valid_submission: |
| 175 | msg = gettext(class="st">"Conflicting form data submitted. Please try again.") |
| 176 | messages.error(request, msg) |
| 177 | return HttpResponseRedirect(request.get_full_path()) |
| 178 | |
| 179 | user = form.save() |
| 180 | change_message = self.construct_change_message(request, form, None) |
| 181 | self.log_change(request, user, change_message) |
| 182 | if user.has_usable_password(): |
| 183 | msg = gettext(class="st">"Password changed successfully.") |
| 184 | else: |
| 185 | msg = gettext(class="st">"Password-based authentication was disabled.") |
| 186 | messages.success(request, msg) |
| 187 | update_session_auth_hash(request, form.user) |
| 188 | return HttpResponseRedirect( |
| 189 | reverse( |
| 190 | class="st">"%s:%s_%s_change" |
| 191 | % ( |
| 192 | self.admin_site.name, |
| 193 | user._meta.app_label, |
| 194 | user._meta.model_name, |
| 195 | ), |
| 196 | args=(user.pk,), |
| 197 | ) |
| 198 | ) |
| 199 | else: |
| 200 | form = self.change_password_form(user) |
| 201 | |
| 202 | fieldsets = [(None, {class="st">"fields": list(form.base_fields)})] |
| 203 | admin_form = admin.helpers.AdminForm(form, fieldsets, {}) |
| 204 | |
| 205 | if user.has_usable_password(): |
| 206 | title = _(class="st">"Change password: %s") |
| 207 | else: |