From 00b964291d4c95d1b5a6b9d4910d6580230814f0 Mon Sep 17 00:00:00 2001
From: Edward <edwardoliveira@users.noreply.github.com>
Date: Thu, 21 Dec 2017 19:54:38 -0200
Subject: [PATCH] Alterar senha (#1652)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

* Tela de mudança de senha

* Muda form, template, e view
---
 sapl/base/forms.py                     | 72 +++++++++++++++++++++++++-
 sapl/base/urls.py                      | 11 +++-
 sapl/base/views.py                     | 27 +++++++++-
 sapl/templates/base.html               |  1 +
 sapl/templates/base/alterar_senha.html | 12 +++++
 5 files changed, 117 insertions(+), 6 deletions(-)
 create mode 100644 sapl/templates/base/alterar_senha.html

diff --git a/sapl/base/forms.py b/sapl/base/forms.py
index d0bef23cd..23c919ae0 100644
--- a/sapl/base/forms.py
+++ b/sapl/base/forms.py
@@ -7,12 +7,12 @@ from django.contrib.auth import get_user_model
 from django.contrib.auth.forms import (AuthenticationForm, PasswordResetForm,
                                        SetPasswordForm)
 from django.contrib.auth.models import Group, User
-from django.contrib.contenttypes.models import ContentType
 from django.core.exceptions import ValidationError
 from django.db import models, transaction
-from django.forms import ModelForm
+from django.forms import ModelForm, Form
 from django.utils.translation import string_concat
 from django.utils.translation import ugettext_lazy as _
+
 import django_filters
 
 from sapl.base.models import Autor, TipoAutor
@@ -712,3 +712,71 @@ class NovaSenhaForm(SetPasswordForm):
         self.helper.layout = Layout(
             row1,
             form_actions(label='Enviar'))
+
+
+class AlterarSenhaForm(Form):
+
+    username = forms.CharField(widget=forms.HiddenInput())
+
+    old_password = forms.CharField(label='Senha atual',
+                                   max_length=50,
+                                   widget=forms.PasswordInput())
+    new_password1 = forms.CharField(label='Nova senha',
+                                    max_length=50,
+                                    widget=forms.PasswordInput())
+    new_password2 = forms.CharField(label='Confirmar senha',
+                                    max_length=50,
+                                    widget=forms.PasswordInput())
+
+
+    class Meta:
+        fields = ['username', 'old_password', 'new_password1', 'new_password2']
+
+    def __init__(self, *args, **kwargs):
+
+        super(AlterarSenhaForm, self).__init__(*args, **kwargs)
+
+        row1 = to_row([('old_password', 12)])
+        row2 = to_row(
+            [('new_password1', 6),
+             ('new_password2', 6)])
+
+        self.helper = FormHelper()
+        self.helper.layout = Layout(
+            row1,
+            row2,
+            form_actions(label='Alterar Senha'))
+
+    def clean(self):
+        super(AlterarSenhaForm, self).clean()
+
+        data = self.cleaned_data
+
+        new_password1 = data['new_password1']
+        new_password2 = data['new_password2']
+
+        if new_password1 != new_password2:
+            raise ValidationError("'Nova Senha' diferente de 'Confirmar Senha'")
+
+        # TODO: colocar mais regras como: tamanho mínimo,
+        # TODO: caracteres alfanuméricos, maiúsculas (?),
+        # TODO: senha atual igual a senha anterior, etc
+
+        if len(new_password1) < 6:
+            raise ValidationError("A senha informada deve ter no mínimo 6 caracteres")
+
+        username = data['username']
+        old_password = data['old_password']
+        user = User.objects.get(username=username)
+
+        if user.is_anonymous():
+            raise ValidationError("Não é possível alterar senha de usuário anônimo")
+
+        if not user.check_password(old_password):
+            raise ValidationError("Senha atual informada não confere "
+                                  "com a senha armazenada")
+
+        if user.check_password(new_password1):
+            raise ValidationError("Nova senha não pode ser igual à senha anterior")
+
+        return self.cleaned_data
\ No newline at end of file
diff --git a/sapl/base/urls.py b/sapl/base/urls.py
index d45532d0a..88c423f52 100644
--- a/sapl/base/urls.py
+++ b/sapl/base/urls.py
@@ -16,10 +16,17 @@ from .views import (AppConfigCrud, CasaLegislativaCrud, HelpTopicView,
                     RelatorioMateriasPorAnoAutorTipoView,
                     RelatorioMateriasPorAutorView,
                     RelatorioMateriasTramitacaoView,
-                    RelatorioPresencaSessaoView, SaplSearchView)
+                    RelatorioPresencaSessaoView, SaplSearchView, AlterarSenha)
 
