error message for incorrect new password (too close to username or old password)

Author: Topi Paavilainen

fum/api/views.py

@@ -323,9 +323,9 @@ def password(self, request, username=None, relname=None):
                 user.set_ldap_password(password)
                 return Response("Ok", status=200)
             except Exception, e:
-                return Response("Fail: %s"%e, status=500)
+                return Response("New password too similar to the username or to an old password", status=403)
         else:
-            return Response("Old password fail", status=403)
+            return Response("Incorrect old password", status=403)
 
     # TODO: Faster failing option: try to first write to ldap, only then save the image files to disk?
     @action(methods=['post'])

fum/common/static/js/main.js

@@ -108,11 +108,11 @@ $(document).ready(function(){
 		$('#password-new, #password-new-again, #password-current').val('');
 		$('#password-status, #password-status-again').html('');
 		$('#password-new-again').change();
+        $('#wrong-password-alert').hide();
 	    });
 	/* validations */
 	$('#password-new').bind("change paste keyup", function() {
         if(!validatePasswordLength($(this).val())){
-            console.log("green");
             $('#password-length').show();
         }else{
             $('#password-length').hide();
@@ -127,7 +127,6 @@ $(document).ready(function(){
 
 	$('#password-new-again').bind("change paste keyup", function() {
 		if ($(this).val() === $('#password-new').val() && $(this).val().length > 0) {
-            console.log("jaahas");
 		    $('#passwords-matching').hide();
 		    if (validatePassword($('#password-new').val())) {
 			$('#password-change').removeClass('btn-warning').addClass('btn-success').removeAttr('disabled');
@@ -146,7 +145,10 @@ $(document).ready(function(){
 		if ($('#password-new').val() === $('#password-new-again').val() && validatePassword($('#password-new').val())) {
 		    $.post($(this).attr('data-url'), { 'password': $('#password-new').val(), 'old_password': $('#password-current').val() || "" })
 			.done(function() { $('#password-cancel').click(); })
-			.fail(function(data) { $('#wrong-password-alert').show(); });
+			.fail(function(data) {
+                $('#wrong-password-alert').html(data.responseText.replace(/\"/g, ""));
+                $('#wrong-password-alert').show();
+            });
 		} else {
 		    return;
 		}

fum/users/templates/users/users_detail.html

@@ -181,7 +181,7 @@ <h3>Change password{% if sudo %} (for user {{object.username}}) {% endif %}</h3>
     {% if sudo %}
         <a href="{% url "users-changepassword" object.username %}" id="sudo_change_password">SUDO: Change to a random password and send it via SMS</a>
     {% endif %}
-    <div id="wrong-password-alert" class="alert alert-danger" style="display:none;">Incorrect current password</div>
+    <div id="wrong-password-alert" class="alert alert-danger" style="display:none;"></div>
         <div id="password-length" class="alert alert-info">Password must be at least 10 characters long</div>
         <div id="password-character-groups" class="alert alert-info">Password must have characters from at least 3 character groups (a-z, A-Z, 0-9, special)</div>
         <div id="passwords-matching" class="alert alert-info" style="display:none;">Passwords don't match</div>