6 files changed, 88 insertions, 59 deletions

diff --git a/app.py b/app.py
index 43f6ef0..8eb8ece 100644
--- a/app.py
+++ b/app.py
@@ -9,7 +9,6 @@ import os
 from copy import deepcopy
 from flask import flash, Flask, g, redirect, request, session, url_for
 from utils import *
-from forms import RegisterForm, RegisterCompleteForm, LoginForm, SettingsForm
 
 
 app = Flask(__name__)
@@ -40,7 +39,7 @@ def index():
     form = LoginForm(request.form)
     if request.method == 'POST' and form.validate():
         if login_user(form.username.data, form.password.data):
-            flash(u'Erfolgreich eingeloggt (als %s)' % g.user.uid, 'success')
+            flash(u'Erfolgreich eingeloggt', 'success')
             return redirect(url_for('settings'))
         else:
             flash(u'Ungültiger Benutzername und/oder Passwort', 'error')
@@ -114,33 +113,41 @@ def settings():
     if request.method == 'POST' and form.validate():
         changed = False
 
-        if form.mail.data and form.mail.data != g.user.mail:
-            confirm_token = make_confirmation('change_mail', (g.user.uid, form.mail.data))
-            confirm_link = url_for('change_mail', token=confirm_token, _external=True)
+        if request.form.get('submit_main'):
+            if form.mail.data and form.mail.data != g.user.mail:
+                confirm_token = make_confirmation('change_mail', (g.user.uid, form.mail.data))
+                confirm_link = url_for('change_mail', token=confirm_token, _external=True)
 
-            body = render_template('mail/change_mail.txt', username=g.user.uid,
-                                   mail=form.mail.data, link=confirm_link)
+                body = render_template('mail/change_mail.txt', username=g.user.uid,
+                                       mail=form.mail.data, link=confirm_link)
 
-            send_mail(form.mail.data, u'E-Mail-Adresse bestätigen', body,
-                      sender=app.config.get('MAIL_CONFIRM_SENDER'))
+                send_mail(form.mail.data, u'E-Mail-Adresse bestätigen', body,
+                          sender=app.config.get('MAIL_CONFIRM_SENDER'))
 
-            flash(u'Es wurde eine E-Mail an die angegebene Adresse geschickt, '
-                  u'um diese zu überprüfen. Bitte folge den Anweisungen in der '
-                  u'E-Mail.')
-            changed = True
+                flash(u'Es wurde eine E-Mail an die angegebene Adresse geschickt, '
+                      u'um diese zu überprüfen. Bitte folge den Anweisungen in der '
+                      u'E-Mail.')
+                changed = True
 
-        if form.password.data:
-            g.user.change_password(form.password.data)
-            g.ldap.update(g.user)
-            session['password'] = encrypt_password(form.password.data)
+            if form.password.data:
+                g.user.change_password(form.password.data, session['password'])
+                session['password'] = encrypt_password(form.password.data)
 
-            flash(u'Passwort geändert', 'success')
-            changed = True
+                flash(u'Passwort geändert', 'success')
+                changed = True
 
-        if changed:
-            return redirect(url_for('settings'))
-        else:
-            flash(u'Nichts geändert')
+            for service in app.all_services:
+                field = form.get_servicepassword(service.id)
+                if field.data:
+                    changed = True
+                    g.user.change_password(field.data, session['password'], service.id)
+
+
+            if changed:
+                g.ldap.update(g.user)
+                return redirect(url_for('settings'))
+            else:
+                flash(u'Nichts geändert.')
 
 
     services = deepcopy(app.all_services)
@@ -178,16 +185,9 @@ def debug():
     raise Exception()
 
 
-if __name__ == '__main__':
-    app.run(debug=True)
-
+# we need the app to exist before initializing the forms
+from forms import RegisterForm, RegisterCompleteForm, LoginForm, SettingsForm
 
-# wir brauchen:
-#   registrieren
-#   login
-#     passwort ändern (master-passwort, einzelne)
-#     email ändern
 
-# später:
-#   account löschen
-#   openid-provider (ggf mehr Details: Realname, Zeitzone, ...)
+if __name__ == '__main__':
+    app.run(debug=True)
diff --git a/forms.py b/forms.py
index 22f77ea..c5728d5 100644
--- a/forms.py
+++ b/forms.py
@@ -1,13 +1,17 @@
 # -*- coding: utf-8 -*-
+from account import SERVICES
 from flask.ext.wtf import Form, validators, TextField, PasswordField
 from utils import _username_re
 
+
 username = TextField('Benutzername', [validators.Regexp(_username_re, message=u'Benutzername darf nur aus a-z bestehen (2-16 Zeichen)')])
 
+
 class RegisterForm(Form):
     username = username
     mail = TextField('E-Mail-Adresse', [validators.Email(), validators.Length(min=6, max=50)])
 
