Use LdapManager in password reset too

2019-02-24 18:42:27 +01:00 · 2019-02-24 18:42:27 +01:00 · acff3fc592
parent 16b02cfe3f
commit acff3fc592
1 changed files with 39 additions and 15 deletions
--- a/dal/views.py
+++ b/dal/views.py
@ -175,22 +175,46 @@ class ResetPassword(View):
        service = 'send a password reset request'
        user = request.POST.get('user')
        # First, check if the user exists
-        if not check_user_exists(user):
-            return render(request, 'error.html', { 'urlname': urlname, 'service': service, 'error': 'The user does not exist.' } )
-        # user exists, so try to get email
-        with get_pool().next() as rpc:
-            (state, tmp1, tmp2, email) = rpc.getuserdata.get_data(user)
-        # Either error with the datalookup or no email provided
-        if state == "error" or email == 'No email given' or not email:
-            return render(request, 'error.html', { 'urlname': urlname, 'service': service, 'error': 'Unable to retrieve email address for user.' } )
-        # Try to send the email out
-        emailsend = self.email(user, email)
-        # Email got sent out
-        if emailsend == True:
-            return render(request, 'send_resetrequest.html', { 'user': user } )
-        # Error while trying to send email
+        ldap_manager = LdapManager()
+        user_exists, entries = ldap_manager.check_user_exists(
+            uid=user,
+            attributes=['uid', 'givenName', 'sn', 'mail']
+        )
+        if user_exists and request.user.username == user:
+            # user exists, so try to get email
+            # with get_pool().next() as rpc:
+            #     (state, tmp1, tmp2, email) = rpc.getuserdata.get_data(user)
+            # Either error with the datalookup or no email provided
+            email = entries[0].mail.value
+            if email is None:
+                return render(
+                    request, 'error.html',
+                    {'urlname': urlname, 'service': service,
+                     'error': 'Unable to retrieve email address for user.'}
+                )
+
+            base_url = "{0}://{1}".format(self.request.scheme,
+                                          self.request.get_host())
+            # Try to send the email out
+            emailsend = self.email(user, email, base_url)
+            # Email got sent out
+            if emailsend == True:
+                return render(
+                    request, 'send_resetrequest.html', {'user': user}
+                )
+            # Error while trying to send email
+            else:
+                return render(
+                    request, 'error.html',
+                    {'urlname': urlname, 'service': service,
+                     'error': emailsend}
+                )
        else:
-            return render(request, 'error.html', { 'urlname': urlname, 'service': service, 'error': emailsend } )
+            return render(
+                request, 'error.html',
+                { 'urlname': urlname, 'service': service,
+                  'error': 'The user does not exist.' }
+            )

    # Sends an email to the user with the 24h active link for a password reset
    def email(self, user, email, base_url):