stages/user_write: don't update session hash after password change when impersonating
This commit is contained in:
parent
ff64182ae8
commit
1d85874f41
|
@ -18,9 +18,9 @@ from json import dumps
|
||||||
import structlog
|
import structlog
|
||||||
from celery.schedules import crontab
|
from celery.schedules import crontab
|
||||||
from sentry_sdk import init as sentry_init
|
from sentry_sdk import init as sentry_init
|
||||||
from sentry_sdk.integrations.redis import RedisIntegration
|
|
||||||
from sentry_sdk.integrations.celery import CeleryIntegration
|
from sentry_sdk.integrations.celery import CeleryIntegration
|
||||||
from sentry_sdk.integrations.django import DjangoIntegration
|
from sentry_sdk.integrations.django import DjangoIntegration
|
||||||
|
from sentry_sdk.integrations.redis import RedisIntegration
|
||||||
|
|
||||||
from passbook import __version__
|
from passbook import __version__
|
||||||
from passbook.core.middleware import structlog_add_request_id
|
from passbook.core.middleware import structlog_add_request_id
|
||||||
|
|
|
@ -6,6 +6,7 @@ from django.http import HttpRequest, HttpResponse
|
||||||
from django.utils.translation import gettext as _
|
from django.utils.translation import gettext as _
|
||||||
from structlog import get_logger
|
from structlog import get_logger
|
||||||
|
|
||||||
|
from passbook.core.middleware import SESSION_IMPERSONATE_USER
|
||||||
from passbook.core.models import User
|
from passbook.core.models import User
|
||||||
from passbook.flows.planner import PLAN_CONTEXT_PENDING_USER
|
from passbook.flows.planner import PLAN_CONTEXT_PENDING_USER
|
||||||
from passbook.flows.stage import StageView
|
from passbook.flows.stage import StageView
|
||||||
|
@ -41,10 +42,12 @@ class UserWriteStageView(StageView):
|
||||||
user = self.executor.plan.context[PLAN_CONTEXT_PENDING_USER]
|
user = self.executor.plan.context[PLAN_CONTEXT_PENDING_USER]
|
||||||
# Before we change anything, check if the user is the same as in the request
|
# Before we change anything, check if the user is the same as in the request
|
||||||
# and we're updating a password. In that case we need to update the session hash
|
# and we're updating a password. In that case we need to update the session hash
|
||||||
|
# Also check that we're not currently impersonating, so we don't update the session
|
||||||
should_update_seesion = False
|
should_update_seesion = False
|
||||||
if (
|
if (
|
||||||
any(["password" in x for x in data.keys()])
|
any(["password" in x for x in data.keys()])
|
||||||
and self.request.user.pk == user.pk
|
and self.request.user.pk == user.pk
|
||||||
|
and SESSION_IMPERSONATE_USER not in self.request.session
|
||||||
):
|
):
|
||||||
should_update_seesion = True
|
should_update_seesion = True
|
||||||
for key, value in data.items():
|
for key, value in data.items():
|
||||||
|
|
Reference in a new issue