stages/user_write: don't update session hash after password change when impersonating
This commit is contained in:
parent
ff64182ae8
commit
1d85874f41
|
@ -18,9 +18,9 @@ from json import dumps
|
|||
import structlog
|
||||
from celery.schedules import crontab
|
||||
from sentry_sdk import init as sentry_init
|
||||
from sentry_sdk.integrations.redis import RedisIntegration
|
||||
from sentry_sdk.integrations.celery import CeleryIntegration
|
||||
from sentry_sdk.integrations.django import DjangoIntegration
|
||||
from sentry_sdk.integrations.redis import RedisIntegration
|
||||
|
||||
from passbook import __version__
|
||||
from passbook.core.middleware import structlog_add_request_id
|
||||
|
|
|
@ -6,6 +6,7 @@ from django.http import HttpRequest, HttpResponse
|
|||
from django.utils.translation import gettext as _
|
||||
from structlog import get_logger
|
||||
|
||||
from passbook.core.middleware import SESSION_IMPERSONATE_USER
|
||||
from passbook.core.models import User
|
||||
from passbook.flows.planner import PLAN_CONTEXT_PENDING_USER
|
||||
from passbook.flows.stage import StageView
|
||||
|
@ -41,10 +42,12 @@ class UserWriteStageView(StageView):
|
|||
user = self.executor.plan.context[PLAN_CONTEXT_PENDING_USER]
|
||||
# Before we change anything, check if the user is the same as in the request
|
||||
# and we're updating a password. In that case we need to update the session hash
|
||||
# Also check that we're not currently impersonating, so we don't update the session
|
||||
should_update_seesion = False
|
||||
if (
|
||||
any(["password" in x for x in data.keys()])
|
||||
and self.request.user.pk == user.pk
|
||||
and SESSION_IMPERSONATE_USER not in self.request.session
|
||||
):
|
||||
should_update_seesion = True
|
||||
for key, value in data.items():
|
||||
|
|
Reference in a new issue