+
 class RegisterCompleteForm(Form):
     password = PasswordField('Passwort', [validators.Required(),
                                           validators.EqualTo('password_confirm', message=u'Passwörter stimmen nicht überein')])
@@ -20,8 +24,27 @@ class LoginForm(Form):
 
 
 class SettingsForm(Form):
-    old_password = PasswordField('Passwort', [validators.Required(u'Bitte gib dein (altes) Passwort an, um deine Daten zu ändern.')])
+    old_password = PasswordField('Bisheriges Passwort',
+                                 [validators.Required(u'Bitte gib dein (altes) Passwort an, um deine Daten zu ändern.')])
     password = PasswordField('Neues Passwort', [validators.Optional(),
                                                 validators.EqualTo('password_confirm', message=u'Passwörter stimmen nicht überein')])
     password_confirm = PasswordField(u'Passwort bestätigen')
     mail = TextField('E-Mail-Adresse', [validators.Optional(), validators.Email(), validators.Length(min=6, max=50)])
+
+
+    def get_servicepassword(self, service_id):
+        return getattr(self, 'password_%s' % service_id)
+    def get_servicepasswordconfirm(self, service_id):
+        return getattr(self, 'password_confirm_%s' % service_id)
+
+
+#TODO: find out how we can use app.all_services in that early state
+for service in SERVICES:
+    setattr(SettingsForm, 'password_%s' % service.id,
+            PasswordField(u'Passwort für %s' % service.name, [
+                validators.Optional(),
+                validators.EqualTo('password_confirm_%s' % service.id, message=u'Passwörter stimmen nicht überein'),
+            ]))
+    setattr(SettingsForm, 'password_confirm_%s' % service.id,
+            PasswordField(u'Passwort für %s (Bestätigung)' % service.name))
+
diff --git a/static/bootstrap-form.css b/static/bootstrap-form.css
index 8c84910..fb5d24b 100644
--- a/static/bootstrap-form.css
+++ b/static/bootstrap-form.css
@@ -13,7 +13,7 @@
 .form-horizontal .control-label,
 .form-horizontal label {
   float: left;
-  width: 10em;
+  width: 20em;
   text-align: right;
 }
 
@@ -42,13 +42,13 @@
 }
 .form-horizontal .control-label {
   float: left;
-  width: 10em;
+  width: 20em;
   text-align: right;
 }
 .form-horizontal .controls {
   *display: inline-block;
   *padding-left: 20px;
-  margin-left: 11em;
+  margin-left: 21em;
   *margin-left: 0;
 }
 .form-horizontal .controls:first-child {
@@ -63,5 +63,5 @@
   margin-top: 10px;
 }
 .form-horizontal .form-actions {
-  padding-left: 11em;
+  padding-left: 21em;
 }
diff --git a/static/layout.css b/static/layout.css
index ce5461a..bf7a28d 100644
--- a/static/layout.css
+++ b/static/layout.css
@@ -1,5 +1,9 @@
 form .errors {
     color: #D00;
+    margin: .2em 0 .5em;
+}
+form ul.errors {
+    padding-left: 1em;
 }
 
 ul.flashes {
diff --git a/templates/base.html b/templates/base.html
index c3ed80b..425ea34 100644
--- a/templates/base.html
+++ b/templates/base.html
@@ -15,15 +15,11 @@
 
     <h1 id="header"><img src="{{url_for('static', filename='logo.png')}}" alt="Spline" /></h1>
 
-    {% if title %}
-      <h2>{{ title }}</h2>
-    {% endif %}
-
     {%- if not no_login_message %}
     {%- if g.user %}
-    <p>Logged in as {{ g.user.uid }}. <a href="{{ url_for('logout') }}">Log out</a></p>
+    <p>Angemeldet als <strong>{{ g.user.uid }}</strong> | <a href="{{ url_for('logout') }}">Abmelden</a></p>
     {%- else %}
-    <p>Not logged in. <a href="{{ url_for('index') }}">Log in</a></p>
+    <p>Nicht angemeldet |  <a href="{{ url_for('index') }}">Login</a></p>
     {%- endif %}
     {%- endif %}
 
@@ -37,6 +33,10 @@
       {% endif %}
     {% endwith %}
 
+    {% if title %}
+      <h2>{{ title }}</h2>
+    {% endif %}
+
     {% block content %}{% endblock %}
   </body>
 </html>
diff --git a/templates/settings.html b/templates/settings.html
index 13d63f4..1d112d8 100644
--- a/templates/settings.html
+++ b/templates/settings.html
@@ -3,25 +3,27 @@
 {%- set title = 'Einstellungen' %}
 {%- block content %}
 <form action="{{ url_for('settings') }}" method="post" class="form-horizontal">
-  <h2>Globale Einstellungen ändern</h2>
   {{ render_field(form.old_password) }}
+  <h3>Globale Einstellungen ändern</h3>
   {{ render_field(form.mail) }}
   {{ render_field(form.password) }}
   {{ render_field(form.password_confirm) }}
   {{ form.csrf_token }}
-  <div class="form-actions"><input type="submit" value="Speichern" /></div>
+  <div class="form-actions"><input type="submit" value="Speichern" name="submit_main" /></div>
 
-  <h2>Dienste verwalten</h2>
-  <ul>
-    {%- for service, changed in services %}
-    <li>
-      <strong>{{ service }}</strong>
-      {%- if changed %}
-      ändern, löschen
-      {%- else %}
-      setzen
-      {%- endif %}
-    </li>
-    {%- endfor %}
+  <h3>Dienste verwalten</h3>
+  {%- for service in services %}
+  <h4>{{ service.name }}</h4>
+  {%- if service.changed %}
+  <p>Eigenes Passwort gesetzt</p>
+  <p>löschen, todo</p>
+  <p>Ändern:</p>
+  {%- else %}
+  <p>Kein eigenes Passwort gesetzt.</p>
+  <p>Eigenes Passwort setzen:</p>
+  {%- endif %}
+  {{ render_field(form.get_servicepassword(service.id)) }}
+  {{ render_field(form.get_servicepasswordconfirm(service.id)) }}
+  {%- endfor %}
 </form>
 {%- endblock %}