 app_name = AppConfig.name
 
+alterar_senha = [
+    url(r'^sistema/alterar-senha/$',
+        AlterarSenha.as_view(),
+        name='alterar_senha'),
+
+]
+
 recuperar_senha = [
     url(r'^recuperar-senha/email/$',
         password_reset,
@@ -100,4 +107,4 @@ urlpatterns = [
 
     url(r'^sistema/search/', SaplSearchView(), name='haystack_search'),
 
-] + recuperar_senha
+] + recuperar_senha + alterar_senha
diff --git a/sapl/base/views.py b/sapl/base/views.py
index 6b666da0d..700b0a30a 100644
--- a/sapl/base/views.py
+++ b/sapl/base/views.py
@@ -15,7 +15,8 @@ from django.utils.translation import ugettext_lazy as _, string_concat
 from django.views.generic.base import TemplateView
 from django_filters.views import FilterView
 from haystack.views import SearchView
-
+from django.views.generic import FormView
+from django.contrib.auth import update_session_auth_hash
 from sapl.base.forms import AutorForm, AutorFormForAdmin, TipoAutorForm
 from sapl.base.models import Autor, TipoAutor
 from sapl.crud.base import CrudAux
@@ -32,7 +33,7 @@ from .forms import (CasaLegislativaForm, ConfiguracoesAppForm,
                     RelatorioMateriasPorAnoAutorTipoFilterSet,
                     RelatorioMateriasPorAutorFilterSet,
                     RelatorioMateriasTramitacaoilterSet,
-                    RelatorioPresencaSessaoFilterSet)
+                    RelatorioPresencaSessaoFilterSet, AlterarSenhaForm)
 from .models import AppConfig, CasaLegislativa
 
 
@@ -603,3 +604,25 @@ class SaplSearchView(SearchView):
             context['models'] = context['models'] + '&models=' + m
 
         return context
+
+
+class AlterarSenha(FormView):
+    from sapl.settings import LOGIN_URL
+
+    form_class = AlterarSenhaForm
+    template_name = 'base/alterar_senha.html'
+    success_url = LOGIN_URL
+
+    def get_initial(self):
+        initial = super(AlterarSenha, self).get_initial()
+        initial['username'] = self.request.user
+        return initial
+
+    def form_valid(self, form):
+        new_password = form.cleaned_data['new_password1']
+
+        user = self.request.user
+        user.set_password(new_password)
+        user.save()
+
+        return super().form_valid(form)
\ No newline at end of file
diff --git a/sapl/templates/base.html b/sapl/templates/base.html
index efcd0a647..8f4a45038 100644
--- a/sapl/templates/base.html
+++ b/sapl/templates/base.html
@@ -69,6 +69,7 @@
                         Votar Matéria
                       </a></li>
                     {% endif %}
+                    <li><a href="{% url 'sapl.base:alterar_senha' %}">Alterar senha</a></li>
                     <li><a href="{% url 'sapl.base:logout' %}">Sair</a></li>
                   </ul>
                 </li>
diff --git a/sapl/templates/base/alterar_senha.html b/sapl/templates/base/alterar_senha.html
new file mode 100644
index 000000000..20956a763
--- /dev/null
+++ b/sapl/templates/base/alterar_senha.html
@@ -0,0 +1,12 @@
+{% extends "crud/detail.html" %}
+{% load i18n %}
+{% load crispy_forms_tags %}
+{% block actions %}{% endblock %}
+{% block detail_content %}
+    <h1>Alterar Senha</h1>
+	{% crispy form %}
+    </br>
+    Atenção, a mudança de senha fará com que o usuário atual seja deslogado do sistema.</br>
+    Favor entrar novamente com a nova senha após a mudança com sucesso.
+
+{% endblock detail_content %}
\ No newline at end of file