Implement password reset link, Close #20

src/account_manager/urls.py

@@ -27,7 +27,7 @@ urlpatterns = [
          name='realm-user-detail'),
     path('realm/<int:realm_id>/user/<str:user_dn>/update/', user_views.realm_user_update,
          name='realm-user-update'),
-    path('realm/<int:realm_id>/user/<str:user_dn>/mail/password/', user_views.realm_user_resend_welcome_mail,
+    path('realm/<int:realm_id>/user/<str:user_dn>/mail/password/', user_views.realm_user_resend_password_reset,
          name='realm-user-password-reset'),
     path('realm/<int:realm_id>/user/<str:user_dn>/mail/welcome/', user_views.realm_user_resend_welcome_mail,
          name='realm-user-resend-welcome-mail'),

src/account_manager/views/user_views.py

@@ -1,19 +1,23 @@
+import logging
+import os
+
 from django.contrib.auth.decorators import login_required
+from django.contrib.auth.forms import PasswordResetForm
 from django.contrib.auth.models import User
 from django.contrib.auth.views import PasswordResetConfirmView, PasswordChangeView
 from django.contrib.sites.shortcuts import get_current_site
 from django.core.exceptions import ObjectDoesNotExist
+from django.http import HttpRequest
 from django.shortcuts import render, redirect
-from django.http import HttpResponse
 from django.utils.translation import gettext as _
 from ldap import ALREADY_EXISTS, OBJECT_CLASS_VIOLATION
+
 from account_helper.models import Realm
 from account_manager.forms import AddLDAPUserForm, UserDeleteListForm, UpdateLDAPUserForm, AdminUpdateLDAPUserForm, \
     UserGroupListForm
 from account_manager.main_views import is_realm_admin
 from account_manager.models import LdapUser, LdapGroup
 from account_manager.utils.mail_utils import send_welcome_mail
-import logging
 
 logger = logging.getLogger(__name__)
 
@@ -137,36 +141,34 @@ def realm_user_update(request, realm_id, user_dn):
                                       {'model_field': 'email', 'form_field': 'email'}, ])
 
 
-#
+@login_required
-# @login_required
+@is_realm_admin
-# @is_realm_admin
+@protect_cross_realm_user_access
-# @protect_cross_realm_user_access
+def realm_user_resend_password_reset(request, realm_id, user_dn):
-# def realm_user_password_reset(request, realm_id, user_dn):
+    realm = Realm.objects.get(id=realm_id)
-#     realm_obj = Realm.objects.get(id=realm_id)
+    LdapUser.base_dn = f'ou=people,{realm.ldap_base_dn}'
-#     LdapUser.base_dn = f'ou=people,{realm_obj.ldap_base_dn}'
+    ldap_user = LdapUser.objects.get(dn=user_dn)
-#     ldap_user = LdapUser.objects.get(dn=user_dn)
+    try:
-#
+        if ldap_user.email:
-#     password_reset_request = HttpRequest()
+            logger.info("Sending email for to this email:", ldap_user.email)
-#     password_reset_request.method = 'POST'
+            form = PasswordResetForm({'email': ldap_user.email})
-#     password_reset_request.META['HTTP_HOST'] = request.META['HTTP_HOST']
+            if form.is_valid():
-#     password_reset_request.POST = {'email': ldap_user.email, 'csrfmiddlewaretoken': get_token(HttpRequest())}
+                logger.info('CREATE REQUEST')
-#     PasswordResetView.as_view()(password_reset_request)
+                pw_reset_request = HttpRequest()
-#
+                pw_reset_request.META['SERVER_NAME'] = get_current_site(request).domain
-#     realm_obj = Realm.objects.get(id=realm_id)
+                pw_reset_request.META['SERVER_PORT'] = '80'
-#     LdapUser.base_dn = f'ou=people,{realm_obj.ldap_base_dn}'
+                if request.is_secure():
-#     ldap_user = LdapUser.objects.get(dn=user_dn)
+                    pw_reset_request.META['SERVER_PORT'] = '443'
-#     return user_update_controller(request=request,
+                logger.info('form.save')
-#                                   realm=realm_obj,
+                form.save(
-#                                   ldap_user=ldap_user,
+                    request=pw_reset_request,
-#                                   redirect_name='realm-user-detail',
+                    use_https=True,
-#                                   update_view='user/realm_user_detail.jinja2',
+                    from_email=os.environ.get('DEFAULT_FROM_EMAIL', 'vergesslich@test.de'),
-#                                   form_class=AdminUpdateLDAPUserForm,
+                    email_template_name='registration/password_reset_email.html')
-#                                   form_attrs=[
+
-#                                       {'model_field': 'username', 'form_field': 'username'},
+    except Exception as e:
-#                                       {'model_field': 'password', 'form_field': 'password'},
+        logger.info('Error')
-#                                       {'model_field': 'first_name', 'form_field': 'first_name'},
+    return redirect('realm-user-detail', realm_id, user_dn)
-#                                       {'model_field': 'last_name', 'form_field': 'last_name'},
-#                                       {'model_field': 'email', 'form_field': 'email'}, ])
 
 
 @login_required

src/templates/user/realm_user_detail.jinja2

@@ -16,7 +16,7 @@
             <li class="list-group-item">Vorname: {{ user.first_name }}</li>
             <li class="list-group-item">Nachname: {{ user.last_name }}</li>
             <li class="list-group-item">Email: {{ user.email }}</li>
-            <li class="list-group-item">Passwort: <a href="#" class="float-right">Nutzerpasswort zurücksetzen</a></li>
+            <li class="list-group-item">Passwort: <a href="{{ url('realm-user-password-reset', args = [realm.id, user.dn]) }}" class="float-right">Nutzerpasswort zurücksetzen</a></li>
             {#            <li class="list-group-item">Telefon: {{ user.phone }}</li>#}
             {#            <li class="list-group-item">Mobiltelefon: {{ user.mobile_phone }}</li>#}
             <li class="list-group-item">Gruppen: